I have a website that is in ASP.NET. I have a username and password. What I am trying to do is to have the user to login and the page will load just for that user profile. I am deleting the dropdownlists from this form and adding labels in place of them. Can a page load get the user data from the database and load it on the page just for that user? Is there a way this can be done?
This is the login:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
public partial class Login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
con.Open();
string cmdStr = "select count (*) from TableSecurity where EmailAddress='" + TextBoxEA.Text + "'";
SqlCommand userExist = new SqlCommand(cmdStr, con);
int temp = Convert.ToInt32(userExist.ExecuteScalar().ToString());
con.Close();
if (temp == 1)
Response.Write(Label1.Text ="Invalid User Name and Password");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
con.Open();
if (IsPostBack)
{
Response.Write(Label1.Text = "Invalid User Name and Password");
}
if (true)
{
SqlCommand level = new SqlCommand("select AccessLevel, Password from TableSecurity where EmailAddress = @EmailAddress AND Password = @Password", con);
level.Parameters.Add(new SqlParameter("EmailAddress", TextBoxEA.Text));
level.Parameters.Add(new SqlParameter("Password", TextBoxPW.Text));
SqlDataReader reader = level.ExecuteReader();
DataTable dt1 = new DataTable();
dt1.Load(reader);
foreach (DataRow dr1 in dt1.Rows)
{
int returnedLevel = Convert.ToInt32(dr1[0].ToString());
if (returnedLevel == 1)
{
Response.Redirect("FormAPublic.aspx");
}
else if (returnedLevel == 2)
{
Response.Redirect("FormCPrivateNon.aspx");
}
else if (returnedLevel == 3)
{
Response.Redirect("FormDPrivateFor.aspx");
}
else if (returnedLevel == 7)
{
Response.Redirect("CEOPage.aspx");
}
else if (returnedLevel == 8)
{
Response.Redirect("DBPage.aspx");
}
}
}
con.Close();
}
}
This is the form that I want load for the user with the user data:
using System;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Drawing;
using System.Text;
using System.Collections.Generic;
using System.Linq;
using System.Configuration;
using System.Drawing.Printing;
public partial class FinancialProfileFormA : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
ButtonPrint.Attributes.Add("onclick", "window.print(); return false");
}
protected void ButtonSubmit_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
SqlCommand cmd = new SqlCommand("Insert into TableFIN2013 (INST_ID, TOTAL_REVE, INSTRUCTIO, RESEARCH, PUBLIC_SER, ACADEMIC_S, STUDENT_SE, INSTITUTIO, PHYSICAL_P, SCHOLARSHI, AUXILIARY_, HOSPITALS, INDEPENDEN, OTHEREXP, TOTASSETS, TOTLIABILITY, NoNEXPPERMRESASSETS, EXPENDABLE, UNRNETASSETS, TOTALREV, TUITFEES, CURRDEBT, LONGTERMDEBT) values (@INST_ID, @TOTAL_REVE, @INSTRUCTIO, @RESEARCH, @PUBLIC_SER, @ACADEMIC_S, @STUDENT_SE, @INSTITUTIO, @PHYSICAL_P, @SCHOLARSHI, @AUXILIARY_, @HOSPITALS, @INDEPENDEN, @OTHEREXP, @TOTASSETS, @TOTLIABILITY, @NoNEXPPERMRESASSETS, @EXPENDABLE, @UNRNETASSETS, @TOTALREV, @TUITFEES, @CURRDEBT, @LONGTERMDEBT)", con);
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@INST_ID", TextBoxINST_ID.Text);
cmd.Parameters.AddWithValue("@TOTAL_REVE", TextBoxTROA.Text);
cmd.Parameters.AddWithValue("@INSTRUCTIO", TextBoxInstr.Text);
cmd.Parameters.AddWithValue("@RESEARCH", TextBoxRes.Text);
