<%@ Page Language="C#" %>
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
File: ProductCategories.cs
using System;
using System.Data;
using System.Data.SqlClient;
using System.Web.Configuration;
public class ProductCategories
{
private readonly string _conString;
public SqlDataReader GetProducts(int categoryId)
{
SqlConnection con = new SqlConnection(_conString);
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "SELECT Id,Title,Director,DateReleased "
+ " FROM Products WHERE CategoryId=@CategoryId";
cmd.Parameters.AddWithValue("@CategoryId", categoryId);
con.Open();
return cmd.ExecuteReader(CommandBehavior.CloseConnection);
}
public SqlDataReader GetCategories()
{
SqlConnection con = new SqlConnection(_conString);
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "SELECT Id,Name FROM ProductCategories";
con.Open();
return cmd.ExecuteReader(CommandBehavior.CloseConnection);
}
public ProductCategories()
{
_conString = WebConfigurationManager.ConnectionStrings["Products"]. ConnectionString;
}
}
File: Web.config
connectionString="Data Source=.\SQLEXPRESS;
AttachDbFilename=|DataDirectory|MyDatabase.mdf;Integrated Security=True;User Instance=True" />