How to transfer session value from content page to master page

Question

0.00/5 (No votes)

See more:

I was trying to pass a session value to label of my master page by using below code, but data from content page transfer but getting in master page. show null value exception.

Code:

C#

<telerik:RadTextBox ID="UserName"  runat="server"></telerik:RadTextBox>
        <telerik:RadTextBox ID="Password"  runat="server" TextMode="Password"></telerik:RadTextBox>
        <telerik:RadButton ID="Submit"  runat="server" Text="Submit" ></telerik:RadButton>

Code of aspx.cs

C#

protected void Submit_Click(object sender, EventArgs e)
    {
         MySqlConnection con = new MySqlConnection(constr);
        con.Open();
        MySqlCommand cmd = new MySqlCommand("select COUNT(*)FROM User_table WHERE UserId='" + UserName.Text+ "' and Password='" +Password.Text+ "'");
        cmd.Connection = con;
        int OBJ = Convert.ToInt32(cmd.ExecuteScalar());
        if (OBJ > 0)
        {
            Session["UserId"] = UserName.Text.Trim();
            Response.Redirect("Default.aspx");
           Label1.Text=Session["UserId"].ToString();
        }
        else
        {
            Label1.Text = "Invalid username or password";
            this.Label1.ForeColor = Color.Red;
        }
    }

Master Page Code

C#

if (Session["UserId"] !=null)
       {
           Label1.Text = "Welcome :" + Session["UserId"].ToString();

       }
       else
       {
           Response.Redirect("Login.aspx");
       }

 Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

Source Error:


Line 12:         if (Session["UserId"] !=null)
Line 13:         {
Line 14:             Label1.Text = "Welcome :" + Session["UserId"].ToString();
Line 15:             
Line 16:         }

Posted 21-Oct-14 1:04am

diggudg

Add a Solution

Comments

Sinisa Hajnal 21-Oct-14 7:12am

Are you sure Label1 is not null? Set a break point and check. You know Session["UserId"] isn't since you're checking for it :)

Richard Deeming 21-Oct-14 8:35am

Your code is vulnerable to SQL Injection[^].

NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Also, you're storing passwords in plain-text. That is an extremely bad idea. You should only ever store a salted hash of the password.
http://www.codeproject.com/Articles/704865/Salted-Password-Hashing-Doing-it-Right[^]

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Praveen_P · Accepted Answer · 2014-10-21T01:47:00

Hi
initialise the session variable in the Session_Start function of global.aspx

C#

protected void Session_Start(object sender, EventArgs e)
       {
           Session["UserId"] = "";
       }

then inside the master page , check

C#

if (Session["UserId"] == "")
{
    Response.Redirect("Login.aspx");
}
else
{
    Label1.Text = "Welcome :" + Session["UserId"].ToString();
}

Another solution is that , here i think you are you are using the same master page for Login page also , it is loading before you set session variable thats why getting error , change master page for login page

Thanks