Page Load depending on logged in user.

Question

0.00/5 (No votes)

See more:

I am stuck on how to get a logged in user data to load on a form once the user has logged in. On the form there is a dropdownlist that is databound to a database. When a user logs on the the website the ddl should load only the data for that user. Example: If the user haa an ID of 1234 and the data has an ID of 1234, that is the only data I want to show in the ddl. Is there a way of doing this for users that are in a database?

C#

using System;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Drawing;
using System.Text;
using System.Collections.Generic;
using System.Linq;
using System.Configuration;
using System.Drawing.Printing;

public partial class FinancialProfileFormA : System.Web.UI.Page
{

    protected void Page_Load(object sender, EventArgs e)
    {
        ButtonPrint.Attributes.Add("onclick", "window.print(); return false");
    }
    protected void ButtonSubmit_Click(object sender, EventArgs e)
    {

        SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
        con.Open();


        SqlCommand cmd = new SqlCommand("Insert into TableFIN2013 (User_ID, TOTAL_REVE, INSTRUCTIO, RESEARCH, PUBLIC_SER, ACADEMIC_S, STUDENT_SE, INSTITUTIO, PHYSICAL_P, SCHOLARSHI, AUXILIARY_, HOSPITALS, INDEPENDEN, OTHEREXP, TOTASSETS, TOTLIABILITY, NoNEXPPERMRESASSETS, EXPENDABLE, UNRNETASSETS, TOTALREV, TUITFEES, CURRDEBT, LONGTERMDEBT) values (@User_ID, @TOTAL_REVE, @INSTRUCTIO, @RESEARCH, @PUBLIC_SER, @ACADEMIC_S, @STUDENT_SE, @INSTITUTIO, @PHYSICAL_P, @SCHOLARSHI, @AUXILIARY_, @HOSPITALS, @INDEPENDEN, @OTHEREXP, @TOTASSETS, @TOTLIABILITY, @NoNEXPPERMRESASSETS, @EXPENDABLE, @UNRNETASSETS, @TOTALREV, @TUITFEES, @CURRDEBT, @LONGTERMDEBT)", con);

        cmd.CommandType = CommandType.Text;

        cmd.Parameters.AddWithValue("@User_ID", TextBoxINST_ID.Text);
        cmd.Parameters.AddWithValue("@TOTAL_REVE", TextBoxTROA.Text);
        cmd.Parameters.AddWithValue("@INSTRUCTIO", TextBoxInstr.Text);
        cmd.Parameters.AddWithValue("@RESEARCH", TextBoxRes.Text);
        cmd.Parameters.AddWithValue("@PUBLIC_SER", TextBoxPubS.Text);
        cmd.Parameters.AddWithValue("@ACADEMIC_S", TextBoxAcad.Text);
        cmd.Parameters.AddWithValue("@STUDENT_SE", TextBoxStudS.Text);
        cmd.Parameters.AddWithValue("@INSTITUTIO", TextBoxInstiS.Text);
        cmd.Parameters.AddWithValue("@PHYSICAL_P", TextBoxOperM.Text);
        cmd.Parameters.AddWithValue("@SCHOLARSHI", TextBoxSFEDA.Text);
        cmd.Parameters.AddWithValue("@AUXILIARY_", TextBoxAuxE.Text);
        cmd.Parameters.AddWithValue("@HOSPITALS", TextBoxHosS.Text);
        cmd.Parameters.AddWithValue("@INDEPENDEN", TextBoxIndeO.Text);
        cmd.Parameters.AddWithValue("@OTHEREXP", TextBoxOED.Text);
        cmd.Parameters.AddWithValue("@TOTASSETS", TextBoxTA.Text);
        cmd.Parameters.AddWithValue("@TOTLIABILITY", TextBoxTL.Text);
        cmd.Parameters.AddWithValue("@NoNEXPPERMRESASSETS", TextBoxNPRNA.Text);
        cmd.Parameters.AddWithValue("@EXPENDABLE", TextBoxETRNA.Text);
        cmd.Parameters.AddWithValue("@UNRNETASSETS", TextBoxTUNA.Text);
        cmd.Parameters.AddWithValue("@TOTALREV", TextBoxTR.Text);
        cmd.Parameters.AddWithValue("@TUITFEES", TextBoxTFN.Text);
        cmd.Parameters.AddWithValue("@CURRDEBT", TextBoxCD.Text);
        cmd.Parameters.AddWithValue("@LONGTERMDEBT", TextBoxLTD.Text);

        con.Open();
        cmd.ExecuteNonQuery();
    }

    protected void DropDownListSchool_SelectedIndexChanged1(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
        con.Open();

