fergus

fergus

  • 1.5k
  • 232
  • 1.6k

SQL Selects after logging in with a session

Mar 19 2024 12:17 PM

Hi,

my first post on here so please forgive me if its done badly. 

I have an asp login page connected to sql database. user logs in based on information matching the sql table. I have also got a session functioning. I am i the very early days of my project. so after i log the user in they are redirected to a Dashboard page and i can display their user id which was assigned to the session. The next step is i want to display other attributes from the database table like name and age etc.

so this is the code i have on the login page:

 protected void Button1_Click(object sender, EventArgs e)
 {
     try
     {
         string uid = TextBox1.Text;
         string pass = TextBox2.Text;

         myCon.Open();
         string qry = "select userId from users where userId='" + uid + "' and Password='" + pass + "'";
         SqlCommand cmd = new SqlCommand(qry, myCon);
         SqlDataReader sdr = cmd.ExecuteReader();
         if (sdr.Read())
         {
             Session["userId"] = uid.Trim();
             Response.Redirect("Dashboard.aspx");
         }
         else
         {
             Label4.Text = "UserId & Password Is not correct Try again..!!";
         }
         myCon.Close();
     }
     catch(Exception ex){
         Response.Write(ex.Message);
     }
 }

On the dashboard page i have the following:

        protected void Page_Load(object sender, EventArgs e)
        {
            if (Session["userId"] == null)
                Response.Redirect("Login.aspx");
            SessionLabel.Text = "Username : " + Session["userId"];


        }

        protected void ButtonLogout_Click(object sender, EventArgs e)
        {
            Session.Abandon();
            Response.Redirect("Login.aspx");
        }

Do i need to define another connection now and create another select based on the session information or what is good practice to pull in sql data after a login?

 

Many Thnaks

Gus


Answers (2)