cmd.Parameters.AddWithValue("@PUBLIC_SER", TextBoxPubS.Text);
cmd.Parameters.AddWithValue("@ACADEMIC_S", TextBoxAcad.Text);
cmd.Parameters.AddWithValue("@STUDENT_SE", TextBoxStudS.Text);
cmd.Parameters.AddWithValue("@INSTITUTIO", TextBoxInstiS.Text);
cmd.Parameters.AddWithValue("@PHYSICAL_P", TextBoxOperM.Text);
cmd.Parameters.AddWithValue("@SCHOLARSHI", TextBoxSFEDA.Text);
cmd.Parameters.AddWithValue("@AUXILIARY_", TextBoxAuxE.Text);
cmd.Parameters.AddWithValue("@HOSPITALS", TextBoxHosS.Text);
cmd.Parameters.AddWithValue("@INDEPENDEN", TextBoxIndeO.Text);
cmd.Parameters.AddWithValue("@OTHEREXP", TextBoxOED.Text);
cmd.Parameters.AddWithValue("@TOTASSETS", TextBoxTA.Text);
cmd.Parameters.AddWithValue("@TOTLIABILITY", TextBoxTL.Text);
cmd.Parameters.AddWithValue("@NoNEXPPERMRESASSETS", TextBoxNPRNA.Text);
cmd.Parameters.AddWithValue("@EXPENDABLE", TextBoxETRNA.Text);
cmd.Parameters.AddWithValue("@UNRNETASSETS", TextBoxTUNA.Text);
cmd.Parameters.AddWithValue("@TOTALREV", TextBoxTR.Text);
cmd.Parameters.AddWithValue("@TUITFEES", TextBoxTFN.Text);
cmd.Parameters.AddWithValue("@CURRDEBT", TextBoxCD.Text);
cmd.Parameters.AddWithValue("@LONGTERMDEBT", TextBoxLTD.Text);
con.Open();
cmd.ExecuteNonQuery();
}
protected void DropDownListSchool_SelectedIndexChanged1(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
con.Open();
SqlCommand scmd = new SqlCommand("Select INST_ID, CITY, STATE from TableCOCINST where INST_ID = " + DropDownListSchool.SelectedValue.ToString(), con);
SqlDataReader dr = scmd.ExecuteReader();
if (dr.Read())
{
TextBoxCity.Text = dr["CITY"].ToString();
TextBoxState.Text = dr["STATE"].ToString();
TextBoxINST_ID.Text = dr["INST_ID"].ToString();
}
dr.Close();
con.Close();
}
protected void DropDownListYear_SelectedIndexChanged(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
con.Open();
SqlCommand scmd = new SqlCommand("Select INST_ID, INSTRUCTIO, RESEARCH, PUBLIC_SER, ACADEMIC_S, STUDENT_SE, INSTITUTIO, PHYSICAL_P, SCHOLARSHI, AUXILIARY_, HOSPITALS, INDEPENDEN, OTHEREXP, TOTASSETS, TOTLIABILITY, NoNEXPPERMRESASSETS, UNRNETASSETS, TOTALREV, TUITFEES, CURRDEBT, LONGTERMDEBT from TableFIN2012 where INST_ID = " + DropDownListYear.SelectedValue.ToString(), con);
SqlDataReader dr = scmd.ExecuteReader();
if (dr.Read())
{
TextBoxLYInstr.Text = dr["INSTRUCTIO"].ToString();
TextBoxLYRes.Text = dr["RESEARCH"].ToString();
TextBoxLYPubS.Text = dr["PUBLIC_SER"].ToString();
TextBoxLYAcad.Text = dr["ACADEMIC_S"].ToString();
TextBoxLYStudS.Text = dr["STUDENT_SE"].ToString();
TextBoxLYInstiS.Text = dr["INSTITUTIO"].ToString();
TextBoxLYOperM.Text = dr["PHYSICAL_P"].ToString();
TextBoxLYSFEDA.Text = dr["SCHOLARSHI"].ToString();
TextBoxLYAuxE.Text = dr["AUXILIARY_"].ToString();
TextBoxLYHosS.Text = dr["HOSPITALS"].ToString();
TextBoxLYIndeO.Text = dr["INDEPENDEN"].ToString();
TextBoxLYOED.Text = dr["OTHEREXP"].ToString();
TextBoxLYTA.Text = dr["TOTASSETS"].ToString();
TextBoxLYTL.Text = dr["TOTLIABILITY"].ToString();
TextBoxLYNPRNA.Text = dr["NoNEXPPERMRESASSETS"].ToString();
TextBoxLYTUNA.Text = dr["UNRNETASSETS"].ToString();
TextBoxLYTR.Text = dr["TOTALREV"].ToString();
TextBoxLYTFN.Text = dr["TUITFEES"].ToString();
TextBoxLYCD.Text = dr["CURRDEBT"].ToString();
TextBoxLYLTD.Text = dr["LONGTERMDEBT"].ToString();
}
dr.Close();
con.Close();
}
}