Home/ Questions/Q 4243244
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-21T03:33:09+00:00

Hi im trying to set up a session for UserID which is contained in

  • 0

Hi im trying to set up a session for UserID which is contained in the User table along with username and password. Im unsure how to get the UserID based on the username and password in my sqlsyntax then pass it to my session? My last peace of code is just a test in a label to see if it will pass the number to the label.

Login Page

using System;
using System.Data;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.Odbc;
using System.Data.SqlClient;

public partial class Default2 : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        Login1.Authenticate += Login1_Authenticate;
    }
    protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        //database connection string
        OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite; User=x; Password=x; OPTION=3;");
        cn.Open();
        OdbcCommand cmd = new OdbcCommand("Select * from User where username=? and password=?", cn);

        //Select the username and password from mysql database in login table

        cmd.Parameters.Add("@username", OdbcType.VarChar);
        cmd.Parameters["@username"].Value = this.Login1.UserName;

        cmd.Parameters.Add("@password", OdbcType.VarChar);
        cmd.Parameters["@password"].Value = this.Login1.Password;
        //use asp login control to check username and password

        Session["UserID"] = "usrName";
        //set the UserID from the User Table unsure how to add this to the sql syntax above

        OdbcDataReader dr = default(OdbcDataReader);
        // Initialise a reader to read the rows from the login table.  
        // If row exists, the login is successful  

        dr = cmd.ExecuteReader();
        if (dr.Read())
        {
            e.Authenticated = true;
            Response.Redirect("UserProfileWall.aspx");
            // Event Authenticate is true forward to user profile
        }

    }

}

Profile Page with string test to label:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.Odbc;

public partial class UserProfile : System.Web.UI.MasterPage
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string usrName = Convert.ToString(Session["UserID"]);
        Label1.Text = Convert.ToString(usrName);
        //test to see if session on login page is passing

        OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite; User=x; Password=x;");
        cn.Open();

        OdbcCommand cmd = new OdbcCommand("SELECT User.FirstName, User.SecondName, User.Aboutme, User.DOB, Pictures.picturepath FROM User LEFT JOIN Pictures ON User.UserID = Pictures.UserID WHERE User.UserID=1", cn);
        OdbcDataReader reader = cmd.ExecuteReader();
        while (reader.Read())
        {
            Name.Text = String.Format("{0} {1}", reader.GetString(0), reader.GetString(1));
            Aboutme.Text = String.Format("{0}", reader.GetString(2));
            Age.Text = String.Format("{0}", reader.GetString(3));
            Image1.ImageUrl = String.Format("{0}", reader.GetString(4));
        }


    }
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    May be a little bit late:)

    The command on login page could contain UserId column:

    OdbcCommand cmd = new OdbcCommand("Select UserId from User where username=? and password=?", cn);

    Now you can read value of UserId column from the reader and store its value to the http session:

    dr = cmd.ExecuteReader();
if (dr.Read())
{
   Session["UserID"] = dr["UserId"];
   e.Authenticated = true;
   Response.Redirect("UserProfileWall.aspx");
   // Event Authenticate is true forward to user profile
}

    Btw. you do not need to inicialize dr and this chunk of code:

    OdbcDataReader dr = default(OdbcDataReader); // assigns null to dr
dr = cmd.ExecuteReader(); // reference to a new reader instance is assigned to dr

    could be simplified:

    OdbcDataReader dr = cmd.ExecuteReader(); // reference to a new reader instance is assigned to dr
    • 0