Author: Ted Kolovos
Website: Amazing ASP.NET - http://www.CSharpUniversity.com

Did you ever wonder what really happens when you type a URL into your web browser and press enter?  Or when you enter your credit card information to buy a product and click Complete Order?

In this introductory overview of ASP.NET I’m going to discuss about what exactly ASP.NET really is and how it works to run dynamic web applications.  The purpose of this article is to give you a foundation level look at the ASP.NET web application platform and help you understand the basic core concepts of the ASP.NET runtime so that your learning can progress quickly and easily.

So what exactly is ASP.NET and what is the ASP.NET runtime?
In order to answer these two questions we have to cover some basic dynamic website concepts first.

Introduction to web servers and how your browser talks to them
On the World Wide Web, the tool that people use to navigate around and read or watch material is the Web Browser (e.g. Internet Explorer, Firefox, etc.).  Web browsers understand a special tag language which is HTML.  When you want to visit a website and view the material on that website, you type in the URL (unique address of the website) in your browser window and your browser visits the website.

Once you have typed in the URL and pressed Enter, your web browser starts communicating with the website across the Internet network behind the scenes.  The only thing you see is maybe an hourglass or a spinning globe that indicates that something is happening.  As you see that globe spinning, your web browser communicates with a special software program behind the scenes called a web server.  The web server is a special software application program that is running on the Internet computer that you requested in your URL.

So if you requested a URL that looks like http://bogusinternetserver.com/mypage.html you should know that there is a remote computer on the Internet at the address bogusinternetserver.com and that remote computer is running a special program called a web server.  The web server is the program that is responsible for fetching the HTML file that you requested.  The web server’s job is to go fetch mypage.html or whatever you typed into your browser.

Static versus Dynamic web pages
Under normal circumstances, the web server will simply fetch the file (mypage.html) that you requested and send it to your browser.  Then your browser will display the file in a viewable/readable format (with text, graphics and hyperlinks).

There are other situations however when the file being requested is not a Static file like mypage.html, but instead is a Dynamically created file (mywebpage.aspx).  The web server knows that the file is dynamic based on the file extension which in this example is .aspx.  When a dynamic file is requested, the web server will pass execution control over to a separate program.  That separate program is the ASP.NET runtime, which is responsible for executing the C# code associated with the dynamic web page (mywebpage.aspx) and then sending the results of that web page execution back to the browser.

Comparing when HTML is created statically versus dynamically
Static web files simply contain HTML markup tags and are actual files stored on a hard drive.  In contrast Dynamic web files are not really files in the traditional sense.  Dynamic web files (ending in .aspx) are a combination of C# code and special ASP.NET server tags that when combined together, can be executed dynamically as the application is running to produce HTML on the fly.

The reason that programmers need dynamic web files on the Internet is so that we can write web enabled applications that do useful things for users like view their bank accounts or buy products using their credit cards.  In fact, nowadays the web is filled with dynamic web applications.  Every time you type a search into Google or your favorite web search, you are running a dynamic web file.  These types of dynamic actions are not possible with traditional HTML tags.  Dynamic web files are necessary to process input data that is entered into web page forms.  Think about when you fill out your credit card information into a web form and press a Complete Order button.  Once that button is clicked, there a dynamic web file that executes to actually process your order.

So what exactly is the ASP.NET runtime again?
The ASP.NET runtime is the special program that dynamically executes ASP.NET web page code and produces HTML that is sent back to the browser.  Remember that a web browser only understands HTML, so the end result of a dynamic web page execution must always be HTML.  One of the real powers of the ASP.NET platform is that as a programmer you can concentrate on implementing your business requirements and let the ASP.NET runtime worry about creating all the HTML dynamically at execution time.

Take a look at this graphic which depicts the steps that occur whenever a user requests a dynamic web file in their web browser and the request goes to the ASP.NET runtime.  Click to enlarge.

Step 1 - The user requests a web page.  For example: http://bogusinternetserver.com/mywebpage.aspx

Step 2 - The web page request goes to the web server program.

Step 3 - The web server notices that the file being requested has an extension of .aspx so it transfers execution control to the ASP.NET runtime.

Step 4 - The ASP.NET runtime dynamically executes the code associated with the page mywebpage.aspx.  At this point in time, a dynamic web application is running.  During the execution of the dynamic web application, many things can occur.  The application can communicate with a database.  It can process a credit card order.  It can perform a search.  It can do whatever dynamic operation the programmer who coded the web page had designed the application to do.  After the execution is finished, the ASP.NET runtime produces the output which is an HTML formatted document.

Step 5 - The HTML document is delivered to the browser and the user sees the results as a formatted web page with hyperlinks, text, images and all the other things you typically find when you view a web page on the Internet.

So now that we know what the ASP.NET runtime is, then what exactly is ASP.NET?
ASP.NET is a broad high level term that consists of:
-A software server program (the ASP.NET runtime) that interacts with the web server to execute dynamic web pages.
-Development tools (Visual Web Developer and Visual Studio).
-Programming languages (C# and VB.NET).
-The .NET framework libraries.
All of these items together make up the Microsoft ASP.NET web platform, commonly known as “ASP.NET”.

Click here to download the source code for this lesson.  When you open the project files, set GridView_SQLServer.aspx as the Start Page.

This lesson builds on the knowledge of a some prior lessons.  Here are the links to those lessons:
How to use ADO.NET with parameters in ASP.NET to Query a SQL Server database
How to use ADO.NET with parameters in ASP.NET to UPDATE a record in a SQL Server database
How to use ADO.NET with parameters in ASP.NET to INSERT a record into a SQL Server database

In those lessons I covered how to use the ADO.NET SqlCommand and SqlParameter classes (along with the SqlDataAdapter) to run SQL Queries, Updates and Inserts with parameters against an SQL Server database table.  If you haven’t read those lessons yet, it is important to do so because they are the foundation for this lesson and I don’t repeat the same material.  The code for this lesson also builds on the code from the prior lessons.

