Click here to Skip to main content
15,793,452 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more: , +
My signUp button event is

C#
protected void signup_Click(object sender, EventArgs e)
    {
        string con = ConfigurationManager.ConnectionStrings["connection"].ConnectionString;
        SqlConnection conn = new SqlConnection(con);
        conn.Open();
       if (selectques.SelectedItem.Text == "Write your own question?")
        {
            SqlCommand cmd = new SqlCommand("insert into registration values('" + username.Text + "','" + passwrd.Text + "','" + emailadd.Text + "','" + alterquestion.Text + "','" + securityanswer.Text + "')", conn);
            cmd.ExecuteNonQuery();
            conn.Close();
        }
        else
        {
            SqlCommand cmd = new SqlCommand("insert into registration values('" + username.Text + "','" + passwrd.Text + "','" + emailadd.Text + "','" + selectques.Text + "','" + securityanswer.Text + "')", conn);
            cmd.ExecuteNonQuery();
            conn.Close();
        }


After registering successfully how can I show a message of Successful Registered and redirect him to login page. I want to show the message through Popup window or messagebox.
Posted
Updated 5-Nov-11 9:52am
v2

Agree with Mark. Prevent the SQL injection attacks. Check these

SQL injection
SQL Injection Attacks and Some Tips on How to Prevent Them[^]
SQL injection attacks[^]
SQL Injection Knowhow[^]
SQL Injection and Cross-Site Scripting[^]

For redirection & messagebox, see this
C#
ClientScript.RegisterStartupScript(Page.GetType(), "Message", "alert('Successful Registered');window.location='login.aspx';", true);

If AJAX used in page,
C#
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "Message", "alert('Successful Registered');window.location='login.aspx';", true);
 
Share this answer
 
v3
Comments
Ajvirk 6-Nov-11 9:23am    
Where I've to put the first code?
thatraja 6-Nov-11 9:28am    
End of the signup_Click event. But you need to handle the exceptions, so include the Try-Catch-Finally in your code
Ajvirk 6-Nov-11 9:47am    
Have I to do anything else for run RegisterStartupScript.
thatraja 6-Nov-11 9:48am    
No. Run the code
Ajvirk 7-Nov-11 8:33am    
I'm getting Error :The best overloaded method match for 'System.Web.UI.ClientScriptManager.RegisterStartupScript(System.Type, string, string, bool)' has some invalid arguments

Error Argument '1': cannot convert from 'System.Web.UI.Page' to 'System.Type'
First and formost NEVER accept unvalidated user input and use it in a SQL statement. EVER. You are opening yourself for SQL injection attacks. Your application is extremely unsecure. You should be using stored procedures or at the very least parameterized queries.

If you want to send the user to another page use Response.Redirect or Server.Transfer. To display a message first you can insert JavaScript with Page.RegisterClientScriptBlock. All of these methods are well documented.
 
Share this answer
 
Comments
Ajvirk 5-Nov-11 22:46pm    
What is the way to secure myself from SQL injection. I don't know please show me a demonstration of above code to save me from this attack. Thank you very much for your great advice.
[no name] 5-Nov-11 22:51pm    
Try www.Google.com
Ajvirk 5-Nov-11 23:10pm    
But I didn't find the way to show Popup message how to do that? I'm new to this field and the codes are very complicated with examples.
Alert.show("Successfully Logout");

Try This..........
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900