Page Load for a user

Question

0.00/5 (No votes)

See more:

I have a website that is in ASP.NET. I have a username and password. What I am trying to do is to have the user to login and the page will load just for that user profile. I am deleting the dropdownlists from this form and adding labels in place of them. Can a page load get the user data from the database and load it on the page just for that user? Is there a way this can be done?

This is the login:

C#

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;


public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (IsPostBack)
        {
            SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
            con.Open();

            string cmdStr = "select count (*) from TableSecurity where EmailAddress='" + TextBoxEA.Text + "'";
            SqlCommand userExist = new SqlCommand(cmdStr, con);

            int temp = Convert.ToInt32(userExist.ExecuteScalar().ToString());
            con.Close();

            if (temp == 1)

                Response.Write(Label1.Text ="Invalid User Name and Password");
   
        }

    }

    protected void Button1_Click(object sender, EventArgs e)
    {

        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
        con.Open();

        if (IsPostBack)
        {


                Response.Write(Label1.Text = "Invalid User Name and Password");
        }

        if (true)
        {
            SqlCommand level = new SqlCommand("select AccessLevel, Password from TableSecurity where EmailAddress = @EmailAddress AND Password = @Password", con);
            level.Parameters.Add(new SqlParameter("EmailAddress", TextBoxEA.Text));
            level.Parameters.Add(new SqlParameter("Password", TextBoxPW.Text));

            SqlDataReader reader = level.ExecuteReader();
            DataTable dt1 = new DataTable();
            dt1.Load(reader);

            foreach (DataRow dr1 in dt1.Rows)
            {
                int returnedLevel = Convert.ToInt32(dr1[0].ToString());

                if (returnedLevel == 1)
                {
                    Response.Redirect("FormAPublic.aspx");
                }
                else if (returnedLevel == 2)
                {
                    Response.Redirect("FormCPrivateNon.aspx");
                }
                else if (returnedLevel == 3)
                {
                    Response.Redirect("FormDPrivateFor.aspx");
                }
                else if (returnedLevel == 7)
                {
                    Response.Redirect("CEOPage.aspx");
                }
                else if (returnedLevel == 8)
                {
                    Response.Redirect("DBPage.aspx");
                }
            }
        }
        con.Close();
    }
    
}

This is the form that I want load for the user with the user data:

C#

using System;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Drawing;
using System.Text;
using System.Collections.Generic;
using System.Linq;
using System.Configuration;
using System.Drawing.Printing;

public partial class FinancialProfileFormA : System.Web.UI.Page
{

    protected void Page_Load(object sender, EventArgs e)
    {
        ButtonPrint.Attributes.Add("onclick", "window.print(); return false");
    }
    protected void ButtonSubmit_Click(object sender, EventArgs e)
    {

        SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);



        SqlCommand cmd = new SqlCommand("Insert into TableFIN2013 (INST_ID, TOTAL_REVE, INSTRUCTIO, RESEARCH, PUBLIC_SER, ACADEMIC_S, STUDENT_SE, INSTITUTIO, PHYSICAL_P, SCHOLARSHI, AUXILIARY_, HOSPITALS, INDEPENDEN, OTHEREXP, TOTASSETS, TOTLIABILITY, NoNEXPPERMRESASSETS, EXPENDABLE, UNRNETASSETS, TOTALREV, TUITFEES, CURRDEBT, LONGTERMDEBT) values (@INST_ID, @TOTAL_REVE, @INSTRUCTIO, @RESEARCH, @PUBLIC_SER, @ACADEMIC_S, @STUDENT_SE, @INSTITUTIO, @PHYSICAL_P, @SCHOLARSHI, @AUXILIARY_, @HOSPITALS, @INDEPENDEN, @OTHEREXP, @TOTASSETS, @TOTLIABILITY, @NoNEXPPERMRESASSETS, @EXPENDABLE, @UNRNETASSETS, @TOTALREV, @TUITFEES, @CURRDEBT, @LONGTERMDEBT)", con);
        
        cmd.CommandType = CommandType.Text;

        cmd.Parameters.AddWithValue("@INST_ID", TextBoxINST_ID.Text);
        cmd.Parameters.AddWithValue("@TOTAL_REVE", TextBoxTROA.Text);
        cmd.Parameters.AddWithValue("@INSTRUCTIO", TextBoxInstr.Text);
        cmd.Parameters.AddWithValue("@RESEARCH", TextBoxRes.Text);
        cmd.Parameters.AddWithValue("@PUBLIC_SER", TextBoxPubS.Text);
        cmd.Parameters.AddWithValue("@ACADEMIC_S", TextBoxAcad.Text);
        cmd.Parameters.AddWithValue("@STUDENT_SE", TextBoxStudS.Text);
        cmd.Parameters.AddWithValue("@INSTITUTIO", TextBoxInstiS.Text);
        cmd.Parameters.AddWithValue("@PHYSICAL_P", TextBoxOperM.Text);
        cmd.Parameters.AddWithValue("@SCHOLARSHI", TextBoxSFEDA.Text);
        cmd.Parameters.AddWithValue("@AUXILIARY_", TextBoxAuxE.Text);
        cmd.Parameters.AddWithValue("@HOSPITALS", TextBoxHosS.Text);
        cmd.Parameters.AddWithValue("@INDEPENDEN", TextBoxIndeO.Text);
        cmd.Parameters.AddWithValue("@OTHEREXP", TextBoxOED.Text);
        cmd.Parameters.AddWithValue("@TOTASSETS", TextBoxTA.Text);
        cmd.Parameters.AddWithValue("@TOTLIABILITY", TextBoxTL.Text);
        cmd.Parameters.AddWithValue("@NoNEXPPERMRESASSETS", TextBoxNPRNA.Text);
        cmd.Parameters.AddWithValue("@EXPENDABLE", TextBoxETRNA.Text);
        cmd.Parameters.AddWithValue("@UNRNETASSETS", TextBoxTUNA.Text);
        cmd.Parameters.AddWithValue("@TOTALREV", TextBoxTR.Text);
        cmd.Parameters.AddWithValue("@TUITFEES", TextBoxTFN.Text);
        cmd.Parameters.AddWithValue("@CURRDEBT", TextBoxCD.Text);
        cmd.Parameters.AddWithValue("@LONGTERMDEBT", TextBoxLTD.Text);