        SqlConnection con2 = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
        con2.Open();


        SqlCommand scmd = new SqlCommand("Select User_ID from TableCOCINST where User_ID = " + DropDownListSchool.SelectedValue.ToString(), con);
        SqlCommand scmd2 = new SqlCommand("Select User_ID, INSTRUCTIO, RESEARCH, PUBLIC_SER, ACADEMIC_S, STUDENT_SE, INSTITUTIO, PHYSICAL_P, SCHOLARSHI, AUXILIARY_, HOSPITALS, INDEPENDEN, OTHEREXP, TOTASSETS, TOTLIABILITY, NoNEXPPERMRESASSETS, UNRNETASSETS, TOTALREV, TUITFEES, CURRDEBT, LONGTERMDEBT from TableFIN2012 where User_ID = " + DropDownListSchool.SelectedValue.ToString(), con2);
        SqlDataReader dr = scmd.ExecuteReader();
        SqlDataReader dr2 = scmd2.ExecuteReader();
        if (dr.Read())
        if (dr2.Read())
            {

            TextBoxLYInstr.Text = dr2["INSTRUCTIO"].ToString();
            TextBoxLYRes.Text = dr2["RESEARCH"].ToString();
            TextBoxLYPubS.Text = dr2["PUBLIC_SER"].ToString();
            TextBoxLYAcad.Text = dr2["ACADEMIC_S"].ToString();
            TextBoxLYStudS.Text = dr2["STUDENT_SE"].ToString();
            TextBoxLYInstiS.Text = dr2["INSTITUTIO"].ToString();
            TextBoxLYOperM.Text = dr2["PHYSICAL_P"].ToString();
            TextBoxLYSFEDA.Text = dr2["SCHOLARSHI"].ToString();
            TextBoxLYAuxE.Text = dr2["AUXILIARY_"].ToString();
            TextBoxLYHosS.Text = dr2["HOSPITALS"].ToString();
            TextBoxLYIndeO.Text = dr2["INDEPENDEN"].ToString();
            TextBoxLYOED.Text = dr2["OTHEREXP"].ToString();
            TextBoxLYTA.Text = dr2["TOTASSETS"].ToString();
            TextBoxLYTL.Text = dr2["TOTLIABILITY"].ToString();
            TextBoxLYNPRNA.Text = dr2["NoNEXPPERMRESASSETS"].ToString();
            TextBoxLYTUNA.Text = dr2["UNRNETASSETS"].ToString();
            TextBoxLYTR.Text = dr2["TOTALREV"].ToString();
            TextBoxLYTFN.Text = dr2["TUITFEES"].ToString();
            TextBoxLYCD.Text = dr2["CURRDEBT"].ToString();
            TextBoxLYLTD.Text = dr2["LONGTERMDEBT"].ToString();
            TextBoxINST_ID.Text = dr["INST_ID"].ToString();
        
             }
        dr.Close();
        con.Close();
        dr2.Close();
        con2.Close();
        {

        }
    }

}

Posted 7-Oct-13 3:52am

Computer Wiz99

Updated 7-Oct-13 3:54am

v2

Add a Solution

Comments

Prasad Khandekar 7-Oct-13 10:31am

You can put the code to populate the Combobox in Page_Load event handler. I am assuming that the login code is populating the USER_ID in session and that's the one you should be using in where clause of your SQL's. One more suggestion is to use Prepared Statement's instead of using String Concatenation (http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.prepare.aspx). It will protect your app from unwanted SQL Injections.

Computer Wiz99 7-Oct-13 10:38am

Ok. Thanks for the info. I'm not clear on using Prepared Statements instead of using String Concatenation. I looked and read the link you gave but still unclear on where to put this code. Also, Is there a code example for the page load of a logged in user that populates a ddl?

Prasad Khandekar 7-Oct-13 11:04am

Hello Kwesi,

Please have a look at my solution.

Regards,

Computer Wiz99 7-Oct-13 11:06am

Ok. Thanks. On the fillDropDown, I do have to put the ddl name right? I am getting the error: The name 'fillDropdown' does not exist in the current context.

Prasad Khandekar 7-Oct-13 11:34am

Yes change yourDDL to the actual name of your drop down same applies to SQL as well YOUR_TBALE, DISPLAY_FIELD_NAME, VALUE_FIELD_NAME needs to get changed accordingly. The fillDropdown procedure needs to be in the same class.

