Got error on web server but run smoothly on local server

Question

I have some issue where I keep getting an error of my system on web server. But, when I run on local server no error come out.

The error is on Try...Catch exception. It keep come out a message "failed to upload a file" while the file successfully insert into a database.

I don't know why this problem happen. Can someone explain to me?.

Try
    'check fileupload
    If uploadPic.HasFile Then
        Dim filecount = 0
        'connection string
        Dim conn As New SqlConnection("server=jkprod01; database=whrepairing; user=sa; password=sa")
        conn.Open()

        'get the multiple file from file upload
        Dim hfc As HttpFileCollection = request.Files
        sqlstring = "select * from dbo.[mst_jigtool] where jigtool_code='" & jigCode.Text & "' and jigtool_type='" & regType.SelectedValue & "'"
        cmd = New SqlCommand(sqlstring, conn)
        dr = cmd.ExecuteReader
        dr.Read()

        If dr.HasRows = False Then
            dr.Close()
            cmd.Dispose()

            For a As Integer = 0 To hfc.Count - 1
                Dim hpf As HttpPostedFile = hfc(a)
                fs = hpf.InputStream
                br = New BinaryReader(fs)
                bytes = br.ReadBytes(Convert.ToInt32(fs.Length))

                sqlstring = "insert into mst_jigtool ([jigtool_code], [jigtool_type], [jigtool_address], [jigtool_image], [upd_by], [created_by], [date_created], [upd_date]) VALUES ('" & jigCode.Text & "', '" & regType.SelectedValue & "', '" & jigAdd.Text & "', @pics, '" & Class1.user_id & "', '" & Class1.user_id & "', getdate(), getdate())"
                cmd = New SqlCommand(sqlstring, conn)
                cmd.Parameters.AddWithValue("@pics", bytes)
                fs = Nothing
                br = Nothing
                bytes = Nothing
                cmd.Dispose()
                filecount += 1
                dr = cmd.ExecuteReader
                dr.Close()
                conn.Close()
                cmd.Dispose()
            Next
            Dim msgRslt As MsgBoxResult = MsgBox("Jig tool succussfully registered. Do you want to continue register jigtool? .", MsgBoxStyle.YesNo)
            If msgRslt = MsgBoxResult.Yes Then
                response.Redirect("regJig.aspx")
            ElseIf msgRslt = MsgBoxResult.No Then
                response.Redirect("home.aspx")
            End If
        Else
            Dim msgRslt As MsgBoxResult = MsgBox("Jig tool already registered !/n Do you want to update ?", MsgBoxStyle.YesNo)
            If msgRslt = MsgBoxResult.Yes Then
                For a As Integer = 0 To hfc.Count - 1
                    Dim hpf As HttpPostedFile = hfc(a)
                    fs = hpf.InputStream
                    br = New BinaryReader(fs)
                    bytes = br.ReadBytes(Convert.ToInt32(fs.Length))
                    Dim conn2 As New SqlConnection("server=jkprod01; database=whrepairing; user=sa; password=sa")
                    conn2.Open()
                    Dim sqlstring2 = "update mst_jigtool set jigtool_type = '" & regType.SelectedValue & "',jigtool_address = '" & jigAdd.Text & "', jigtool_image = @pics,  upd_by='" & Class1.user_id & "', upd_date = getdate() where jigtool_code='" & jigCode.Text & "' and jigtool_type='" & regType.SelectedValue & "' and jigtool_address = '" & jigAdd.Text & "'"
                    Dim cmd2 = New SqlCommand(sqlstring2, conn2)
                    cmd2.Parameters.AddWithValue("@pics", bytes)
                    fs = Nothing
                    br = Nothing
                    bytes = Nothing
                    cmd2.Dispose()
                    filecount += 1
                    dr = cmd.ExecuteReader
                    cmd2.Dispose()
                    conn2.Close()
                Next
                Dim msgRslt1 As MsgBoxResult = MsgBox("Jig tool succussfully updated. Do you want to continue register jigtool? .", MsgBoxStyle.YesNo)
                If msgRslt1 = MsgBoxResult.Yes Then
                    response.Redirect("regJig.aspx")
                ElseIf msgRslt1 = MsgBoxResult.No Then
                    response.Redirect("home.aspx")
                End If
            ElseIf msgRslt = MsgBoxResult.No Then
                response.Redirect("regJig.aspx")
            End If

        End If
        dr.Close()
        cmd.Dispose()
    End If
Catch ex As Exception
    response.Write("<script>alert('Upload Failed!. Try again.')</script>")
End Try

You need to provide with more information about your problem and show some code. — Torbjörn Hansson, Oct 13 '16 at 07:57
Sorry for that. I just add a source code. The problem is keep getting this error. Response.Write("") — Amarul Samsudin, Oct 13 '16 at 08:19
In Response.Write, you can access details of the Exception (ex). What is ex.Message? — selami, Oct 13 '16 at 10:10
You can't use `MsgBox` on a web server - it might appear on the physical server, but the user won't see it. And you shouldn't use `Response.Write` (like that) as it interrupts the normal processing of the page. — Andrew Morton, Oct 13 '16 at 17:16
The problem with your error message is that it assumes any problem is a file upload problem and hides any other errors. Until you have it working reliably, you should comment out the Try...Catch statements so that you can easily see the actual error message. — Andrew Morton, Oct 13 '16 at 17:45

score 0 · Accepted Answer · answered Oct 13 '16 at 17:56

Perform all redirects using the other overload of the Redirect method or Response class

Response.Redirect(url, false)

Explaination:

When you use Response.Redirect(url), the second parameter is true. The second parameter is to specify whether to end current response or not (it is named endResponse). When you pass this as true, the ASP.NET framework ends the response and the thread executing the same is aborted.

But when this is done within the try block, it raises an exception which is then caught by your catch block, hence the exception.

Kindly confirm that the exception is a ThreadAbortedException. This is not an exception in your Response.Write("<script>.....</script>"); line, but using Response.Redirect(url) within try block.

HTH.

Thanks a lot guys. Really helpful. – Amarul Samsudin Oct 14 '16 at 01:59 — Amarul Samsudin, Oct 14 '16 at 01:59

score 0 · Answer 2 · edited May 23 '17 at 12:16

You need to refactor that quite a lot to make it work smoothly.

I suggest that you have some sort of webservice which returns whether or not the combination of regType.SelectedValue and jigCode already exists.

Client-side (using JavaScript and AJAX), when the button is clicked, check if the combination already exists. If it does, use a confirm dialog to decide if to proceed.

If the user chooses to proceed, use an AJAX upload and display the appropriate dialog with JavaScript depending on success or failure.

Remember to use SQL parameters for every value that you put in an SQL query, or else your SQL queries will be vulnerable to SQL injection attacks and also will fail for some normal input characters, such as, but not limited to, apostrophes.

Marton thanks a lot for your explanation. It's really helpful. — Amarul Samsudin, Oct 14 '16 at 01:59

Got error on web server but run smoothly on local server

2 Answers2