I have the following code on my default.aspx
Label1.Text = Session("valueName").ToString()
And the following code on my login.aspx
Dim strCon As String = ConfigurationManager.ConnectionStrings("Goed").ConnectionString
'Create Connection String And SQL Statement
Dim strSelect As String = "SELECT COUNT(*) FROM tbl_LogIn WHERE Gebruiker = #Gebruiker AND Wachtwoord = #Wachtwoord"
Dim con As New SqlConnection(strCon)
Dim cmd As New SqlCommand()
cmd.Connection = con
cmd.CommandType = CommandType.Text
cmd.CommandText = strSelect
Dim Gebruiker As New SqlParameter("#Gebruiker", _
SqlDbType.VarChar)
Gebruiker.Value = TxtUs.Text.Trim().ToString()
cmd.Parameters.Add(Gebruiker)
Dim Wachtwoord As New SqlParameter("#Wachtwoord", _
SqlDbType.VarChar)
Wachtwoord.Value = TxtPw.Text.Trim().ToString()
cmd.Parameters.Add(Wachtwoord)
con.Open()
Dim result As Integer = DirectCast(cmd.ExecuteScalar(), Int32)
con.Close()
If result >= 1 Then
Response.Redirect("default.aspx")
Session("valueName") = TxtUs.Text.ToString()
Else
lblMsg.Text = "Gebruikers naam en of wachtwoord kloppen niet"
End If
End Sub
But it doesnt seem to help. I don't get any error or whatso ever, any idea?
The Redirect method ends the execution, so you have to set the session variable before redirecting:
Session("valueName") = TxtUs.Text.ToString()
Response.Redirect("default.aspx")
you are redirecting before setting the session. you should first set the session and then redirect the page.
Or
Your result variable is not 1 or bigger than 1. you should check that too
Related
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
lblSTuName.Text = "Welcome! " + Session("StuID")
If con.State = ConnectionState.Closed Then
con.Open()
End If
cmd = New OleDbCommand
cmd.Connection = con
cmd.CommandText = "select [Image] from tblStudent where Uname='" + Session("StuID") + "'"
Dim dr As OleDbDataReader
dr = cmd.ExecuteReader()
If dr.Read() Then
stuImage.ImageUrl = dr("Image")
Else
stuImage.ImageUrl = Nothing
End If
con.Close()
End Sub
i have this code in student.master page
and then i want the session("StuID") to use in chlid page also....i have written the following code in the child page student.aspx-
If Not IsPostBack Then
Dim stname As Label = TryCast(Master.FindControl("lblSTuName"), Label)
stuN = stname.Text
If con.State = ConnectionState.Closed Then
con.Open()
End If
cmd = New OleDbCommand
cmd.Connection = con
cmd.CommandText = "select [RollNo],[CourceName] from tblStudent where StuName='" + stuN + "'"
dr = cmd.ExecuteReader()
If dr.Read() Then
MsgBox("read complete")
Else
MsgBox("not success!")
End If
End If
but i am not able to use session here in the child page using this code.Can i get any help??
You have only one session object for each user. You can access this data from any page. Try to use student name directly from the session. You don't need any master page for this
.....
Dim stuN = Session("StuID");
If con.State = ConnectionState.Closed Then
con.Open()
End If
cmd = New OleDbCommand
cmd.Connection = con
cmd.CommandText = "select [RollNo],[CourceName] from tblStudent where StuName='" + stuN + "'"
// or better to try
cmd.CommandText = "select [RollNo],[CourceName] from tblStudent where Uname='" + stuN + "'"
......
One of our ASP web apps has a button, that generates a expiring link to a form. We have noticed that anyone with said link can view the form. I am researching a way to have the end-user be checked for authorization when the link is opened up. Ask them for their username/password before they can view the link.
my sub that generates the link:
Protected Sub ButtonLink_Click(sender As Object, e As EventArgs)
Dim strSQL As String = ""
Dim wapguid As String = ""
Dim cmd As New SqlCommand
wapguid = System.Guid.NewGuid().ToString("N")
strSQL = "INSERT INTO [WapCustomerAccess] (wapid, wapguid, expires, generatedBy) values (#wapid, #wapguid, #expires, #generatedBy)"
cmd.CommandType = CommandType.Text
cmd.CommandText = strSQL
cmd.Parameters.AddWithValue("#wapid", WAPID)
cmd.Parameters.AddWithValue("#1", wapguid)
cmd.Parameters.AddWithValue("#generatedBy", Session.Item("UserFullName"))
cmd.Parameters.AddWithValue("#expires", Date.Now.AddDays(31).ToString)
Dim strConnString As String = System.Configuration.ConfigurationManager.ConnectionStrings("cnnCFHSWAP").ConnectionString
Dim con As New SqlConnection(strConnString)
cmd.Connection = con
Try
con.Open()
cmd.ExecuteNonQuery()
Catch ex As Exception
Response.Write(ex.Message & "<br />")
Finally
con.Close()
con.Dispose()
End Try
Dim t As New TextBox()
t.Text = "http://wap-test.cfhs.local/secure/waplink.aspx?SSL=true&hash=" & WAPID & "&guid=" & wapguid & "&expires=45&suid=05A2FF&salt=x00FF&enc=true"
t.ID = "txtLink"
t.Width = 800
t.ReadOnly = True
t.BackColor = Drawing.Color.SeaShell
PanelLink.Visible = True
PanelLink.Controls.AddAt(0, t)
PanelLink.Controls.Add(New LiteralControl("<br />"))
End Sub
You will need to restrict access to waplink.aspx in the app that is referred to in your generated links. Depending on that app, you will find suitable tutorials for setting up authentication/authorization, like [1].
