How Do I Give Sessions To Cart Sessions Like:

Question

1.00/5 (2 votes)

See more:

C#

protected void LoginUser_LoggedIn(object sender, EventArgs e)
        {
            MyShoppingCart cart = new MyShoppingCart();
            string shoppingCartId = cart.GetShoppingCartId();
            cart.MigrateCart(shoppingCartId, this.LoginUser.UserName);
            if (this.Session["LoginReferrer"] != null)
            {
                base.Response.Redirect(this.Session["LoginReferrer"].ToString());
            }
            this.Session["UserName"] = this.LoginUser.UserName;
        }

im using thins login info below:
I try to avoid Membership, I want to use my own customized SQL database.

C#

da = new SqlDataAdapter("select count(*) from Login where UserName='" + TextBox1.Text.ToString() + "' and Password='" + TextBox2.Text.ToString() + "' and status='Activate' ", AdminCommerceEntities);
                int n = Convert.ToInt32(da.SelectCommand.ExecuteScalar());
                if (n == 1)
                {
                    da = new SqlDataAdapter("select * from Login where UserName='" + TextBox1.Text.ToString() + "' and Password='" + TextBox2.Text.ToString() + "' ", AdminCommerceEntities);
                    ds = new DataSet();
                    da.Fill(ds, "Login");
                    if (ds.Tables["Login"].Rows.Count > 0 && ds.Tables.Count > 0)
                    {
                        Session["UserName"] = TextBox1.Text.Trim();
                        Session["UserID"] = ds.Tables["Login"].Rows[0][0].ToString();
                        AdminCommerceEntities.Close();
                        Response.Redirect("~/Default.aspx");
                    }
                    else
                    {
                        Label1.Text = "Invalid userid and password.";
                    }
                }

Posted 31-Jul-15 0:15am

Mziwanele

Add a Solution

Comments

F-ES Sitecore 31-Jul-15 6:26am

What's your question?

Mziwanele 6-Aug-15 4:23am

My proble is: My Login is not recognized by the cart pages on my eCommerce website. when i try to add items to the cart, it always redirects me to the login page even if i have logged in. when i use aspnet membership it works fine like [this.Session["UserName"] = this.LoginUser.UserName;], when i use my own customized database and pages my login is not recognized.

F-ES Sitecore 6-Aug-15 4:32am

Update your question to show the code on the ucommerce website and where it directs you to the login page.

Richard Deeming 31-Jul-15 7:11am

Try entering a username of Robert'; DROP TABLE Login;-- with a blank password and see what happens.

Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

You are also storing passwords in plain text. That is an extremely bad idea. You should only ever store a salted hash of the user's password.
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

Mziwanele 6-Aug-15 4:25am

My proble is: My Login is not recognized by the cart pages on my eCommerce website. when i try to add items to the cart, it always redirects me to the login page even if i have logged in. when i use aspnet membership it works fine like [this.Session["UserName"] = this.LoginUser.UserName;], when i use my own customized database and pages my login is not recognized.

Richard Deeming 6-Aug-15 7:24am

Did you even read my comment? Your code has serious security vulnerabilities which you need to fix.

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)