Guest Book As promised, here's the final installment. You can find the download links for the final version of the code at the end of this article. Feel free to use this code and tweak it any way you wish. For demo purposes, the menu is on all the pages but you can easily factor this out into its own form. I would normally make this a separate control, but you will probably be integrating this application into your existing navigation anyway, so...

The membership system in ASP.NET 2.0 is pretty much plug-and-play right out of the box. When I worked with it first, I took some time to read up on the new membership controls before trying them out. For this particular topic, I cannot recommend the following two books highly enough:

Murach's ASP.NET 2.0 Upgrader's Guide (Lowe & Murach)
Pro ASP.NET 2.0 in C# 2005 (MacDonald & Szpuszta)

Just to recap, at this point you should have a working Guest Book application and database. The only thing left to do is to configure the membership system and add some administration forms to allow us to edit, update, delete and publish comments posted by users.

WSAT Tool

 

The next item on our list is to use the WSAT tool to add an admin user, create the admin role and add the new admin user to that role. By using a role, we can grant extra privileges to admin users in the future if needed. We can just do it once rather than having to grant them to each admin user individually. A picture is worth a thousand words, so please refer to the pics for guidance.

WSAT Tool

 

WSAT Tool

 

Access the WSAT by clicking on the icon at the top of Solution Explorer in VS 2008. Note that the administrator role is already set up in the config file and all you have to do is add the admin user to this role. I'm including a picture showing how to set up the access rule using the tool. The main problem people encounter here is the order of the entries in the authorization section of the config file. The administrator role is listed before 'users'. See the config file picture in part II of this series for clarification.

Admin Login

 

Guest Book Admin

 

We will add a new form called guestBookAdmin.aspx to the Admin folder which shows a list of the comments awaiting moderation in a GridView. Clicking on one of these brings up the commentDetails.aspx form. This is almost a replica of the addComment.aspx form which is populated with the data for this comment. The comment ID is passed to this new form when the 'select' link on the guestBookAdmin form is clicked. This is then used as a parameter to the stored procedure when fetching the data for this comment. Note also, that there is now a 'publish' check box. The administrator uses this to put a comment live after it has been edited and approved.

Edit Comment Details

 

Just a few words about the ObjectDataSource control here. This is an amazingly helpful control which we can use to create a declarative link between our front-end Web controls and our data access methods. Note that our data access class must have a default, parameterless constructor and none of the select or update methods can be static. This is just another reason why I prefer to inject a business layer between the front and back-ends. It gives us a nice comfort zone for future code customizations in the shape of new business rules and the like. Plus, we get to use a more friendly syntax. Ideally, each record should be a custom object but that's another story!! Bring on the new Entity Framework :-)

Be sure to check out the brand new security video tutorials from Scott Mitchell.

Download Code:

GuestBook.zip (99.61 kb)

GuestBook-DB.zip (1.01 kb)

 




Guest Book Solution You can also view part I of this article which describes the setting up of this application with Visual Studio 2008 and IIS 7, running on Vista. SQL Server 2005 was used as the database. I had originally blogged on this using VS 2005 but feedback indicated that quite a few people are now using VS 2008, so I upgraded it to VS 2008, which I am currently running on VMWare Workstation... the best $190 I ever spent. This is part II and the full code will be available for download in part III, real soon!

Speaking of feedback, I have been having problems with the comments system on this blog for some time now. So, pretty soon I am upgrading the blog engine and switching to a database version. The plan is to eventually make it a real "Community" site. Watch this space...

The Guest Book application is written in C# and is pretty straightforward. Here I will walk through the creation of the back-end which will allow the site administrator to moderate the comments posted to the guest book by site visitors.

First, we need to set up our membership system. The membership system is where most people seem to get stuck. There are several ways of achieving the same thing and I think that this is what causes much of the confusion. Typically, in an application such as this you would use a CAPTCHA control to combat the spammers, so we are not going to force users to register in order to sign the guest book. We will need an administration area for our admin forms, so we will create an "admin" role. The way I go about this is to create a new folder and call it Admin. Add a config file  to this new folder and set up the authorization rules as shown below.

Admin Web.config

 

Now, we're going to cheat a little. I'm going to do the TV chef and slip in a little something I pre-prepared earlier in the kitchen (actually gleaned from several of Scott Guthrie's blog postings). I always keep a sample Web.config file handy that I know is set up correctly for a basic membership system. I start this way rather than jumping in right off with the WSAT wizard because I want to have one single database for both my application and membership data. Tidier. So, I manually set up the database connection in the project Web.config file, along with entries for the membership and authentication sections. See the snippets below, and don't forget to include the roleManager tag!

Project Web.config

 

Now that the membership database connection is configured the way we want it, we can run the aspnet_regsql tool from the command line. This will create the actual membership database objects for us as part of our Guests database. Just navigate from the start menu to SQL Server Management Studio and locate the command line tool under the Configuration Tools folder. Simply enter aspnet_regsql at the prompt and you will be presented with the SQL Server Setup Wizard. Here are some screenshots showing the correct selections to make:

SQL Server Setup Wizard

 

SQL Server Setup Wizard

 

SQL Server Setup Wizard

 

If you go to SSMS and refresh the database, you should now be able to expand the tables icon, and you will see that the wizard had created everything we need for our membership system. At this stage, you are ready to run the WSAT tool and start setting up the admin role and adding the admin user. I will outline this process in the final installment, as well as the creation of our administration forms. Stay tuned!

Membership Database Objects

 

 



Events and Delegates - Part II

by agrace 8. September 2007 09:24

Hungry Geek You can read part one of this topic here. This part presents a simple example of how to publish and subscribe to an event that does not send data. Note that events such as button clicks, that generate no data can avail of the EventHandler delegate provided in the class library.

Publish an Event - Five Steps:

* Define type inherited from EventArgs to contain any event-related data. If there is no data, use pre-defined EventArgs type

* Define delegate that specifies prototype of event handler. If the events generates no data, use pre-defined EventHandler delegate

* Define an event based on the delegate type

* Define a protected, virtual method to raise the event

* When the event occurs, call the protected, virtual method above

class ButtonPublisher
{
     public delegate void EventHandler(object sender, EventArgs e);
     public event EventHandler Click;

     // Each class that publishes an event provides a
     // protected, virtual method to raise that event.
     // The "On" name prefix makes this easy to spot.
     protected void OnClick()
     {
         // Check for subscibers
         if (Click != null)
             // Notify them
             Click(this, null);
     }

     // Raise the event
     public void PerformClick()
     {
         OnClick();
     }
}

 

Subscribe to an Event - Three Steps:

* Implement an event handler with same signature specified by the event's delegate object

* Create a delegate object specified for the event. This delegate refers to the event handler method (see below)

this.Click += new EventHandler(ButtonClick_Handler);

 

* Subscribe to event by attaching event handler to the event (see above). Use the += operator so as not to cancel any previously registered delegates

class Subscriber
 {
     static void Main(string[] args)
     {
         ButtonPublisher button = new ButtonPublisher();
         // Create new delegate object and subscribe to event
         button.Click += new ButtonPublisher.EventHandler(ButtonClick_Handler);
         button.PerformClick();
     }

     static public void ButtonClick_Handler(object sender, EventArgs e)
     {
         Console.WriteLine("Button Clicked");

         // Keep console window open long enough to read!
         System.Threading.Thread.Sleep(10000);
     }
 }

 

Happy coding!

Tags: ,

ASP.NET | C#