1
Answer

Need help with passing userid/session("userid") on login page

 I am trying to create a login page in C# and want to pass the userid(if it is even necessary) from SQL database through to the next page(reports.aspx) so it knows what user is logged in. The code I have is not working and I am having trouble doing this and need assistance.  Here is my current code, what do I need?

using System;  
using System.Data;  
using System.Configuration;  
using System.Collections;  
using System.Web;  
using System.Web.Security;  
using System.Web.UI;  
using System.Web.UI.WebControls;  
using System.Web.UI.WebControls.WebParts;  
using System.Web.UI.HtmlControls;  
using System.Data.SqlClient;  
 
namespace HSI  
{  
    public partial class login : System.Web.UI.Page  
    {  
        protected void Page_Load(object sender, EventArgs e)  
        {  
            Session["UserId"] = userid;  
        }  
          
 
    private bool AuthenticateUser(string uname, string password)  
 
    {  
 
       bool bflag = false;  
 
       string connString = "Server=portalsql;Database=portal;Integrated Security=True";  
 
 string strSQL = "select * from  icc_users where username ='" + uname + "' AND password ='" + password + "' and userid = '" + Session["UserId"] + "'";  
 
       DataSet userDS = new DataSet();  
 
       SqlConnection m_conn;  
 
       SqlDataAdapter m_dataAdapter;  
 
       SqlCommand m_Command;  
 
       try  
 
       {  
 
           m_conn = new SqlConnection(connString);  
 
           m_conn.Open();  
 
           m_dataAdapter = new SqlDataAdapter(strSQL, m_conn);  
 
           m_dataAdapter.Fill(userDS);  
 
           m_conn.Close();  
 
       }  
 
       catch (Exception ex)  
 
       {  
 
           userDS = null;  
 
       }  
 
   
 
       if (userDS != null)  
 
       {  
 
           if(userDS.Tables[0].Rows.Count > 0)  
 
             bflag = true;  
 
       }  
 
       return bflag;  
 
    }  
 
        protected void Login1_Authenticate1(object sender, AuthenticateEventArgs e)  
        {  
 
            try  
            {  
 
                string uname = Login1.UserName.Trim(); //Get the username from the control  
 
                string password = Login1.Password.Trim(); //get the Password from the control  
 
                bool flag = AuthenticateUser(uname, password);  
 
                if (flag == true)  
                {  
 
                    e.Authenticated = true;  
 
                    Login1.DestinationPageUrl = "reports.aspx?page='" + Session["UserId"] + "'";  
 
                }  
 
                else  
 
                    e.Authenticated = false;  
 
            }  
 
            catch (Exception)  
            {  
 
                e.Authenticated = false;  
 
            }  
 
        }  
}  
    } 

Answers (1)