In this lesson, I am going to cover how to use the ADO.NET SqlCommand and SqlParameter classes to execute an SQL Delete query with parameters against an SQL Server database table.  This lesson applies to ASP.NET with C#.

Why would you need to execute an SQL Delete operation and use parameters?
The answer is whenever you need to remove a record from the database.  You need a way to execute the SQL Delete with a “where” clause so that you can make sure to remove a specific record that you are interested in.  Normally a Delete where clause will need a unique identifier for the record to be removed.  The where clause value for the unique identifier is passed using a parameter. 

Let me get started.  First the business requirements.  In the prior lessons I had created a couple of web forms named GridView_SQLServer.aspx and Customer_Edit.aspx.  Those forms display records from a SQL Server database table named “Customer” and allow the user to modify the records.

I have a new requirement which states I must also allow the removal of data in the table Customer.  I have to give the user the ability to Delete a record.  In order to do that I am going to create a new Delete button on the form Customer_Edit.aspx.  This new button will be responsible for giving the user the ability to Delete a customer record in the database.

Let me show you the code for that button so you can see how an ADO.NET SQL Delete is performed with C# and then I will discuss each block of code separately.

string sCustomerId = Request.QueryString["customerid"];
int customerid = int.Parse(sCustomerId);

SqlCommand dbcmd = new SqlCommand();
SqlParameter dbparam = null;

using (SqlConnection dbconn = new SqlConnection(
 "Server=localhost;"
 + "Database=csharpuniversity;"
 + "User ID=sa;"
 + "Password=Sqlserverpass$123;"
 + "Trusted_Connection=False;"))
{
    string SQLDelete = "delete from [customer] "
 + "where customer_id = @customer_id";

    dbparam = dbcmd.CreateParameter();
    dbparam.DbType = System.Data.DbType.Int32;
    dbparam.ParameterName = "customer_id";
    dbparam.Value = customerid;
    dbcmd.Parameters.Add(dbparam);

    dbcmd.CommandText = SQLDelete;
    dbcmd.Connection = dbconn;
    dbconn.Open();
    dbcmd.ExecuteNonQuery();
}

If you read through the prior lessons about ADO.NET SQL Updates and Inserts, you will notice that the code is very similar to this set of code that performs and SQL Delete.  In fact, it is almost identical.  Now let’s go through each block of code in more detail.

First I get the unique identifier for the record that I need to delete in the database.  The database table Customer that I’m trying to delete data from, has a customer_id column that contains an Identity value (a SQL Server automatically incremented number).  The customer_id is the unique identifier of a Customer record.  I can get this value from the QueryString since it is being passed to the page.  Here is how I get the value.

string sCustomerId = Request.QueryString["customerid"];
int customerid = int.Parse(sCustomerId);

After that, inside the using { } block, I start setting up my Delete operation.

 string SQLDelete = "delete from [customer] "
   + "where customer_id = @customer_id";

Notice that I created a string variable named SQLDelete that contains the SQL text for the Delete operation.  You can see above that I use a parameter for the customer_id column.  Remember from the prior lessons that in an SQL operation, you can use the @ symbol to specify a parameter like @customer_id.  That allows ADO.NET to dynamically substitute a value for the variable @customer_id at runtime.
For Oracle, you can use the : (colon) symbol to specify an ADO.NET parameter.  So if you were using Oracle as your database, you would change @customer_id to :customer_id.

Then I need to create an SqlParameter object to pass the value of customer_id dynamically.

    dbparam = dbcmd.CreateParameter();
    dbparam.DbType = System.Data.DbType.Int32;
    dbparam.ParameterName = "customer_id";
    dbparam.Value = customerid;
    dbcmd.Parameters.Add(dbparam);

When you are creating SqlParameter objects, you need to specify the data type, the name of the database column you want to delete data for and the new value for the column.  Then you have to add the SqlParameter to the Parameters collection in the SqlCommand object that you are using.

Next to finish off the code for the Delete button, there are four lines of code left.

    dbcmd.CommandText = SQLDelete;
    dbcmd.Connection = dbconn;
    dbconn.Open();
    dbcmd.ExecuteNonQuery();

In those final lines of code I assign the text string for the Delete to the SqlCommand object dbcmd and associate the SqlConnection object with the dbcmd.  Then notice that I explicitly open the connection.  If you remember from the prior lessons, when I was using the SqlDataAdapter class, I didn’t need to open the connection because the SqlDataAdapter does that automatically.  When you are not using the SqlDataAdapter like in this lesson, you have to explicitly open the connection because the SqlCommand object doesn’t do that automatically.  The last line of code is a call to the ExecuteNonQuery() method of the SqlCommand class.

ExecuteNonQuery() is used whenever you want to run a database operation and you are not expecting back any data.  Examples of when you can use ExecuteNonQuery are when you need to execute SQL Update, Insert or Delete operations.

That wasn’t so hard was it?

You can think of the entire development process of using parameterized ADO.NET Delete operation as follows:
1) Specify your SQL Delete statement with a where clause and use the @ symbol where SqlParameter variables are needed.  If you are using Oracle, us the : (colon) symbol to prefix the SqlParameter variable name.
2) Create each SqlParameter object and assign it a name, a type and a value.  You can create multiple SqlParameter objects if you need more than one variable in the Delete operation.
3) Associate the SqlConnection object with the SqlCommand object.
4) Open the SqlConnection object.
5) Run the ExecuteNonQuery() method of the SqlCommand object.

Take a look at this video that shows me Deleting an SQL Server database record with ADO.NET in ASP.NET.