i have a register page on my website I am creating and it saves the data entered by the user into a database however when I click the register button i am coming across the following error:
Insert Error:CREATE DATABASE permission denied in database 'master'.
Cannot attach the file 'C:\Users\MyName\Documents\MyName\Docs\Project\SJ\App_Data\SJ-Database.mdf' as database 'SJ-Database'.
These are my connection strings:
<connectionStrings>
<add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient"/>
<add name="MyConsString" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|SJ-Database.mdf;
Initial Catalog=SJ-Database;
Integrated Security=SSPI;"
providerName="System.Data.SqlClient" />
</connectionStrings>
Register page code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
public partial class About : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
public string GetConnectionString()
{
//sets the connection string from your web config file "ConnString" is the name of your Connection String
return System.Configuration.ConfigurationManager.ConnectionStrings["MyConsString"].ConnectionString;
}
private void ExecuteInsert(string name, string gender, string age, string address, string email)
{
SqlConnection conn = new SqlConnection(GetConnectionString());
string sql = "INSERT INTO Register (Name, Gender, Age, Address, Email) VALUES "
+ " (@Name,@Gender,@Age,@Address,@Email)";
try
{
conn.Open();
SqlCommand cmd = new SqlCommand(sql, conn);
SqlParameter[] param = new SqlParameter[6];
//param[0] = new SqlParameter("@id", SqlDbType.Int, 20);
param[0] = new SqlParameter("@Name", SqlDbType.VarChar, 50);
param[1] = new SqlParameter("@Gender", SqlDbType.Char, 10);
param[2] = new SqlParameter("@Age", SqlDbType.Int, 100);
param[3] = new SqlParameter("@Address", SqlDbType.VarChar, 50);
param[4] = new SqlParameter("@Email", SqlDbType.VarChar, 50);
param[0].Value = name;
param[1].Value = gender;
param[2].Value = age;
param[3].Value = address;
param[4].Value = email;
for (int i = 0; i < param.Length; i++)
{
cmd.Parameters.Add(param[i]);
}
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
}
catch (System.Data.SqlClient.SqlException ex)
{
string msg = "Insert Error:";
msg += ex.Message;
throw new Exception(msg);
}
finally
{
conn.Close();
}
}
protected void cmdRegister_Click(object sender, EventArgs e)
{
if (txtRegEmail.Text == txtRegEmailCon.Text)
{
//call the method to execute insert to the database
ExecuteInsert(txtRegName.Text,
txtRegAge.Text,
ddlRegGender.SelectedItem.Text,
txtRegAddress.Text, txtRegEmail.Text);
Response.Write("Record was successfully added!");
ClearControls(Page);
}
else
{
Response.Write("Email did not match");
txtRegEmail.Focus();
}
}
public static void ClearControls(Control Parent)
{
if (Parent is TextBox)
{ (Parent as TextBox).Text = string.Empty; }
else
{
foreach (Control c in Parent.Controls)
ClearControls(c);
}
}
}