0

I am trying to call a function from a button onclick event but it is not executing the function. Below is the code:

<script runat="server">

    protected void RegistrationButton_Click(object sender, EventArgs e)
    {
        TextBox un = Post0.FindControl("aspxTextBox_UserName") as TextBox;
        TextBox pwd = Post0.FindControl("aspxTextBox_Password") as TextBox;
        TextBox cpwd = Post0.FindControl("aspxTextBox_ConfirmPassword") as TextBox;
        TextBox txtE = Post0.FindControl("aspxTextBox_Email") as TextBox;
        TextBox SQ = Post0.FindControl("aspxTextBox_SecurityQ") as TextBox;
        TextBox SA = Post0.FindControl("aspxTextBox_SecurityA") as TextBox;

        if (pwd == cpwd)
        {
            System.Data.SqlClient.SqlConnection sqlConnection1 = new System.Data.SqlClient.SqlConnection("ConString_Online_EMS_AFRICA_db");

            System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand();
            cmd.CommandType = System.Data.CommandType.Text;
            cmd.CommandText = "INSERT INTO EMSPWD (Username, Password, Email, SecurityQ, SecurityA) VALUES (" + un + ", " + pwd + ", " + txtE + ", " + SQ + ", " + SA + " )";
            cmd.Connection = sqlConnection1;

            sqlConnection1.Open();
            cmd.ExecuteNonQuery();
            sqlConnection1.Close();

            Response.Redirect("02_Registration.aspx");
        }
        else
        {
            Console.WriteLine("Passwords don't Match");
        }
    }
</script>

<asp:Button ID="RegistrationButton_Click" runat="server" CssClass="emsafrica-button" Text="Click to Create User Account" ValidationGroup="Login1" onclick="RegistrationButton_Click" TabIndex="7"/>
Improve this question
5
  • 5
    Your passwords are clear text and you're not using parameters to the SQL statement. Yikes. Commented Jun 6, 2013 at 17:28
  • Is that C# code inside your script tags? Commented Jun 6, 2013 at 17:30
  • Please also post the .aspx code where you declare the button. Commented Jun 6, 2013 at 17:31
  • @juan.facorro, he has it at the very bottom. Commented Jun 6, 2013 at 17:36
  • If the event is not being triggered onclick of the button, it could be that you have clientside validators stopping the form from submitting. Just a guess, I just noticed ValidationGroup="Login1" on your <asp:button>. Commented Jun 6, 2013 at 17:48

2 Answers 2

Reset to default
4

I would start by putting your code in the code behind instead of embedding it in the page. If you do embed it in the page then I think you need to specify the language as C#.

In addition to that, your code doesn't look like it will work, and if you modify it so it will, you will be open to a SQL Injection attack. I recommend the following steps:

  1. Move your click event to the code behind
  2. Read up on Parameterized Queries

Your method for accessing the textbox seems unnecessarily complex as well. Is there a reason you are using FindControl instead of just using the control's name?

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

Why invent login and signup code when Visual Studio and C# provide extremely good out of the box templates in WebForms and MVC that have a complete user registration system built in.

Have a look at the templates when creating a new VS project (my example is from VS2012) and select

"Visual C# -> Web-> ASP.NET Web Forms Application"

OR

"Visual C# -> Web -> ASP.NET MVC 4 Web Application -> Internet Application"

These will give you significantly stronger starting points, remove the amount of code you need to write for yourself, and be significantly less prone to SQL injection attacks.

Improve this answer

1 Comment

Good call. He can also get a lot of prebuilt stuff after the fact by looking at the LoginControl ans asp.net membership. This is one of the times that you WANT to use the prebuilt Microsoft stuff because it will prevent a lot of security vulnerabilities.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.