kwilliams Posted June 10, 2008 Share Posted June 10, 2008 I have an ASP.NET (2.0) input form that submits user data to a DB table using a stored procedure only after the ASP.NET validations have been met. Once the page is valid, the form disappears to the user, and they instead see a confirmation message.It works great, except for if I then push the refresh button on that same page. If I do that, the stored procedure is run again, and the data is re-submitted to the DB table.I know that I'm missing a simple step in this, but I'm not sure how to proceed. I've included all of the related code below. Any and all help would be appreciated.feedback.aspx.vb: Imports System.Data.SqlClientPartial Class forms_feedback Inherits System.Web.UI.Page Private ds As New DataSet() Private conn As SqlConnection Private cmd As New SqlCommand() Sub SubmitBtn_Click(ByVal Sender As Object, ByVal E As EventArgs) 'Declare form variables Dim category_form As String = selectCategory.SelectedItem.Value Dim address_form As String = txtAddress.Text Dim fullname_form As String = txtFullName.Text Dim city_form As String = txtCity.Text Dim state_form As String = selectState.SelectedItem.Value Dim zipcode_form As String = txtZipCode.Text Dim email_form As String = txtEmailAddress.Text Dim phone_form As String = txtPhone.Text Dim comments_form As String = txtComments.Text 'Assign date variables Dim dtCurrDate As DateTime = DateTime.Now 'Assign current date Dim strDateTimeISO As String = dtCurrDate.ToString("s") 'ISO format hfDateTime.Value = strDateTimeISO Session("SubmitTime") = dtCurrDate.ToString("t") 'Assign server variables hfRemoteAddr.Value = Request.ServerVariables("REMOTE_ADDR") hfRemoteHost.Value = Request.ServerVariables("REMOTE_HOST") If Page.IsValid Then 'Display confirmation message lblOutput.Text = "Thank you for completing the Feedback Form. If contact was requested, you should be contacted by someone within 1-3 days during normal business hours." 'Insert into database conn = New SqlConnection("server=SERVERNAME;database=DBNAME;uid=USERNAME;pwd=PASSWORD") cmd = New SqlCommand("spFeedback", conn) cmd.CommandType = CommandType.StoredProcedure 'Assign form paramaters cmd.Parameters.Add("@category_id", SqlDbType.VarChar, 16).Value = category_form cmd.Parameters.Add("@fullname", SqlDbType.VarChar, 50).Value = fullname_form cmd.Parameters.Add("@address", SqlDbType.VarChar, 50).Value = address_form cmd.Parameters.Add("@city", SqlDbType.VarChar, 50).Value = city_form cmd.Parameters.Add("@state", SqlDbType.VarChar, 2).Value = state_form cmd.Parameters.Add("@zipcode", SqlDbType.VarChar, 10).Value = zipcode_form cmd.Parameters.Add("@email", SqlDbType.VarChar, 75).Value = email_form cmd.Parameters.Add("@phone", SqlDbType.VarChar, 20).Value = phone_form cmd.Parameters.Add("@comments", SqlDbType.VarChar, 1000).Value = comments_form cmd.Parameters.Add("@remoteaddr", SqlDbType.VarChar, 20).Value = hfRemoteAddr.Value cmd.Parameters.Add("@remotehost", SqlDbType.VarChar, 20).Value = hfRemoteHost.Value cmd.Parameters.Add("@datetime", SqlDbType.VarChar, 50).Value = hfDateTime.Value conn.Open() cmd.ExecuteNonQuery() conn.Close() End If End SubEnd Class feedback.aspx: <%@ Page Language="VB" MasterPageFile="~/MasterPage.master" CodeFile="feedback.aspx.vb" Inherits="forms_feedback" AutoEventWireup="true" title="Feedback Form" %><asp:content id="Content1" contentplaceholderid="ContentPlaceHolder1" runat="server"> <asp:label id="lblOutput" runat="server" /><br /> <% If Not Page.IsPostBack Then %> <form name="formFeedback" action="" method="post" runat="server"> <asp:ValidationSummary ID="valSummary" runat="server" HeaderText="You must fix the following form entries:" Font-Names="verdana" Font-Size="10pt" Font-Bold="True" /> <br /> <table class="tableborder_black" width="98%" id="Feedback Form"> <tbody> <tr class="tablecell_black"> <th scope="col" colspan="2">Feedback Form</th> </tr> <tr> <td class="tablecell1" align="right" valign="top">Category</td> <td class="tablecell3"> <asp:DropDownList id="selectCategory" runat="server"> <asp:ListItem Value="general" Text="General" Selected="True" /> <asp:ListItem Value="cat1" Text="Category 1" /> <asp:ListItem Value="cat2" Text="Category 2" /> <asp:ListItem Value="cat3" Text="Category 3" /> </asp:DropDownList> </td> </tr> <tr> <td class="tablecell1" align="right" valign="top" style="height: 26px">Full Name</td> <td class="tablecell3" style="height: 26px"> <asp:Textbox id="txtFullName" columns="20" runat="server" /> <asp:RegularExpressionValidator ID="RegularExpressionValidator1" runat="server" ErrorMessage="Allowed characters: A-Z, a-z, and dashes (-)." ValidationExpression="^[a-zA-Z-]{0,50}$" ControlToValidate="txtFullName"></asp:RegularExpressionValidator> </td> </tr> <tr> <td class="tablecell1" align="right" valign="top">Address</td> <td class="tablecell3"><asp:Textbox id="txtAddress" columns="20" runat="server" /> <asp:RegularExpressionValidator ID="RegularExpressionValidator2" runat="server" ControlToValidate="txtAddress" ErrorMessage="Allowed characters: 0-9, A-Z, a-z, dashes (-), periods (.), and number signs (#)." ValidationExpression="^[a-zA-Z0-9 \.