[1] https://weblogs.asp.net/gurusarkar/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config
and good day..
I have a code of asp.net in vb.net and work fine for one table but i need to add multible table of( master and dr ) to code the data is the sum from the two table but its different. can anyone help me..thanks advance for all
Private Sub getData(ByVal user As String)
Dim dt As New DataTable()
Dim connectionString As String
Dim connection As OleDbConnection
connectionString = ConfigurationManager.ConnectionStrings("Data_For_netConnectionString").ToString
connection = New OleDbConnection(connectionString)
connection.Open()
Dim sqlCmd As New OleDbCommand("SELECT * from master WHERE UserID = #user", connection)
sqlCmd.CommandText = _
"SELECT name, manistry, university, send, card FROM master "
Dim sqlDa As New OleDbDataAdapter(sqlCmd)
sqlCmd.Parameters.AddWithValue("#user", user)
sqlDa.Fill(dt)
If dt.Rows.Count > 0 Then
TextBox1.Text = dt.Rows(0)("manistry").ToString
TextBox2.Text = dt.Rows(0)("university").ToString
TextBox4.Text = dt.Rows(0)("send").ToString
TextBox21.Text = dt.Rows(0)("card").ToString
name.Text = dt.Rows(0)("name").ToString
End If
connection.Close()
End Sub
When I use the code below for some reason when Update is clicked, hospitaltextbox.text does not show the current value in the textbox? Just the value that was originally selected. Any idea why it is not reading what is currently in the textbox?
Dim reader As SqlDataReader = cmd.ExecuteReader()
If (reader.Read()) Then
HospitalTextBox.Text = reader(7)
FirstNameTextBox.Text = reader(9)
Session("ID") = reader(0)
End If
Protected Sub cmdUpdate_Click(sender As Object, e As EventArgs) Handles cmdUpdate.Click
Dim Test As String
Test = FirstNameTextBox.Text
Try
Dim Con As SqlConnection
Dim cmd As SqlCommand
Con = New SqlConnection
Con.ConnectionString = ""
Con.Open()
cmd = New SqlCommand
cmd.Connection = Con
cmd.CommandText = "UPDATE tbltest SET [Teaching Hospital Name] = #TeachingHospitalName, [Physician First Name] = #FirstName WHERE ID = #ID"
cmd.Parameters.Add(New SqlParameter("#ID", (Session("ID"))))
cmd.Parameters.Add(New SqlParameter("#TeachingHospitalName", HospitalTextBox.Text)) 'does not show text that was changed in the textbox?
cmd.Parameters.Add(New SqlParameter("#FirstName", Test))
cmd.ExecuteNonQuery()
Con.Close()
Catch ex As Exception
End Try
End Sub
Check your Page_Load function.
Are you doing something on PostBack to set the textbox value to something else?
If you're binding data, make sure it's done when Not IsPostback
If Not IsPostBack
BindData()
I am trying to run this code below. It was working previously, but when I added a second datareader, it stopped. Can anyone tell me what's wrong ?
Protected Sub btnSearchUser_Click(sender As Object, e As EventArgs) Handles btnSearchUser.Click
Dim conn As New SqlConnection("Data Source=BRIAN-PC\SQLEXPRESS;Initial Catalog=master_db;Integrated Security=True")
Dim searchComm As String = "SELECT * FROM users WHERE username LIKE #username"
Dim user_id_select As New Integer
Dim searchSQL As New SqlCommand
conn.Open()
searchSQL = New SqlCommand(searchComm, conn)
searchSQL.Parameters.AddWithValue("#username", txtUserSearch.Text)
Dim datareader As SqlDataReader = searchSQL.ExecuteReader()
While datareader.Read
lstUsers.Items.Add(datareader.Item("username"))
End While
datareader.Close()
conn.Close()
Dim conn2 As New SqlConnection("Data Source=BRIAN-PC\SQLEXPRESS;Initial Catalog=master_db;Integrated Security=True")
Dim selectComm As String = "SELECT user_id FROM users WHERE username=#username_selected"
Dim selectSQL As New SqlCommand
conn2.Open()
selectSQL = New SqlCommand(selectComm, conn2)
selectSQL.Parameters.AddWithValue("#username_selected", lstUsers.SelectedItem.Text.Trim)
Dim datareader2 As SqlDataReader = selectSQL.ExecuteReader()
While datareader2.Read
If datareader2.HasRows Then
user_id_select = datareader2("user_id")
lblUserSelected.Text = "Selected: " + lstUsers.SelectedItem.Text
ElseIf datareader2.HasRows = False Then
lblInvalidUsername.Visible = True
datareader2.Close()
End If
End While
conn2.Close()
End Sub
Hi,
I'm gettin a NullReference exception on lblUserSelected.Text = "Selected: " + lstUsers.SelectedItem.Text whenever I enter a username in txtUserSearch and click search, it was working previously.. I don't know what happened..
Can anyone tell me whats wrong?
I assume you're getting the NullReferenceException on this line:
selectSQL.Parameters.AddWithValue("#username_selected", lstUsers.SelectedItem.Text.Trim)
since you haven't specified the SelectedItem of the recently filled ListBox. To select the first item you could use this code:
While datareader.Read
lstUsers.Items.Add(datareader.Item("username"))
End While
If lstUsers.Items.Count <> 0 Then lstUsers.SelectedIndex = 0
You are also not handling the case that there are no usernames in the database, then the ListBox is empty and has no selected-item.