Let's take this code as example:
<div style="overflow:auto;width:700px;">
<asp:GridView ID="GridView1" runat="server"
AllowPaging="True" AllowSorting="True"
AutoGenerateEditButton="True" DataMember="DefaultView"
DataSourceID="SqlDataSource1" AutoGenerateColumns="False"
DataKeyNames="..." CellPadding="4" ForeColor="#333333" Width="90%"
Height="90%" Font-Size="Small">
<RowStyle BackColor="#EFF3FB" />
<Columns>.
.
.
<asp:CommandField DeleteText="delete" ShowDeleteButton="True"></asp:CommandField>
</Columns>
<FooterStyle BackColor="#507CD1" Font-Bold="True" ForeColor="White" />
<PagerStyle BackColor="#2461BF" ForeColor="White" HorizontalAlign="Center" />
<SelectedRowStyle BackColor="#D1DDF1" Font-Bold="True" ForeColor="#333333" />
<HeaderStyle BackColor="#507CD1" Font-Bold="True" ForeColor="White" />
<EditRowStyle BackColor="#2461BF" />
<AlternatingRowStyle BackColor="White" />
</asp:GridView>
</div>
<asp:SqlDataSource ID="SqlDataSource1" runat="server"
ConnectionString="<%$ ConnectionStrings:DBUserConnectionString %>"
SelectCommand="SELECT ... FROM ... "
DeleteCommand="DELETE FROM ... WHERE ...=@...;">
</asp:SqlDataSource>
Since I'm new to VB and ASP I'm using the sqlDatasource to fill the Gridview without VB code behind(please note this), everything is being shown in the aspx code. When I run it with browser and see the source code it only shows html and alot of javascript:__doPostBack's, no connection, no tables, not even asp controls.
However i'd like to know if this is the right way to fill griviews and if it is really safe, I mean is there a way see .aspx code on browser?
It's equally safe as putting it in code behind. However, you really should be putting this sort of thing in code behind so you can separate your logic from your view.