Regards,

Computer Wiz99 7-Oct-13 11:43am

Ok, Thanks. There is an error for this:

DropDownListSchool.DataSource = dt;

dt has the error: The name 'dt' does not exist in the current context.

Plus, The "DISPLAY_FIELD_NAME" and "VALUE_FIELD_NAME", they will be replaced with "DISPLAY_FIELD_NAME" will have What I want to display and "VALUE_FIELD_NAME" will have the ID value of what is being displayed right? So this will work on a ddl that is already databound?

Prasad Khandekar 8-Oct-13 10:04am

It should be changed to DropDownListSchool.DataSource = table;

Was a typo, really sorry for that.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Prasad Khandekar · Accepted Answer · 2013-10-07T05:03:00

Solution 1

Hello Kwesi,

Here is a small snippet which will show you how it can be done. I am assuming that logged in user's id is available in session via key named USER_ID.

C#

protected void Page_Load(object sender, EventArgs e) {
    ButtonPrint.Attributes.Add("onclick", "window.print(); return false");
    fillDropdown();
}

protected void fillDropdown() {
    String strSQL = "SELECT * FROM YOUR_TABLE WHERE USER_ID = @user_id";
    String strCon = ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString;
    using (DataTable table = new DataTable("YOUR_TABLE")) {
        using (SqlConnection sqlConn = new SqlConnection(strCon)) {
            using (SqlCommand cmd = new SqlCommand()) {
                cmd.CommandText = strSQL;
                cmd.Parameters.Add("@user_id", SqlDbType.VarChar, 20).Value = Session["USER_ID"];
                using (SqlDataAdapter da = new SqlDataAdapter(cmd)) {
                    da.Fill(table); 
                    yourDDL.DataSource = dt;
                    yourDDL.DataTextField = "DISPLAY_FIELD_NAME";
                    yourDDL.DataValueField = "VALUE_FIELD_NAME";
                    yourDDL.DataBind();
                }
            }
        }
    }
}

Regards,

Posted 7-Oct-13 5:03am

Prasad Khandekar

Comments

Computer Wiz99 7-Oct-13 11:30am

Prasad Khandekar, In the section you have: da.Fill(table);
yourDDL.DataSource = dt;
yourDDL.DataTextField = "DISPLAY_FIELD_NAME";
yourDDL.DataValueField = "VALUE_FIELD_NAME";
yourDDL.DataBind();
I am under standing this meaning yourDDL.DataSource is the name of my datasource, youDDL.DataTextField is the name I want to show in the DDL, yourDDL.DataValueField is the ID value of the DDL, yourDDL.DataBind is the ddl name that is bounded to the database. Do I have all of that correct?

Prasad Khandekar 7-Oct-13 11:36am

No, yourDDL is the name of your combobox. Also note that if you are specifying the correct column names for DataTextField and DataValueFields in designer then you can comment those two lines.

Computer Wiz99 7-Oct-13 11:50am

Thanks, what about the dt error?

Computer Wiz99 7-Oct-13 14:53pm

Hello, There is one problem with the code, The ddl is already databound. How do I filter the already databound ddl to only show the data of the logged in user?

Prasad Khandekar 8-Oct-13 10:02am

Hello Kwesi,

This article should help you (http://msdn.microsoft.com/en-us/library/xt50s8kz.ASPX). It has the example showing how parametric queries can be used with DataSource and then use it with say Dropdown control. My example shows how it can be done via code. Since you prefer to do it at design time look no further than the mentioned article.

Regards,

Computer Wiz99 8-Oct-13 10:07am

Ok, Thanks. I have changed my form page now. If you would look at my new question I hope it will explain what I am doing different. The new question is Login User Session data.

Prasad Khandekar 8-Oct-13 10:35am

Hello Kwesi,

Looked at your question. HttpSession is not really associated with a form. ASP.NET uses a cookie to track users. When you try to write something to the session for the first time (Say upon user login) a cookie is sent to the client, something like ASP.NET_SessionId. This cookie is sent by the client on subsequent requests. Thanks to this cookie the server is able to identify the client and write/read the associated session data. It is important to note that this cookie is not persistent (wouldn't survive browser restarts) and is emitted with the HttpOnly flag meaning that client scripts cannot access it. This cookie also has a timeout associated with it and automatically expires after that time.

Regards,