Hello guys, I have created a login page and it works perfect. My database table has columns username, password,Role,email,agencyID. Based on the value of column "Role" I want to show different pages after login. Every username has a role specified in database
and if role equals agency then that user has Unique AgencyID
Here is my idea with code .
Ex : if role of user is agency , then page should fetch agencyID as follows
My current code for login without any division of users.
//code behind
protected void btnLogIn_Click(object sender, EventArgs e)
{
//Create Connection String And SQL Statement
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
string strSelect = "SELECT COUNT(*) FROM tblUsers WHERE UserName = @Username AND Password = @Password";
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandType = CommandType.Text;
cmd.CommandText = strSelect;
SqlParameter username = new SqlParameter("@Username", SqlDbType.VarChar, 50);
username.Value = txtUserName.Text.Trim().ToString();
cmd.Parameters.Add(username);
SqlParameter password = new SqlParameter("@Password", SqlDbType.VarChar, 50);
password.Value = txtPwd.Text.Trim().ToString();
cmd.Parameters.Add(password);
con.Open();
int result = (Int32)cmd.ExecuteScalar();
con.Close();
if (result >= 1)
{
Session["userName"] = txtUserName.Text.ToString().Trim();
Response.Redirect("Home.aspx");
}
else
lblMsg.Text = "Incorrect Username or Password";
}
I would like to have my login control as above mentioned Session["role"]. How can I embedd my idea in this code by authenticating username and password. Please help me
It would be bad idea to hard code the logic of redirection in code behind. If in future you required to change the redirection logic then you would have to make the changes in the code and redeploy your application. You can make this configurable. You can
configure the role and its page url in web.config <appsettings> section. This will give you more control on your logic and will make your application more scalable.
For e.g.
<appsettings>
<add key="agency" value="home.aspx"
</appsettings>
OR you can save the page URL in the same table that you are saving role information.
You can use the separate table for role like following fields RoleId,Rolename. when creating the the new user for that paticular application admin has to assign the role for new user,so you can easily hide the page and controls depends on
the role in the table in login page only,you dont want to check the role in each and every page
If this was my app I would have used Role in the SiteLayout so that the user is automatically redirected to the pages they have controls to. I mean to say that like a user with free membership would be redirected to the stuff thats free. While the one with
premium membership would be redirected to the place where everything is available. Thats pretty easy.
This IF..ELSE needs to be in the top of page. So before redirecting check that the user's role and redirect him. But after the
WebSecurity.Login();
Element. SO that the database finds his stuff in this code
var result = Database.Open("StarterSite").Query("SELECT * FROM UserProfile WHERE UserId =" + WebSecurity.CurrentUserId);
var Role = "";
foreach (var row in result) {
Role = row.Roles;
}
This way get the value and redirect the user to his location.
Please "Marks As Answer" if any answer helped you out!
~~! FIREWALL !~~
Hey Thanks for the reply , problem that I had is Admin should be able to see all agencies and their profiles but when agency gets login ,they should be able to see only their Agency . As I mentioned tblusers has a columns AgencyID ,Username , password,roles.
Ex. If A is Agency with Username Agency1 and agencyID 12 , then once they login , I would like to preserve agencyID as it is linked to different pages in my website. Based on agencyID , I want to redirect to particular page . There are almost 100
agencies for which when they logged in , I want them to automatically see their page based on agencyID . That is the reason behind my idea of using sessions, to fetch agencyID from database.Your code works good but I am in need of somthing like this.
Thats the thing where Profile Pages come in action. You can create a database table so that there can be saved some stuff for the name of c.e.o, The location and other stuff.
Than show the stuff based on the ID like
"SELECT * FROM AgencyProfile WHERE AgencyId =@0";
// The Id of Agency from the URL
var ID = UrlData[0];
// As in asp.net the urls are more likely to be as https://localhost:32324/agency_profile/3
// This will give the ID = '3';
//So the SQL will select all rows with the ID 3;
// Than simply just write the data with a foreach loop. or use variable like
var name_of_c.e.o = "";
var location = "";
foreach (var row in result) {// The result will be the Query of Database with the SQL select clause.
name_of_c.e.o = row.Name;
location = row.Location;
}
// And in the body use them as
<p>Name of C.E.O = @name_of_c.e.o</p>
<p>Location = @location</p>
This will be seperate for every user(Agency) And also only one page will be required!
Also If you want to show them a page of their membership like something, use a database for that too. Its same as this
Please "Marks As Answer" if any answer helped you out!
~~! FIREWALL !~~
sreeharshaka...
Member
28 Points
59 Posts
Login based on database value
Jan 16, 2013 11:26 PM|LINK
Hello guys, I have created a login page and it works perfect. My database table has columns username, password,Role,email,agencyID. Based on the value of column "Role" I want to show different pages after login. Every username has a role specified in database and if role equals agency then that user has Unique AgencyID
Here is my idea with code .
