CODEWITHSUNDEEP
c#asp.netcookiestexttextbox
Transmutive Daisies
Transmutive Daisies

Reputation: 51

Why do ASP Textboxes sometimes show different text values than what's on screen?

I created a 'Remember me' option on an ASP site and the client said they also wanted it to show the login name in the user field even after they press 'logout'. It works as long as I don't ever use a different login name again. Once I assign the value to the text box in the code behind, even if I manually type a new value the old value is what is used.

Example:

  1. I type a user/password (eg. User1), click 'Remember me' and login successfully.
  2. I log out and am redirected back to the login page. On the page_load event, it detects that there is a valid cookie with the user name stored (User1) and it reads the value and sets the text field.
  3. I change the login to something else (eg. User2) and it fails saying invalid user/password. Weird.
  4. I check the data and it is using the old text field (User1). I try another (eg. User3) and press login. It fails and when I check the Text property, it still says User1 even though on screen it says User3.

No matter what I do, it will not change once I set it in the codebehind file. It's almost as if once the text field is set, it cannot be changed. This is not right, but I have no good explanation for it.

Here is the code in question:

Page load:

protected void Page_Load(object sender, EventArgs e)
{

    if (Request.ServerVariables["AUTH_USER"] != null && !Request.ServerVariables["AUTH_USER"].Equals(""))
    {
        login.Visible = false;
        logout.Visible = true;

        btnLogout.Text = "Logout " + Request.ServerVariables["AUTH_USER"];
    }
    else
    {
        login.Visible = true;
        logout.Visible = false;


        CheckLoginCookie();           
    }

}

Code to set the cookie:

private void SaveLoginCookie()
    {
        try
        {

            Response.Cookies["KYSUSR"].Value = txtLoginUsername.Text.Trim();
            Response.Cookies["KYSUSR"].Expires = DateTime.Today.AddMonths(6);

        }
        catch (Exception ex)
        {
            ExceptionHandling.SendErrorReport(this, ex);
        }
    }

Code to load the cookie:

   private void CheckLoginCookie()
    {
        try
        {            
            if (Request.Browser.Cookies)
            {
                if (Request.Cookies["KYSUSR"] != null && Request.Cookies["KSYFOR"] != null)
                {
                    // logged in as remember
                    if (Request.Cookies["KYSFOR"].Value == "R")
                        txtLoginUsername.Text = Request.Cookies["KYSUSR"].Value;
                    // once set here, the Text property never changes regardless of what is entered into it

                }                
            }            
        }
        catch (Exception ex)
        {
            ExceptionHandling.SendErrorReport(this, ex);
        }
    }

Code to do the login:

protected void btnLogin_Click(object sender, EventArgs e)
    {
        try
        {
            String user = txtLoginUsername.Text.Trim();

            if (chkSaveUser.Checked)
                SaveLoginCookie();
            else
            {
                // set cookie as expired so browser will clear it
                Response.Cookies["KYSUSR"].Expires = DateTime.Today.AddDays(-1);                
            }

            if (CheckLogin(user, txtLoginPassword.Text))
            {
                if (chkSaveUser.Checked)
                {                    
                    FormsAuthentication.SetAuthCookie(user, true);                    
                }

                FormsAuthentication.RedirectFromLoginPage(txtLoginUsername.Text.Trim(), false);
            }
        }
        catch (Exception ex)
        {
            ExceptionHandling.SendErrorReport(this, ex);            
        }
    }

Why would the Text property not change?

Upvotes: 2

Views: 1053

Answers (1)

Sean Vieira
Sean Vieira

Reputation: 159905

The issue is that you don't check if you are in a postback in your Page_Load method - which means even when the user puts something else in the txtLoginUsername Textbox it is overridden by CheckLoginCookie.

protected void Page_Load(object sender, EventArgs e)
{

    if (Request.ServerVariables["AUTH_USER"] != null
        && !Request.ServerVariables["AUTH_USER"].Equals(""))
    {
        login.Visible = false;
        logout.Visible = true;

        btnLogout.Text = "Logout " + Request.ServerVariables["AUTH_USER"];
    }
    else
    {
        login.Visible = true;
        logout.Visible = false;

        // Only check the login cookie if we are not dealing with a form submission.
        if (!Page.IsPostBack)
        {
            CheckLoginCookie();
        }
    }
}

Upvotes: 3

Related Questions