ASP.NET - Databases - Insert Records

here's an example code to insert a record into an Access database using C# in ASP.NET:

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Data.OleDb" %>
<!DOCTYPE html>
<html>
<head>
    <title>Insert Record</title>
</head>
<body>
    <form id="form1" runat="server">
        <div>
            <h2>Insert Record</h2>
            <hr />
            <asp:Label ID="lblName" runat="server" Text="Name: "></asp:Label>
            <asp:TextBox ID="txtName" runat="server"></asp:TextBox>
            <br /><br />
            <asp:Label ID="lblEmail" runat="server" Text="Email: "></asp:Label>
            <asp:TextBox ID="txtEmail" runat="server"></asp:TextBox>
            <br /><br />
            <asp:Label ID="lblPhone" runat="server" Text="Phone: "></asp:Label>
            <asp:TextBox ID="txtPhone" runat="server"></asp:TextBox>
            <br /><br />
            <asp:Button ID="btnInsert" runat="server" Text="Insert Record" OnClick="btnInsert_Click" />
        </div>
    </form>
</body>
</html>

In the code above, we have a form with three input fields (Name, Email, and Phone) and a button to insert the record. We also have an OnClick event for the button, which we'll define in the code-behind file.

 

Here's the code-behind file (assuming you have a database file named "myDatabase.accdb" in your App_Data folder):

using System;
using System.Configuration;
using System.Data;
using System.Data.OleDb;
public partial class InsertRecord : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
    }
    protected void btnInsert_Click(object sender, EventArgs e)
    {
        // Get the connection string from the configuration file
        string connectionString = ConfigurationManager.ConnectionStrings["myConnectionString"].ConnectionString;
        // Define the SQL query
        string query = "INSERT INTO Customers (Name, Email, Phone) VALUES (?, ?, ?)";
        // Create the command object and set its properties
        using (OleDbConnection connection = new OleDbConnection(connectionString))
        using (OleDbCommand command = new OleDbCommand(query, connection))
        {
            command.Parameters.AddWithValue("@Name", txtName.Text);
            command.Parameters.AddWithValue("@Email", txtEmail.Text);
            command.Parameters.AddWithValue("@Phone", txtPhone.Text);

            // Open the connection and execute the query
            connection.Open();
            int rowsAffected = command.ExecuteNonQuery();
            connection.Close();

            // Display a message to the user
            if (rowsAffected > 0)
            {
                Response.Write("Record inserted successfully!");
            }
            else
            {
                Response.Write("Failed to insert record.");
            }
        }
    }
}

In the code-behind file, we first get the connection string from the web.config file using ConfigurationManager.ConnectionStrings. We then define the SQL query to insert the record, and create a new OleDbCommand object with the query and connection. We then set the command's parameters to the values entered by the user in the form.

We then open the connection, execute the query using ExecuteNonQuery(), and close the connection. Finally, we display a message to the user indicating whether the record was inserted successfully or not.

Note that in this example, we're using parameterized queries to prevent SQL injection attacks. Always use parameterized queries