C# lab 3

Order Description


This assignment builds on your Lab #2. Be sure to save your Lab2 website in another location before starting this lab in case any questions come up with your Lab #2 grade. You will use .Net (C#) and SQL Server again. You will reuse the database and Classes from Lab 2 except that Property table and class will allow for the new column called PropertyInd as shown below. Your SQL Server database for this lab is Lab3.

Property PropertyInd Char(1) Can be “Y” or “N”

You must use parameterized queries for all appropriate database queries for the Student and Payment tables/forms to prevent SQL Injection. For Payment table/form inserts, you must execute a Stored Procedure that passes parameters from your application (verses a parameterized query). In addition, you must use encoding where appropriate to present cross-site scripting in all tables.

Your application will NOT create the Stored Procedure but only execute it. You will create your Stored Procedure within SQL Server. You will submit your Create Stored Procedure statement in a .sql file within your Web site. The name of your Stored Procedure and the name of your .sql file must include your name as follows, FirstNameLastNameLab3. Be sure to include your name in the SQL comments as well.

This assignment still allows you to insert records into the database in each form. In addition, your code must allow a user to update a Property. In some cases, you want to be able to deactivate a Property (meaning it can no longer be associated with a Student). A search for the Properties must exist. A drop down to search for the Properties is not acceptable. You cannot use a Gridview for the Updates.

The student from will be modified slightly. At the top of the form after your name, you will display the name of the current Property associated with that student. For example if I was associated with 123 Main St, it would display something like “Carey Cole – 123 Main Street”.

Quality of Code

I will judge your programs both by how well they work, and based on the elegance of the code. The code should be well documented and efficient. Proper indentation, descriptive variable names, and comments are essential. No extraneous variables or extra unnecessary lines of code. You must include your name and the honor code pledge near the top of all of your files.


Provide a meaningful name to your files. When completed, you will zip your Web Site folder and submit that into Canvas by the deadline (this will include all of the files required). Be sure to test all of your labs in Burrus /Showker before you submit them to be graded in Canvas. You will be penalized three points for every time your program does not run for the Instructor/Graduate Assistant (unless it was not an error caused by you).