Visual Basic Guestbook – Part 3

In this last section of the Visual Basic Guestbook code, we’ll explore how to delete entries from the database in the simplest way possible. We’re going to add a section to our view page that we can use to delete the entries.

Now what you’ll find in a lot of guestbooks is a button on each entry that you can select that will delete the entry. I haven’t learnt how to do that yet, so we’ll be using a textbox control and a button. You’ll need to enter the PostID of the entry you want to delete and click the button. So lets get started.

The first thing we want to do is secure the delete function so that not just anyone can remove entries. To do this, we’re going to add a password to the event handler that the user will have to enter before (s)he can see the delete dialog:

NOTE: As opposed to using normal hyperlinks to the DataRepeater on the view page, add buttons for these functions just before the DataRepeater. This will make it easier to get the event handlers organised.

On your page, add the following controls:

txtAdminPass = TextBox
btnVerify = Button
lblStatus = Label
txtEntry = TextBox
btnDelEntry = Button

Add a Page_Load event handler and set the visibility of these controls to false. After you’ve done that, add the following to the click event handler for the delete button:

txtAdminPass.Visible = True
btnVerify.Visible = True

After that, add an event handler for btnVerify:

If  txtAdminPass.Text = “enter_your_password_here” Then
    lblStatus.Visible = True
    lblStatus.Text = “Access granted.”
    lblStatus.Forecolor = Drawing.Color.Green
    txtEntry.Visible = True
    btnDelEntry.Visible = True
Else
    lblStatus.Visible = True
    lblStatus.Text = “Access denied”
    lblStatus.Forecolor = Drawing.Color.Red
End If

This just displays the controls that we’ll use to delete the entry from the database. Now we have to actually delete the entry:

This code goes into the click event handler for btnDelEntry:

Dim con As New SqlConnection(Data Source=.\SQLEXPRESS;” & _
                                                                 “Initial Catalog=Guestbook;” & _
                                                                 “Integrated Security=True;”)

Dim sql As String = “DELETE FROM UserPosts WHERE [PostID] = @Post”

Dim command As New SqlCommand(sql, con)

Dim i As Integer

If Integer.TryParse(txtEntry.Text, i) Then
    con.Open()
    command.Parameters.AddWithValue(“@Post”, Convert.ToInt32(txtEntry.Text))
    command.ExecuteNonQuery()
    con.Close()

    Response.Redirect(“../Default.aspx”)
Else
    lblStatus.Text = “Please enter a numeric value.”
    lblStatus.ForeColor = Drawing.Color.Red
End If

That’s it. Basically all we’re doing here is initially (in the Page_Load) event handler, we’re making sure that the controls meant for deleting entries are hidden. We’re displaying the user verification controls (txtAdminPass, btnVerify) when the user clicks on the delete entry button that’s next to the sign guestbook button. We’re checking user input in the textbox against a value that’s defined in the code. If the user input matches, we’ll display the next set of controls, otherwise, we inform the user that the password entered was incorrect.

To delete the entries, we create the connection, sql command and sql parameter. We’re also creating an integer. The reason we create the integer is so that we can make sure that what the user entered into the txtEntry textbox is an integer. If it is, we delete the entry, if not, we inform the user that only a numeric value can be used.

You’ll notice the difference in the sql parameter to the ones we created in Part 2. This difference basically makes sure that the data entered into the textbox (which is, by default, of the data type string) in converted to an integer.

I’d like to thank you for your time, and for reading my blog. If you’ve got any questions, ask them in comments. Alternatively, head off to http://code.msdn.microsoft.com/netguest and download the application. It installs itself, is lightweight and easy to use.

PLEASE NOTE: If you decide to use my guestbook, but don’t have sa access to the SQL Server on the server that your websie’s hosted on, go into the Default.aspx code file in the root directory of the guestbook and change the uid and pwd parts of the connection string on that page and enter your access details for SQL Server (probably the same username and password you access your website’s control panel with).

-L

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s