#-/]{0,50}$"></asp:RegularExpressionValidator> </td> </tr> <tr> <td class="tablecell1" align="right" valign="top">City</td> <td class="tablecell3"><asp:Textbox id="txtCity" columns="20" runat="server" /> <asp:RegularExpressionValidator ID="RegularExpressionValidator3" runat="server" ControlToValidate="txtCity" ErrorMessage="Allowed characters: A-Z, a-z, dashes (-), and periods (.)." ValidationExpression="^[a-zA-Z \.-]{0,50}$"></asp:RegularExpressionValidator> </td> </tr> <tr> <td class="tablecell1" align="right" valign="top">State</td> <td class="tablecell3"> <!--<asp:DropDownList id="stateoption" runat="server" /> <br />--> <asp:DropDownList id="selectState" runat="server"> <asp:ListItem Value="" Text="- Select -" Selected="true" /> <asp:ListItem Value="AK" Text="Arkansas" /> <asp:ListItem Value="AL" Text="Alabama" /> <asp:ListItem Value="AR" Text="Arkansas" /> <asp:ListItem Value="AZ" Text="Arizona" /> <asp:ListItem Value="CA" Text="California" /> <asp:ListItem Value="CO" Text="Colorado" /> <asp:ListItem Value="CT" Text="Connecticut" /> <asp:ListItem Value="DE" Text="Deleware" /> <asp:ListItem Value="FL" Text="Florida" /> <asp:ListItem Value="GA" Text="Georgia" /> <asp:ListItem Value="HI" Text="Hawaii" /> <asp:ListItem Value="IA" Text="Iowa" /> <asp:ListItem Value="ID" Text="Idaho" /> <asp:ListItem Value="IL" Text="Illinois" /> <asp:ListItem Value="IN" Text="Indiana" /> <asp:ListItem Value="KS" Text="Kansas" /> <asp:ListItem Value="KY" Text="Kentucky" /> <asp:ListItem Value="LA" Text="Louisiana" /> <asp:ListItem Value="MA" Text="Massachusetts" /> <asp:ListItem Value="MD" Text="Maryland" /> <asp:ListItem Value="ME" Text="Maine" /> <asp:ListItem Value="MI" Text="Michigan" /> <asp:ListItem Value="MN" Text="Minnesota" /> <asp:ListItem Value="MO" Text="Missouri" /> <asp:ListItem Value="MS" Text="Mississippi" /> <asp:ListItem Value="MT" Text="Montana" /> <asp:ListItem Value="NC" Text="North Carolina" /> <asp:ListItem Value="ND" Text="North Dakota" /> <asp:ListItem Value="NE" Text="Nebraska" /> <asp:ListItem Value="NH" Text="New Hampshire" /> <asp:ListItem Value="NJ" Text="New Jersey" /> <asp:ListItem Value="NM" Text="New Mexico" /> <asp:ListItem Value="NV" Text="Nevada" /> <asp:ListItem Value="NY" Text="New York" /> <asp:ListItem Value="OH" Text="Ohio" /> <asp:ListItem Value="OK" Text="Oklahoma" /> <asp:ListItem Value="OR" Text="Oregon" /> <asp:ListItem Value="PA" Text="Pennsylvania" /> <asp:ListItem Value="RI" Text="Rhode Island" /> <asp:ListItem Value="SC" Text="South Carolina" /> <asp:ListItem Value="SD" Text="South Dakota" /> <asp:ListItem Value="TN" Text="Tennessee" /> <asp:ListItem Value="TX" Text="Texas" /> <asp:ListItem Value="UT" Text="Utah" /> <asp:ListItem Value="VA" Text="Virginia" /> <asp:ListItem Value="VT" Text="Vermont" /> <asp:ListItem Value="WA" Text="Washington" /> <asp:ListItem Value="DC" Text="Washington D.C." /> <asp:ListItem Value="WI" Text="Wisconsin" /> <asp:ListItem Value="WV" Text="West Virginia" /> <asp:ListItem Value="WY" Text="Wyoming" /> <asp:ListItem Value="OT" Text="Other (specify in comments)" /> </asp:DropDownList> <asp:RequiredFieldValidator ID="RequiredFieldValidator2" ControlToValidate="selectState" runat="server" ErrorMessage="Must select a state."></asp:RequiredFieldValidator> </td> </tr> <tr> <td class="tablecell1" align="right" valign="top" style="height: 26px">Zip Code</td> <td class="tablecell3" style="height: 26px"><asp:Textbox id="txtZipCode" columns="20" runat="server" /> <asp:RegularExpressionValidator ID="RegularExpressionValidator4" runat="server" ControlToValidate="txtZipCode" ErrorMessage="Zip code must be valid (Format: xxxxx or xxxxx-xxxx)." ValidationExpression="\d{5}(-\d{4})?"