cookies/ session

  • I am in the process of building a web site using asp.net and a sql database. I have my login page set up using cookies.

    I will have several different pages the user will fill out - something like an extensive survey. How can I set up a stored procedure to grab the user's ID from the cookie?

    I also want to have pages that will display the information the user has input. What is the best way to pull the information from the database so I can format it the way I need? Will also need to filter the records based on the User ID stored in the cookie.

    Suggestions on a starting point or a code sample would be greatly appreciated.

    Thank you!

  • Create procedure dbo.MySP @userid as int

    as

    --do something here

    go

    in asp net

    Dim iUid as integer

    iUid = mycookie.value

    call the stored proc and set the @userid parameter using iUid

  • use Request.Cookies("CaseSensaTiveCookieName") to read it in.

    use Response.Cookies("CaseSensativeCookieName") to write it back out after a successfull login.

    --In SQL

    open the table in design view and change the collation for the password collumn to Case-sensative.

    Create Proc userLogin

    (

         @User VARCHAR(25)

        ,@Password VARCHAR(15)

    )

    AS

    Select ID From Users Where User=@User and Password =@Password

    RETURN

    -- in the page

    Sub ButtonLogin_Submit(...)...

         Dim con As New SqlConnection("connectionstring...")

         Dim da As New SqlDataAdapter()

         Dim cmd As New SqlCommand()

    Try

         With cmd

                .Connection=con

                .CommandText="userLogin"

                .commandType=CommandType.StoredProcedure

                .Parameters.Add("@User",SqlDbType.Varchar,25).value=me.txtUserName.Text

                .Parameters.Add("@Password",SqlDbType.VarChar,15).Value = me.txtPassword.Text

          End With

          da.SelectCommand = cmd

          Dim ds as new DataSet

          da.Fill(ds,"User")

          con.close()

          if ds.Tables(0).Rows.Count>1 Then

                Response.Cookies("UserID") = ds.Tables(0).Rows(0)("UserID")

          Else

                 me.lblMessage.Text="Invalid Login"

          End If

    Catch Ex As Exception

          me.lblMessage.Text=ex.Message

    Finally ' this will always run no matter( unless power outage)

           if con.State = ConnectionState.Open Then con.Close()

           Con.Dispose()

           cmd.Dispose()

            da.Dispose()

    End Try

    End Sub

    ' later on ALL member driven pages (or you can do FormsAuthentication)

    If Request.Cookies("UserID") Is Nothing OrElse Request.Cookies("UserID")="" then

        Response.Redirect("./login.aspx")

    Else

         'do a database call passing the user info into a stored procedure parameter or query

    End If

     

  • Sorry for the delay have been working on my navigation system.

    I have my login all set based on a user_name which works great. It passes the user_name and the user's role into the cookie and I am able to restrict access to certain folders based on the role.

    I have several different tables that are all related to the main table that houses the UserID (identity field), user_name, and password.

    I am trying to set it up where the user can move between all of my forms and submit their information and the UserID from the main table will be entered into the UserID field of the related table. Of course I will need the UserID to be selected based on the user's user_name which is stored in the cookie. I have been doing quite a bit of reading to try and figure out how to store the userID in a session but I am just getting more confused. I would like to pass my the userID stored in the session to my stored procedure for each form.

    I do know that I need to pass the userID to the session in my Global.ascx page.

    Any help in clearing this up for me would be greatly appreciated. A code sample is also helpful.

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply