Login on Different Levels

Question

0.00/5 (No votes)

See more:

Hello. I am trying to find out how to write the code to finish my levels. What is going on is that on the Login page I have to program to get the username and password from a table in order to have the user to login. That part works. Now I want to login depending on the user levels. If the user is a Level1 then the page redirects to a Welcome page for that user. If the user is a Level2 then the user goes to that page. Here is the code I have:

C#

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;



public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }

    protected void Button1_Click(object sender, EventArgs e)
    {

        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["PassConnectionString"].ConnectionString);
        con.Open();

        string cmdStr = "select count(*) from TableSecurity where EmailAddress= '" + TextBoxEA.Text + "'";
        SqlCommand Checkuser = new SqlCommand(cmdStr, con);
        int temp = Convert.ToInt32(Checkuser.ExecuteScalar().ToString());
        if (temp == 1)
        {
            string cmdStr3 = "select Level from TableSecurity where EmailAddress= '" + TextBoxEA.Text + "'";

            SqlCommand level = new SqlCommand(cmdStr3, con);

            SqlDataReader reader = level.ExecuteReader();
            DataTable dt1 = new DataTable();
            dt1.Load(reader);

            foreach (DataRow dr1 in dt1.Rows)
            {
                int returnedLevel = Convert.ToInt32(dr1[0].ToString());
                if (returnedLevel == 1)
                {
                    Response.Redirect("~/Secure.aspx");
                }

                else if (returnedLevel == 2)
                {
                    Response.Redirect("~/WelcomeIALO.aspx");
                }
            }
        }
        con.Close();
    }
}

Posted 1-May-13 5:31am

Computer Wiz99

Updated 1-May-13 10:05am

v10

Add a Solution

Comments

Richard C Bishop 1-May-13 11:32am

What is the problem? Also, please start using <pre></pre> tags around your code in order to make it readable.

Computer Wiz99 1-May-13 12:02pm

Ok I will start using those tags. I the problem is the last part where the if else statement is, based on the level within the Security Table I wanted to redirect that user to his welcome page. And the same with the other user.

Richard C Bishop 1-May-13 12:09pm

It looks like you are on the right track. A problem I do see is that you are not loading the data from your select statement into a datatable. Add this:

SqlDataReader reader = level.ExecuteReader();
DataTable dt1 = new DataTable();
dt1.Load(reader);

Then get the row with the "level" in it and check that before redirecting.

Computer Wiz99 1-May-13 12:13pm

Ok Thanks. Do I need to put the reader before the if statement or before the string cmdStr2?

Richard C Bishop 1-May-13 12:15pm

After both but before closing the connection.

Computer Wiz99 1-May-13 12:18pm

Where you have:
DataTable dt1 = new DataTable();
dt1.Load(reader);

I just have to replace DataTable with the name of my datatable?

Richard C Bishop 1-May-13 12:22pm

No, DataTable is a class and dt1 is the object instance. The results from your select statement will be loaded into dt1. Then you will get the row from dt1 and check its value for your redirecting. It will look like this:

foreach(DataRow dr1 in dt1.Rows)
{
if(dr1[0].ToString() == "whatever")
{
}
else if(dr1[0].ToString() == "whatever else")
{
}
}

Computer Wiz99 1-May-13 12:28pm

Ok. That is what I need to put after the SqlDataReader.

Richard C Bishop 1-May-13 12:30pm

Yes. The "whatever"'s will be replaced with the value you are checking for.

Computer Wiz99 1-May-13 12:37pm

Ok. Thanks.

Richard C Bishop 1-May-13 12:38pm

You are welcome. Also, the redirecting will take place inside the if statements inside the foreach.

Computer Wiz99 1-May-13 12:44pm

Ok. I got it. I have error in that statement. DataTable and Else. They both have the red line under them. Plus Where you have "whatever" and "whatever else", I just have to put the value of what the level is right?

Richard C Bishop 1-May-13 12:49pm

Yes, replace "whatever" with your level. What error are you getting under them?

