HTML to word doc at runtime simplest trick

Dear Friends,
Recently my friend got a new task to generate a word & PDF document at runtime from FCK Editor and he was in real hurry, so he told me a sample for him. I tried with a simple which I am sharing here.
I created a resume layout with FCK editor. Please find the below screen and code.

HTML to word

now code is here

Generate html to Word
I hope you will also enjoy.

you can download code  at
Thanks & Best Regards,
Rajat Jaiswal


Secure your code from Reverse engineering & encrypt your code

Hello friends,
After developing complex business logic application in .NET most of this we think how to secure our application code? How to prevent our website or software from reverse engineering?, Encrypt your code.
Because we know there are many tools which break the DLL like Reflector.

To prevent the DLL from reverse engineering there are many obfuscation tool. There are many obfuscation tools. Obfuscator (DotFuscator community edition) is one of the free tools which provide protection from reverse engineering.
It obfuscates the DLL. It is easy in use.  The steps are very simple just select the DLL and build.
It will obfuscate the code.
Hope it will help in securing your application from Hacker from reverse engineering.

Thanks & Regards
Rajat Jaiswal

Hack SQL Injection with prevention (Secure your web site )

Dear All,
I am always curios about hacking not in destructive manner but how to prevent my sites from hacking.
So one of the thing which I want to share with you is “SQL Injection “. SQL Injection is a unique way by which you can play with database of the site.
Firstly I give you a brief introduction about SQL injection and then I will provide you information how to prevent your site by SQL injection.
So SQL injections are just like SQL statements or we can say combination of SQL statements which can be used as destructive manner by hackers.
And you cannot believe how SQL Server is powerful. With the help of” xp_cmdShell “command then end user (hacker) can crash your server too. With the help of “xp_cmdShell” you can do many things like delete file, delete dir, shutdown even format too.
So first let me show you basic example
Suppose you have login screen
on which you have done following code to validate user on
protected void btnLogin_Click(object sender, EventArgs e)
String connectionString = ConfigurationManager.ConnectionStrings[“ConnectionString”].ConnectionString;
SqlConnection sqlcon = new SqlConnection(connectionString);
SqlCommand sqlcmd = new SqlCommand();
sqlcmd.CommandText = “SELECT * FROM tblUser WHERE strUserName ='” + txtUserName.Text + “‘ AND strPassword ='” + txtPassword.Text + “‘”;
sqlcmd.CommandType = CommandType.Text;
sqlcmd.Connection = sqlcon;
SqlDataAdapter sda = new SqlDataAdapter();
sda.SelectCommand = sqlcmd;
DataSet ds = new DataSet();
if (ds.Tables[0].Rows.Count > 0)
Response.Write(“Valid user”);
Response.Write(“Invalid user”);

Now if you see here we have directly used txtUserName, and txtPassword value here.

Now if end user enters following value as shown your screen.
SQL Injection
Now put break point on your sqlcommand statement and see what value going on.
You will find following SQL command.
SELECT * FROM tblUser WHERE strUserName =’Rajat’ OR ‘1’ =’1’ AND password =’test’ OR ‘1’ =’1’
Now when you run this command in your SQL Browser you will be surprised that it returns all the Records. So this is power of SQL injection with just “OR “statement.

Prevent hacking
Now if you have aware of SQL Server than you understand “;” (semicolon) & — (dash dash) means.
“;” semicolon means current statement is completed and — (dash dash) means comment.
So suppose, if I enter semicolon combination with update command on my username password screen then what happen
SELECT * FROM tblUser WHERE strUserName =’RAJAT’ OR ‘1’=’1’ ; update tblUser set password =’’; —

Other than this a hacker can user various combination like this.

Now question came in your mind how to prevent this.
So here are the basic things by which you can prevent your site by SQL injections
1) Apply check for special character on login form textbox
2) Use storedprocedures
3) Use encrypted password
I hope you will be more secure programmer now so enjoy secure sites.

In future i will provide you how a hacker can hack your site and how can you prevent your site.

Rajat Jaiswal

Three tire code Generator using VB.NET

Hello Friends,
Today I am sharing code generator.  Its   interface is simple same as our stored procedure code generator. (**Important   I am using Microsoft Application block for Data Access Layer**)
You need to give user credential as shown in below fig.

Once the credential is successful you will get below screen.

Just select the table for which you want to generate code.    Now if you want dataset as entity then just check the use dataset checkbox.
Then press Generate button.

It will   generate y our windows form, Business manager class, Data Access layer class.
Just copy and paste in your project it will work fine with some minor changes.
You can download the code from below link
Download code
Enjoy coding!!
Thanks & Regards
Rajat Jaiswal website in hindi or other native language with simple steps

Dear all,
For Indian its great news that you can now create web site in your native language like Hindi, Marathi, Punjabi, Urdu, Tamil etc.
Kudos to Microsoft for introducing “Microsoft Indic Language” with help of this we can easily create web site in any language without doing much efforts.
So here we go  with the sample  and things to remember with simple step

Step 1:- Add following line in your html page

input type=”hidden” id=”MicrosoftILITWebEmbedInfo” attachMode=”optout” value=””

<script type=”text/javascript” src=”” defer=”defer”></script>

Remember here:  I am using hindi here that’s why i used hindi.js you can use your own choice.
Step 2:- Add new attribute with each input control which is “MicrosoftILITWebAttach” as shown in below.
<    asp:TextBox ID=”txtPost” runat=”server” MicrosoftILITWebAttach=”true”             ></asp:TextBox>

Step 3:- If you want to store this value in database the just remember all the field which contain string data type should be “NVARCHAR”
Otherwise your searching will not work and all the data will be change to question mark instead of actual data.

Step 4:- for searching in database hindi text or text which you insert you have to use following syntax

SELECT * FROM tblPost where postName =N’प्रोफेसर’
So Enjoy