Reputation: 95
Asp.net Session Variable from SQL DB
I created a custom login page using Forms Authentication and using a sQL DB to store user data. I am able to create a session variable from the username, but wondering if it is possible to pull a separate field and create a session variable based on that. I would like the session variable to be based off a SalesNumber a 5 digit decimal field. Please give me any comments or suggestions.
cmd = new SqlCommand("Select pwd,SalesNumber from users where uname=@userName", conn);
cmd.Parameters.Add("@userName", System.Data.SqlDbType.VarChar, 25);
cmd.Parameters["@userName"].Value = userName;
Session["userName"] = userName;
Thanks....
Upvotes: 2
Views: 6033
Answers (3)
Reputation: 13497
Also keep in mind you can store an entire object in the session instead of seperate variables:
UserObject user = DAL.GetUserObject(userName);
Session["CurrentUser"] = user;
// Later...
UserObject user = Session["CurrentUser"] as UserObject;
// ...
To add on, you could wrap it in a nice property:
private UserObject CurrentUser
{
get
{
return this.Session["CurrentUser"] as UserObject;
}
set
{
this.Session["CurrentUser"] = value;
}
}
Upvotes: 1
Reputation: 75073
in your DAL just create your Login sequence like:
public bool LoginUser(String username, String password)
{
bool r = false;
using (SqlConnection cn = new SqlConnection(ConfigurationManager.ConnectionStrings["DBConn"].ConnectionString))
{
using(SqlCommand cm = new SqlCommand())
{
cm.Connection = cn;
cm.CommandType = CommandType.Text;
cm.CommandText = "SELECT Name, SalesNumber FROM users WHERE uname = @username AND pwd = @password;";
cm.Parameters.AddWithValue("@username", username);
cm.Parameters.AddWithValue("@password", password);
cn.Open();
SqlDataReader dr = cm.ExecuteReader();
if (dr.HasRows)
{
// user exists
HttpContext.Current.Session["SalesNumber"] = dr["SalesNumber"].ToString();
HttpContext.Current.Session["Username"] = username;
HttpContext.Current.Session["Name"] = dr["Name"].ToString();
r = true;
}
else
{
// Clear all sessions
HttpContext.Current.Session["SalesNumber"] = "";
HttpContext.Current.Session["Username"] = "";
HttpContext.Current.Session["Name"] = "";
}
}
}
return r;
}
from your code, in the login button click event just add
if (dalLogin.LoginUser(TextBoxUsername.Text.Trim(), TextBoxPassword.text.Trim()))
{
// User logged in sucessfuly
// all sessions are available
Response.Redirect("homepage.aspx");
}
else
{
// Username and password did not match! show error
}
Upvotes: 1
Reputation: 210
When you get the SalesNumber from your database query, just use
Session["SalesNumber"] = <the value of the SalesNumber column from the query>
Or is there something else I'm missing in the question...?
Upvotes: 1
Related Questions
- Query SQL Server using session variable
- How to stored Session Variable in a separate variable
- how to use session variable in asp using c#
- Session variable as a SqlParameter
- How to store the result of SQL query in Session Variable using ASP.NET C# to use it later
- using session variable within sql query
- How to pass session value in a query from .aspx code?
- using session variable in aspx page in sql query
- session variable asp.net
- using sessions variable