Computer Wiz99 1-May-13 13:43pm

I am getting:
The type or namespace name 'DataTable' could not be found (are you missing a using directive or an assembly reference?)

Computer Wiz99 1-May-13 13:43pm

For the else I get:
Invalid expression term 'else'

Richard C Bishop 1-May-13 14:00pm

Can you use the "Improve question" widget to add what you are using as your code right now? Just post it below what is already there so I can compare the two.

Richard C Bishop 1-May-13 13:59pm

For that add this to the top of the .cs file:

using System.Data;

Computer Wiz99 1-May-13 14:04pm

Ok. That took car of that. What about the dt1 , else and dr1 errors

dt1 error: The name 'dt1' does not exist in the current context
Else error: Invalid expression term 'else'
dr1 error: The name 'd21' does not exist in the current context

Richard C Bishop 1-May-13 14:06pm

Can you use the "Improve question" widget to add what you are using as your code right now? Just post it below what is already there so I can compare the two.

Computer Wiz99 1-May-13 14:08pm

Ok.

Richard C Bishop 1-May-13 14:14pm

Ok, I made changes to the code you posted below your original code. Use that instead of what it was. Just copy and paste it.

Computer Wiz99 1-May-13 14:19pm

Ok. Thanks. No errors. Lets see if it works right with my other code.

Richard C Bishop 1-May-13 14:22pm

Ok, I am going to post the code I gave you as the answer. Please accept it as your solution if it does indeed work.

Computer Wiz99 1-May-13 14:30pm

Ok. This is what has happen. I ran the code you redid for me and put in my username and password. I clicked on login and the fields go clear and stays on the same page. What did we or I do wrong?

Computer Wiz99 1-May-13 14:32pm

The new code has been updated.

Richard C Bishop 1-May-13 14:34pm

Let me ask you this, what is the datatype of "level" in your database?

Computer Wiz99 1-May-13 14:35pm

numeric(18,0) Allow Nulls

Richard C Bishop 1-May-13 14:37pm

Check my updated solution, that should help.

Computer Wiz99 1-May-13 14:44pm

Ok. I am running it again.

Computer Wiz99 1-May-13 14:45pm

Samething. The textboxes just get cleared.

Richard C Bishop 1-May-13 14:48pm

Ok, do this. Put a break point next to the foreach loop. Debug the porgram and tell me if the line ever gets reached.

Computer Wiz99 1-May-13 14:55pm

I debugged it with the breakpoint and it turns yellow. I get this message:
At Login.aspx.cs, line 41 character 13 ('Login.Button1_Click(object, System.EventArgs)') in process 'WebDev.WebServer40.EXE'

Richard C Bishop 1-May-13 15:01pm

Copy and paste that message into google and see what it brings up. That is not something any of that code would cause.

Computer Wiz99 1-May-13 15:04pm

I just posted the updated code of what I did so you can compare.

Richard C Bishop 1-May-13 15:07pm

View my updated solution again. I added "~/" to the pages you are trying to redirect to.

Computer Wiz99 1-May-13 15:14pm

Still the samething. Can you you at my code again that I just updated to see if I have anything wrong?

Richard C Bishop 1-May-13 15:19pm

You changed your select statement and are not using the proper method with your sqlcommand.

Computer Wiz99 1-May-13 15:20pm

I changed it back and the samething happened again.

Richard C Bishop 1-May-13 15:25pm

Look at my updated solution. Copy and paste all of that onto your page. I removed the password stuff because it was not accomplishing anything. If you need to have it check the password, that will require something different.

Computer Wiz99 1-May-13 15:36pm

Ok. Checkuser.ExecuteScalar(); has an error.

Cannot implicitly convert type 'object' to 'int'. An explicit conversion exists (are you missing a cast?)

Richard C Bishop 1-May-13 15:41pm

See my update. I was confusing .ExecuteScalr with .ExecuteNonQuery

Computer Wiz99 1-May-13 15:46pm

Ok. I changed one thing in your code that was wrong. Convert.TpInt32(Checkuser.ExecuteScalar().

I changed it to:
Convert.ToInt32(Checkuser.ExecuteScalar().

