protected void btnSave_Click(object sender, EventArgs e) { if (lblProductID.Text != null || lblProductID.Text != string.Empty) { NORTHWNDEntities nwe = new NORTHWNDEntities(); int productID = int.Parse(lblProductID.Text); Product product_edited = nwe.Products.Where(p => p.ProductID == productID).SingleOrDefault(); product_edited.Description = System.Web.Security.AntiXss.AntiXssEncoder.HtmlEncode(tbxDescription.Text, false); nwe.SaveChanges(); } }
protected void btnSave_Click(object sender, EventArgs e) { if (lblProductID.Text != null || lblProductID.Text != string.Empty) { NORTHWNDEntities nwe = new NORTHWNDEntities(); int productID = int.Parse(lblProductID.Text); Product product_edited = nwe.Products.Where(p => p.ProductID == productID).SingleOrDefault(); product_edited.Description = System.Web.Security.AntiXss.AntiXssEncoder.HtmlEncode(tbxDescription.Text,false); nwe.SaveChanges(); } }
protected void Page_Load(object sender, EventArgs e) { if (Request.QueryString["p"] != null && !Page.IsPostBack) { int productId = int.Parse(Request.QueryString["p"]); NORTHWNDEntities nwe = new NORTHWNDEntities(); Product product = nwe.Products.Where(p => p.ProductID == productId).SingleOrDefault(); if (product != null) { lblProductID.Text = productId.ToString(); lblProductName.Text = product.ProductName; tbxDescription.Text = product.Description; } } }
protected void Page_Load(object sender, EventArgs e) { if (Request.QueryString["q"] != null) { var searchTerm = Request.QueryString["q"]; //searchTerm = searchTerm.ToLower().Replace("script", ""); //SearchTerm.Text = System.Web.Security.AntiXss.AntiXssEncoder.HtmlEncode(searchTerm, false); SearchTerm.Text = System.Web.Security.AntiXss.AntiXssEncoder.HtmlEncode(searchTerm, false); //SearchTerm.Text = searchTerm; NORTHWNDEntities nwe = new NORTHWNDEntities(); var products = nwe.Products.ToList(); SearchGrid.DataSource = products.Where(p => p.ProductName.IndexOf(searchTerm, StringComparison.OrdinalIgnoreCase) >= 0); SearchGrid.DataBind(); } Response.AppendHeader("X-XSS-Protection", "0"); }