></asp:RegularExpressionValidator> </td> </tr> <tr> <td class="tablecell1" align="right" valign="top">Email Address</td> <td class="tablecell3"><asp:Textbox id="txtEmailAddress" columns="20" runat="server" /> <asp:RegularExpressionValidator ID="RegularExpressionValidator5" runat="server" ControlToValidate="txtEmailAddress" ErrorMessage="Email must be valid (Format: you@domain.com)." ValidationExpression="\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*"></asp:RegularExpressionValidator> </td> </tr> <tr> <td class="tablecell1" align="right" valign="top">Phone</td> <td class="tablecell3"><asp:Textbox id="txtPhone" columns="20" runat="server" /> <asp:RegularExpressionValidator ID="RegularExpressionValidator7" runat="server" ControlToValidate="txtPhone" ErrorMessage="Phone number must be valid (Format: xxx-xxx-xxxx)." ValidationExpression="((\(\d{3}\) ?)|(\d{3}-))?\d{3}-\d{4}"></asp:RegularExpressionValidator> </td> </tr> <tr> <td class="tablecell1" align="right" valign="top" style="height: 50px">Comments</td> <td class="tablecell3" style="height: 50px"> <asp:TextBox ID="txtComments" Columns="40" Rows="4" runat="server" Height="60px" TextMode="MultiLine"></asp:TextBox> <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" ControlToValidate="txtComments" ErrorMessage="Must enter comments to complete this form." Display="Dynamic"></asp:RequiredFieldValidator> <asp:RegularExpressionValidator ID="RegularExpressionValidator8" runat="server" ControlToValidate="txtComments" ErrorMessage="Must enter between 5 and 1000 characters." ValidationExpression="^[a-zA-Z-0-9]{5,1000}$" Display="Dynamic"></asp:RegularExpressionValidator> </td> </tr> <tr class="tablecell_black"> <td scope="col" colspan="2" align="center"> <asp:HiddenField ID="hfRemoteAddr" runat="server" /> <asp:HiddenField ID="hfRemoteHost" runat="server" /> <asp:HiddenField ID="hfDateTime" runat="server" /> <input id="btnReset" type="Reset" runat="server"> <asp:Button ID="btnSubmit" Text="Submit" OnClick="SubmitBtn_Click" runat="server" /> </td> </tr> </tbody> </table> </form> <% End If %> </asp:content> Link to comment Share on other sites More sharing options...
jesh Posted June 10, 2008 Share Posted June 10, 2008 One solution is to handle all of the Postback (validate request, update database, etc.) and then, when everything looks right, Response.Redirect the user to a separate confirmation page. Link to comment Share on other sites More sharing options...
kwilliams Posted June 10, 2008 Author Share Posted June 10, 2008 One solution is to handle all of the Postback (validate request, update database, etc.) and then, when everything looks right, Response.Redirect the user to a separate confirmation page.I was originally doing that exact solution, but I really want to learn how to handle all of these tasks on one page. Any suggestion on how to do that? Link to comment Share on other sites More sharing options...
jesh Posted June 11, 2008 Share Posted June 11, 2008 Well, you can't stop people from refreshing their browsers. Another solution would be to assign a unique id (GUIDs work, but you can come up with your own solution) to the page on post back and store that id somewhere - cookie, session, database, application cache, viewstate, etc.Additionally, on post back, check for the presence of that unique id. If it is there, don't accept the post back (it would mean that the page had been posted back before). If it isn't there, accept the post back and then store that unique id somewhere. Link to comment Share on other sites More sharing options...
aspnetguy Posted June 11, 2008 Share Posted June 11, 2008 I simple solution would be when the form is accepted into the database redirect to the same page be add a flag to the url to indicate that a confirmation message should be shown. that way you are still handling it ont he saem page and the post data gets cleared.feedback.aspx.vb Imports System.Data.SqlClientPartial Class forms_feedback Inherits System.Web.UI.Page Private ds As New DataSet() Private conn As SqlConnection Private cmd As New SqlCommand() Sub Page_Load(ByVal Sender As Object, ByVal E As EventArgs) Dim flag As String flag = Request.QueryString("message") If Not String.IsNullOrEmpty(flag) And flag = "1" Then 'Show your confirmation message here End If End Sub Sub SubmitBtn_Click(ByVal Sender As Object, ByVal E As EventArgs) '... If Page.IsValid Then '... conn.Open() cmd.ExecuteNonQuery() conn.Close() Response.Redirect("feedback.aspx?message=1") End If End SubEnd Class Forgive any syntax errors. My VB is a bit rusty. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.