How to ask yes or no before delete to the website user first in asp.net web application(.Net framework) c#?

Question

Below are the deletion part of my current code for the forummanagement.aspx.cs:

if (checkIfPendingForumExists())
{
    try
    {
        SqlConnection con = new SqlConnection(strcon);
        if (con.State == ConnectionState.Closed)
        {
            con.Open();
        }

        SqlCommand cmd = new SqlCommand("DELETE from forum_pending_tbl WHERE forum_id='" + TextBox1.Text.Trim() + "'", con);

        cmd.ExecuteNonQuery();
        con.Close();
        Response.Write("<script>alert('Forum Deleted Successfully');</script>");

        GridView1.DataBind();

    }
    catch (Exception ex)
    {
        Response.Write("<script>alert('" + ex.Message + "');</script>");
    }
}
else
{
    Response.Write("<script>alert('Invalid Forum ID');</script>");
}

This is the updated code for forummanagement.aspx:

<div class="col-4">
    <asp:Button ID="Button2" class="btn btn-lg btn-block btn-danger" runat="server" Text="Delete" ButtonID.OnClientClick='return confirm("Are you sure you want to delete this item?");'  />
</div>

After the updated buttonId.onclientclick suggested: there was error showing this:

Parser Error Description: An error occurred during the parsing of a resource required to service this request. Please review the following specific parse error details and modify your source file appropriately.

Parser Error Message: The server tag is not well formed.

Source Error:

Line 146:                     </div>
Line 147:                     <div class="col-4">
Line 148:                        <asp:Button ID="Button2" class="btn btn-lg btn-block btn-danger" runat="server" Text="Delete" ButtonID.OnClientClick='return confirm("Are you sure you want to delete this item?");'  />
Line 149:                     </div>
Line 150:                  </div>

Source File: /adminforummanagement.aspx Line: 148

As you can see, I haven't able to ask the user to confirm the deletion first before actually directly deleting it because i'm not sure how to do that. Is there some kind of Response."something" that can be used to confirm the deletion. I may not know the syntax for that code or the response.write be written differently to get the use input Y or N? Im very new to asp.net and hope i can get any Help which would be appreciated.

Im using Asp.net web application (.NET Framework) c# as my project.

I see sql injection happening here. Sanitize that text box text. Also, you'll need to do that on the page, not here in the connection. Whatever triggers this piece of code, would instead trigger an alert (or a modal) and that alert would then trigger this code. I don't think there is a Response method or property available, but the docs would tell you. — Richard Barker, Sep 17 '20 at 00:36
Hai richard, im not quite following when u said sanitize the text box and do you mean i should not try to alter the back end code page (.cs page) and instead alter the aspx? — Java Student, Sep 17 '20 at 00:40
Have a read of https://stackoverflow.com/questions/14376473/what-are-good-ways-to-prevent-sql-injection . — mjwills, Sep 17 '20 at 00:47
[Use parameters](https://stackoverflow.com/questions/7505808/) before someone types a `forum_id` of `'OR''='`. — Dour High Arch, Sep 17 '20 at 01:17
Ok, a bit of a mess here. But if you remove the button and the code for that button (comment) it out. Does the code compile and run? Something is messed up on that page - I don't think it has anything to do with the button. — Albert D. Kallal, Sep 17 '20 at 21:35

score 1 · Accepted Answer · answered Sep 18 '20 at 00:18

Your button has the error Parser Error Message: The server tag is not well formed.

Your markup:

<asp:Button ID="Button2" class="btn btn-lg btn-block btn-danger" 
    runat="server" 
    Text="Delete" 
    // error here:
    ButtonID.OnClientClick='return confirm("Are you sure you want to delete this item?");' />

you only need OnClientClick, without ButtonID:

<asp:Button ID="Button2" class="btn btn-lg btn-block btn-danger" 
    runat="server" 
    Text="Delete" 
    OnClientClick='return confirm("Are you sure you want to delete this item?");' />

score 0 · Answer 2 · edited Sep 18 '20 at 00:06

0

Line 148 you don't need to include the ID below should work (look at the single and double quotes placement too. You only would need the ID from C# side (code behind)

<asp:Button ID="Button2" class="btn btn-lg btn-block btn-danger" 
    runat="server" 
    Text="Delete" 
    OnClientClick="return confirm('Are you sure you want to delete this item?');" />

edited Sep 18 '20 at 00:06

wazz

4,953
5
20
34

answered Sep 17 '20 at 00:49

JobesK

347
1
2
6

Hello sir/miss jobesk, i have tried this but somehow it shows an error. Parser Error Message: The server tag is not well formed. I even try too edit the buttonID = button2.OnClientClick and it does not work still. – Java Student Sep 17 '20 at 00:56
please update your code above and show me what you got – JobesK Sep 17 '20 at 01:03
I have tried different ways revolving around this method.. and it doesn't seem to work.. – Java Student Sep 17 '20 at 01:36
Updated my answer above – JobesK Sep 17 '20 at 01:50

How to ask yes or no before delete to the website user first in asp.net web application(.Net framework) c#?

2 Answers2