        con.Open();
        cmd.ExecuteNonQuery();
        }

   protected void DropDownListSchool_SelectedIndexChanged1(object sender, EventArgs e)
   {
       SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
       con.Open();

       SqlCommand scmd = new SqlCommand("Select INST_ID, CITY, STATE from TableCOCINST where INST_ID = " + DropDownListSchool.SelectedValue.ToString(), con);
       SqlDataReader dr = scmd.ExecuteReader();
       if (dr.Read())
       {
           TextBoxCity.Text = dr["CITY"].ToString();
           TextBoxState.Text = dr["STATE"].ToString();
           TextBoxINST_ID.Text = dr["INST_ID"].ToString();
       }
       
       
       dr.Close();
       con.Close();

   }  
   protected void  DropDownListYear_SelectedIndexChanged(object sender, EventArgs e)
{
       SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["PasswordConnectionString"].ConnectionString);
       con.Open();
       SqlCommand scmd = new SqlCommand("Select INST_ID, INSTRUCTIO, RESEARCH, PUBLIC_SER, ACADEMIC_S, STUDENT_SE, INSTITUTIO, PHYSICAL_P, SCHOLARSHI, AUXILIARY_, HOSPITALS, INDEPENDEN, OTHEREXP, TOTASSETS, TOTLIABILITY, NoNEXPPERMRESASSETS, UNRNETASSETS, TOTALREV, TUITFEES, CURRDEBT, LONGTERMDEBT from TableFIN2012 where INST_ID = " + DropDownListYear.SelectedValue.ToString(), con);
       SqlDataReader dr = scmd.ExecuteReader();
       if (dr.Read())
       {
           TextBoxLYInstr.Text = dr["INSTRUCTIO"].ToString();
           TextBoxLYRes.Text = dr["RESEARCH"].ToString();
           TextBoxLYPubS.Text = dr["PUBLIC_SER"].ToString();
           TextBoxLYAcad.Text = dr["ACADEMIC_S"].ToString();
           TextBoxLYStudS.Text = dr["STUDENT_SE"].ToString();
           TextBoxLYInstiS.Text = dr["INSTITUTIO"].ToString();
           TextBoxLYOperM.Text = dr["PHYSICAL_P"].ToString();
           TextBoxLYSFEDA.Text = dr["SCHOLARSHI"].ToString();
           TextBoxLYAuxE.Text = dr["AUXILIARY_"].ToString();
           TextBoxLYHosS.Text = dr["HOSPITALS"].ToString();
           TextBoxLYIndeO.Text = dr["INDEPENDEN"].ToString();
           TextBoxLYOED.Text = dr["OTHEREXP"].ToString();
           TextBoxLYTA.Text = dr["TOTASSETS"].ToString();
           TextBoxLYTL.Text = dr["TOTLIABILITY"].ToString();
           TextBoxLYNPRNA.Text = dr["NoNEXPPERMRESASSETS"].ToString();
           TextBoxLYTUNA.Text = dr["UNRNETASSETS"].ToString();
           TextBoxLYTR.Text = dr["TOTALREV"].ToString();
           TextBoxLYTFN.Text = dr["TUITFEES"].ToString();
           TextBoxLYCD.Text = dr["CURRDEBT"].ToString();
           TextBoxLYLTD.Text = dr["LONGTERMDEBT"].ToString();

               
       }
       dr.Close();
       con.Close();
}
}

Posted 2-Oct-13 5:08am

Computer Wiz99

Add a Solution

Comments

ZurdoDev 2-Oct-13 11:09am

Yes, of course. Where are you stuck?

Computer Wiz99 2-Oct-13 11:16am

Ok. I am stuck on the user login. When the user logs in to the site, how can I get the user profile to load on all the form pages after the login? They can login now and they will have to find their data by clicking the dropdownlist I have in place but that also leaves it open for the user to see all of the other user data. I just want the current logged in user to see his data on all the forms.

ZurdoDev 2-Oct-13 11:36am

Just filter it down. In your SQL only select the data you want to see based on the user.

Computer Wiz99 2-Oct-13 15:23pm

Is there an example of a page load code for a user? I have like 8 users in my user profile. Four are owners and the other are co-owners. They all have an ID number, first name, last name and email address. Is there a code example on how to page load a form depending on the user login and ID number?

ZurdoDev 2-Oct-13 15:29pm

This is so trivial so I am not sure where you are stuck. Many web apps all use the userid when they query the database. Just store the userid in a session variable and then use it wherever you need.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Govindaraj Rangaraj · Accepted Answer · 2013-10-02T05:44:00

You have to think about using Forms authentication.
http://msdn.microsoft.com/en-us/library/xdt4thhy%28v=vs.100%29.aspx[^]

With this in place you can access the user as

C#

HttpContext.Current.User.Identity.Name

Use this data in any form to filter user specific data. As RyanDev suggested you have to filter out your SQL accordingly.