Computer Wiz99 1-May-13 15:46pm

Testing now.

Richard C Bishop 1-May-13 15:47pm

Thank you. Did it work now?

Computer Wiz99 1-May-13 15:49pm

Incorrect syntax near

Line 33: SqlDataReader reader = level.ExecuteReader();

Richard C Bishop 1-May-13 15:54pm

Add an "=" after the EmailAddress in the select statement at the bottom.

Computer Wiz99 1-May-13 15:58pm

Well, the samethings happens to the textboxs. Click on reply on the question I had about 36 min ago.

Computer Wiz99 1-May-13 15:24pm

Why are our textboxes getting smaller?

Computer Wiz99 1-May-13 15:59pm

Now I can type better.

Richard C Bishop 1-May-13 16:03pm

We are going to get this. Ok, use the "Improve question" widget again and add the exact code you are using now. Erase everything else and just post what you have now.

Richard C Bishop 1-May-13 16:08pm

Ok, are the values in your database "1" and "2" for the levels?

Computer Wiz99 1-May-13 16:12pm

Yes they are. Do I need to change them?

Richard C Bishop 1-May-13 16:16pm

No that is fine. Ok, debug the app and set a break point on "returnedLevel". Tell me what value it is assigned.

Computer Wiz99 1-May-13 16:22pm

int returnedLevel = Convert.ToInt32(dr1[0].ToString());

returnedLevel 0

Should I change the 0 to a 1 in dr1[0]?

Richard C Bishop 1-May-13 16:25pm

No, that should be fine. Can you post the structure and contents of your table in the database below your code please?

Computer Wiz99 1-May-13 16:26pm

ok.

Computer Wiz99 1-May-13 16:32pm

I will be back. Blood sugar is low. Have to eat something. Are you going to be here in an hour?

Richard C Bishop 1-May-13 16:35pm

Should be.

Computer Wiz99 2-May-13 8:01am

Greetings. Any thing new?

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sergey Alexandrovich Kryukov · Accepted Answer · 2013-05-01T07:24:00

Solution 1

Perhaps you first need to study the subject using this tutorial: http://www.asp.net/web-forms/tutorials/security/roles/role-based-authorization-cs[^].

—SA

Posted 1-May-13 7:24am

Sergey Alexandrovich Kryukov

Comments

Computer Wiz99 1-May-13 13:55pm

Ok. That is good info, ---SA, but I am doing it kind of different.

Sergey Alexandrovich Kryukov 1-May-13 13:58pm

I can understand that. Thought it could be useful anyway, at least to get the ideas...
—SA

Computer Wiz99 1-May-13 14:36pm

Yeah, you right. Thanks again.

Richard C Bishop · Accepted Answer · 2013-05-01T08:24:00

Here is the code you need to add/alter in order for it to work:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
 
public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
 
    }
 
    protected void Button1_Click(object sender, EventArgs e)
    {
 
        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["PassConnectionString"].ConnectionString);
        con.Open();
 
        string cmdStr = "select count(*) from TableSecurity where EmailAddress= '" + TextBoxEA.Text + "'";
        SqlCommand Checkuser = new SqlCommand(cmdStr, con);
        int temp = Convert.ToInt32(Checkuser.ExecuteScalar().ToString());
        if (temp == 1)
        { 
            con.Close();
            string cmdStr3 = "select Level from TableSecurity where EmailAddress= '" +        TextBoxEA.Text + "'";
            con.Open();
            SqlCommand level = new SqlCommand(cmdStr3, con);
             
            SqlDataReader reader = level.ExecuteReader(); 
            DataTable dt1 = new DataTable(); 
            dt1.Load(reader);
 
            foreach(DataRow dr1 in dt1.Rows) 
            { 
                int returnedLevel = Convert.ToInt32(dr1[0].ToString());
                if(returnedLevel == 1) 
                {
                    Response.Redirect("~/Secure.aspx");
                }
            
                else if(returnedLevel == 2) 
                {                
                Response.Redirect("~/WelcomeIALO.aspx");
                }
            }
        }
       con.Close();
     }