Hello ASPeepsSequel to my first question I used the QueryString Value for my Select Parameters However the previous page encrypted the values and i cannot use them in my query as followsAboutid43u75sDXlT1zmC4ieZCJiNr2Ck69Up2S0DSDE0GhqQU3dampRetainCodeD2f7JpmGuVCNWzM3fY4gCug3d3dltaspSqlDataSource ID34SqlDataSource134 runat34server34 ConnectionString34lt ConnectionStringsDefaultConnection gt34 SelectCommand34SELECT cDate Date Time consultID

Hi OpeyemiOgI have created sample which fullfill requirementFirstPage HTMLltform id34form134 runat34server34gtltdivgt ltaspGridView ID34gvCustomers34 DataSourceID34gridDatasource34 AutoGenerateColumns34false34 runat34server34gt ltColumnsgt ltaspTemplateField HeaderText34CustomerId34gt ltItemTemplategt ltaspLabel ID34lblCustomer34 Text39ltEval34CustomerId34gt39 runat34server34 gt ltItemTemplategt ltaspTemplateFieldgt ltaspBoundField DataField34Name34 HeaderText34Name34 gt ltaspBoundField DataField34Country34 HeaderText34Country34 gt ltaspTemplateFieldgt ltItemTemplategt ltaspLinkButton ID34LinkButton134 Text34View34 OnClick34Sent34

Pass encrypt querystring value to sqlDataSource SelectCommand in ASP.Net

OpeyemiO...

SOLVED CLOSED ACTIVE ANSWERED
User: OpeyemiOg
Posted: on Sep 01, 2016 01:52 AM
Forum: Data Controls
Answer: 1
Views: 6279
Sample Code: Download

Hello ASPeeps,

Sequel to my first question. I used the QueryString Value for my Select Parameters. However the previous page encrypted the values and i cannot use them in my query as follows

About?id=43u75sDXlT1zmC4ieZCJiNr2Ck69Up2S0DSDE0GhqQU%3d&RetainCode=D%2f7JpmGuVCNWzM3fY4gCug%3d%3d

<asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:DefaultConnection %>" SelectCommand="SELECT [cDate], [Date], [Time], [consultID], [Fullname], [policyType], [empNo], [complaints], [investigate], [result], [diagnosis], [treatPlan], [treatedBy], [retainName], [AmountBilled], [AmountPaid]  FROM [qryhConsultingDiagnosisHMO] WITH (NOLOCK) WHERE ([RetainCode] = @RetainCode) AND ([cDate] &gt; DATEADD(year, -1, GETDATE())) ORDER BY [cDate]DESC, [cTime]DESC, [Fullname]" FilterExpression="cDate >= '#{0}#' AND cDate <= '#{1}#'">
        <SelectParameters>
            <asp:QueryStringParameter DefaultValue="#" Name="RetainCode" QueryStringField="RetainCode" Type="String" />
        </SelectParameters>

So i was wondering if there was a way to use the variable created after decrypting in the SqlDataSource Select Command. And how to do it?

Download FREE API for Word, Excel and PDF in ASP.Net

Indresh

0 2

Reply
ANSWER
User: Indresh
Replied: on Sep 01, 2016 03:42 AM
Modified: on Sep 01, 2016 05:33 AM
Report

Hi OpeyemiOg,

I have created sample which fullfill requirement.

FirstPage: HTML

<form id="form1" runat="server">
<div>
    <asp:GridView ID="gvCustomers" DataSourceID="gridDatasource" AutoGenerateColumns="false"
        runat="server">
        <Columns>
            <asp:TemplateField HeaderText="CustomerId">
                <ItemTemplate>
                    <asp:Label ID="lblCustomer" Text='<%#Eval("CustomerId")%>' runat="server" />
                </ItemTemplate>
            </asp:TemplateField>
            <asp:BoundField DataField="Name" HeaderText="Name" />
            <asp:BoundField DataField="Country" HeaderText="Country" />
            <asp:TemplateField>
                <ItemTemplate>
                    <asp:LinkButton ID="LinkButton1" Text="View" OnClick="Sent" runat="server" />
                </ItemTemplate>
            </asp:TemplateField>
        </Columns>
    </asp:GridView>
    <asp:SqlDataSource ID="gridDatasource" runat="server" ConnectionString="<%$ConnectionStrings:constring %>"
        SelectCommand="SELECT *  FROM Customers"></asp:SqlDataSource>
</div>
</form>

FirstPage: C#

private string Constr = ConfigurationManager.ConnectionStrings["Constring"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
    if (!this.IsPostBack)
    {

    }
}

protected void Sent(object sender, EventArgs e)
{
    GridViewRow row = (sender as LinkButton).NamingContainer as GridViewRow;
    string customerId = Convert.ToString((row.FindControl("lblCustomer") as Label).Text);
    string cId = HttpUtility.UrlEncode(Encrypt(customerId));
    Response.Redirect(string.Format("~/Default2.aspx?cId={0}", cId));
}

private string Encrypt(string clearText)
{
    string EncryptionKey = "MAKV2SPBNI99212";
    byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
            {
                cs.Write(clearBytes, 0, clearBytes.Length);
                cs.Close();
            }
            clearText = Convert.ToBase64String(ms.ToArray());
        }
    }
    return clearText;
}

SecondPage HTML

<form id="form1" runat="server">
<div>
    <asp:Label ID="lblCustomerId" Visible="false" runat="server" />
    <asp:DataList ID="dlcustomers" runat="server" DataSourceID="gridDatasource">
        <HeaderTemplate>
            <table>
        </HeaderTemplate>
        <ItemTemplate>
            <tr>
                <td>
                    <%#Eval("CustomerId") %>
                </td>
                <br />
                <td>
                    <%#Eval("Name") %>
                </td>
                <br />
                <td>
                    <%#Eval("Country")%>
                </td>
            </tr>
        </ItemTemplate>
        <FooterTemplate>
            </table>
        </FooterTemplate>
    </asp:DataList>
    <asp:SqlDataSource ID="gridDatasource" runat="server" ConnectionString="<%$ConnectionStrings:constring %>"
        SelectCommand="SELECT *  FROM Customers" FilterExpression="CustomerId={0}">
        <FilterParameters>
            <asp:ControlParameter Name="CustomerId" ControlID="lblCustomerId" PropertyName="Text" />
        </FilterParameters>
    </asp:SqlDataSource>
</div>
</form>

Second Page:C#

protected void Page_Load(object sender, EventArgs e)
    {
        if (!this.IsPostBack)
        {
            lblCustomerId.Text = Decrypt(HttpUtility.UrlDecode(Request.QueryString["cId"]));

        }
    }

    private string Decrypt(string cipherText)
    {
        string EncryptionKey = "MAKV2SPBNI99212";
        cipherText = cipherText.Replace(" ", "+");
        byte[] cipherBytes = Convert.FromBase64String(cipherText);
        using (Aes encryptor = Aes.Create())
        {
            Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
            encryptor.Key = pdb.GetBytes(32);
            encryptor.IV = pdb.GetBytes(16);
            using (MemoryStream ms = new MemoryStream())
            {
                using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
                {
                    cs.Write(cipherBytes, 0, cipherBytes.Length);
                    cs.Close();
                }
                cipherText = Encoding.Unicode.GetString(ms.ToArray());
            }
        }
        return cipherText;
    }

Screenshot

I agree, here is the link: https://www.e-iceblue.com/Introduce/spire-office-for-net-free.html

Pass encrypt querystring value to sqlDataSource SelectCommand in ASP.Net

Company

Explore

Follow us

Contact Us