I am new to .NET framework and I want to create a profile page for each user to edit their own page. How do I make this edit page only available to the specific user? Is there a way to do this without me manually going into the code every time I have a new user sign up?
I'd take a look at ASP .NET Membership. Then you can lookup the user "profile" based on their Id to load the appropriate information.
You start by ensuring that the page is only visible to authenticated users. You do this by setting the appropriate settings in web.config for the corresponding folder or file.
Once you've done that, this page should simply load details for the current user. All users would see the same page, but it's content would be populated by your code only for this current user.
There would therefore be no way for one user to display the contents for another user. The ID of the user being viewed/edited should definitely not be a query argument or anything like that.
Related
hi i would like to know how would you lougout an user if he modifies the url or refreshes the web pages like in bank web sites
in asp .net.
Thanks for your answers
I have implemented a solution similar to Vignesh Kumar's answer by using roles and restricting access to pages based on the roles a user has. When a user logs in I check which pages they can access based on their assigned roles and build the navigation menu accordingly so that they're not able to navigate to restricted pages.
In my master page's Page_Load method I check whether a user has access to the page they're trying to access and if not I log them out and redirect them to the login screen.
I am attempting to add the Html.AntiForgeryToken() to the login form of a MVC3 site. This form is on every page of the site. I have noticed that if the user opens multiple tabs on the site, and then goes back to an old tab and submits the login form, the tokens on the other tabs become invalid, even when using salt. Is there any way to work around this?
This is just one example, there are other forms on the site that users seem to be opening multiple tabs to.
We have same issue on our e-commerce websites.
In my situation user can put things to his basket without logging in. But after opening several tabs without logging in, user decides to login and tries to add all products after logging in in one tab and that's where error lies.
So I decided to put a get on this pages just before submitting the form to get a new AntiForgeryToken.
I created a new partial view with only Html.AntiForgeryToekn in it and calling it via AJAX before submitting the form. And replace __RequestVarificationToekn value on form with the new one.
I Hope this solves the issue for you.
Are you using FormsAuthentication to login? If yes then the same token instance is being shared across multiple tabs while logging in, and hence all users with existing cookies will run into trouble. To work around this, please follow this post for further help
MVC-ANTIFORGERY-TOKEN
We have third party applications I need to link from my application. Where for those third part web sites I have user name and password with us (They are public websites). When the user click on those links we need to prefill user name and password and submit the form. Like single sign on kind of experience for the user. Is anyone tried doing this how we can do it. We need to open the web page with in Iframe or with in DEV ?
ASP.NET, Jquery and Java Script our platform.
I ended up getting the login page into my project and towards the end with jquery I posted the form filling the the user name and password. Not good solution but it works well
I Want Set Access level user For Buttons in the forms. example in the each form i have Add , Edit ,search and Delete button and I want user1 access to delete and update button in the form 1 and user 2 access to all buttons in each forms.
i create Table for Save Forms Name and Create other Table for Save User Profile and create table for save access User to forms and button. But I do not know how these settings in the form.
In any form is when you load the data read from the database?And to apply settings or Can I do this, write a general function,That automatically does this for every form????
thanks all
The following link was of great help when I encountered the same problem (it is for asp.net 2.0 but applies to the newer versions):
Recipe: Implementing Role-Based Security with ASP.NET 2.0 using Windows Authentication and SQL Server
SO in few words, you need to set up the Roles and then use them to enable access to users according to their roles. Enabling buttons and disabling buttons in a form can happen in the code behind utilizing the Roles.
For example you can use this piece of code if you have setup a role called Administrators:
If User.IsInRole("Administrators") Then
'Do something only admins are allowed to-do
End If
I hope that this is helpfull.
I used the Login control in my ASP.NET form.A database was created- ASPNETDB.
But once I create a user and then execute the form next time,I cant login, i.e., I've to register as a new user everytime I simulate the web form. The code cant retrieve my previously stored login id and password.How can I fix it?
The problem could be that the database file is been copied to the output directory everytime you run your application and overriding the previous copied file that contains the registration data.
If that was the problem, you can solve it by change the database file's Copy To Output Directory property value from always copy to copy if newer.
Solution #1: Under the "project" tab in Visual Studio, go to ASP.NET configuration. Make sure that the "active" check box is checked, under security, manage users (ASP.NET default login tables).
Solution #2: Use your login tables.
Solution #3: Still searching for it.