Ex : if role of user is agency , then page should fetch agencyID as follows
if(Session["role"] =="agency") { Response.Redirect("application/agency.aspx?x =" + Session("agencyID") + "'); } if(Session[role] =="ctd") { Response.Redirect("Home.aspx"); }//code behind protected void btnLogIn_Click(object sender, EventArgs e) { //Create Connection String And SQL Statement string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString; string strSelect = "SELECT COUNT(*) FROM tblUsers WHERE UserName = @Username AND Password = @Password"; SqlConnection con = new SqlConnection(strCon); SqlCommand cmd = new SqlCommand(); cmd.Connection = con; cmd.CommandType = CommandType.Text; cmd.CommandText = strSelect; SqlParameter username = new SqlParameter("@Username", SqlDbType.VarChar, 50); username.Value = txtUserName.Text.Trim().ToString(); cmd.Parameters.Add(username); SqlParameter password = new SqlParameter("@Password", SqlDbType.VarChar, 50); password.Value = txtPwd.Text.Trim().ToString(); cmd.Parameters.Add(password); con.Open(); int result = (Int32)cmd.ExecuteScalar(); con.Close(); if (result >= 1) { Session["userName"] = txtUserName.Text.ToString().Trim(); Response.Redirect("Home.aspx"); } else lblMsg.Text = "Incorrect Username or Password"; }I would like to have my login control as above mentioned Session["role"]. How can I embedd my idea in this code by authenticating username and password. Please help me
anantDD2007
Member
122 Points
21 Posts
Re: Login based on database value
Jan 17, 2013 12:44 AM|LINK
Hi,
It would be bad idea to hard code the logic of redirection in code behind. If in future you required to change the redirection logic then you would have to make the changes in the code and redeploy your application. You can make this configurable. You can configure the role and its page url in web.config <appsettings> section. This will give you more control on your logic and will make your application more scalable.
For e.g.
<appsettings>
<add key="agency" value="home.aspx"
</appsettings>
OR you can save the page URL in the same table that you are saving role information.
Please mark this as answer if it helps.
Thanks
Anant
AarthiPalani...
Member
61 Points
35 Posts
Re: Login based on database value
Jan 17, 2013 08:48 AM|LINK
Hi Friend ,
You can use the separate table for role like following fields RoleId,Rolename. when creating the the new user for that paticular application admin has to assign the role for new user,so you can easily hide the page and controls depends on the role in the table in login page only,you dont want to check the role in each and every page
Aarthi
Afzaal.Ahmad...
Contributor
2661 Points
1040 Posts
Re: Login based on database value
Jan 17, 2013 09:03 AM|LINK
If this was my app I would have used Role in the SiteLayout so that the user is automatically redirected to the pages they have controls to. I mean to say that like a user with free membership would be redirected to the stuff thats free. While the one with premium membership would be redirected to the place where everything is available. Thats pretty easy.
This IF..ELSE needs to be in the top of page. So before redirecting check that the user's role and redirect him. But after the
Element. SO that the database finds his stuff in this code
var result = Database.Open("StarterSite").Query("SELECT * FROM UserProfile WHERE UserId =" + WebSecurity.CurrentUserId); var Role = ""; foreach (var row in result) { Role = row.Roles; }This way get the value and redirect the user to his location.
~~! FIREWALL !~~
sreeharshaka...
Member
28 Points
59 Posts
Re: Login based on database value
Jan 17, 2013 02:49 PM|LINK
Hey Thanks for the reply , problem that I had is Admin should be able to see all agencies and their profiles but when agency gets login ,they should be able to see only their Agency . As I mentioned tblusers has a columns AgencyID ,Username , password,roles.
Ex. If A is Agency with Username Agency1 and agencyID 12 , then once they login , I would like to preserve agencyID as it is linked to different pages in my website. Based on agencyID , I want to redirect to particular page . There are almost 100 agencies for which when they logged in , I want them to automatically see their page based on agencyID . That is the reason behind my idea of using sessions, to fetch agencyID from database.Your code works good but I am in need of somthing like this.
Afzaal.Ahmad...
Contributor
2661 Points
1040 Posts
Re: Login based on database value
Jan 17, 2013 04:28 PM|LINK
Thats the thing where Profile Pages come in action. You can create a database table so that there can be saved some stuff for the name of c.e.o, The location and other stuff.
Than show the stuff based on the ID like
"SELECT * FROM AgencyProfile WHERE AgencyId =@0"; // The Id of Agency from the URL var ID = UrlData[0]; // As in asp.net the urls are more likely to be as https://localhost:32324/agency_profile/3 // This will give the ID = '3'; //So the SQL will select all rows with the ID 3; // Than simply just write the data with a foreach loop. or use variable like var name_of_c.e.o = ""; var location = ""; foreach (var row in result) {// The result will be the Query of Database with the SQL select clause. name_of_c.e.o = row.Name; location = row.Location; } // And in the body use them as <p>Name of C.E.O = @name_of_c.e.o</p> <p>Location = @location</p>This will be seperate for every user(Agency) And also only one page will be required!
Also If you want to show them a page of their membership like something, use a database for that too. Its same as this
~~! FIREWALL !~~