This is a simple login page with 2 panels. Panel for login where user enters user name and password. I validate if username is present and do this:
string query = "SELECT UserName,HashedPassword,SaltString FROM users WHERE UserName='"+txtUserName.Text+"'";
using(SqlConnection con = new SqlConnection(connection))
{
con.Open();
SqlCommand cmd=new SqlCommand(query,con);
SqlDataReader sdr = cmd.ExecuteReader();
if (!sdr.Read())
{
pnlLogin.Visible = false;
pnlRegister.Visible = true;
}
else
{
//validate password and redirect
}
I remember to have done same thing a few times before, although I don't have the code with me. I use form authentication in web.config. Please tell me where I am going wrong. Thanks in advance.
And one if I comment this:
pnlLogin.Visible = false;
the pnlRegister becomes visible.
If pnlRegister is nested in (a child of) pnlLogin, and you hide pnlLogin, pnlRegister will also be invisible.
Since you didn't provide markup, this is a guess based on the behavior you described.
Related
When You press "Create user" in your ASP.NET standard CreateUserQizard the OnCreatedUser gets called and redirects you after the user is created. However I need to run some code before the user is created but after the "Create user" button is clicked.
Like this: Click "Create user" -> Run my method -> Create user -> OnCreatedUser
I have made my own method for checking if email already exists, however I don't know how to call it since the Wizard creates the user right away. Is there any way to get in before the user is created and execute my code?
My code:
TextBox EmailTextBox = RegisterUser.CreateUserStep.ContentTemplateContainer.FindControl("Email") as TextBox;
String emailParam = EmailTextBox.Text;
using (SqlConnection con = new SqlConnection(strCon))
{
con.Open();
using (SqlCommand cmd = con.CreateCommand())
{
cmd.CommandText = "SELECT Email FROM Memberships WHERE Email=#emailParam";
cmd.Parameters.AddWithValue("#emailParam", emailParam);
using (SqlDataReader reader = cmd.ExecuteReader())
{
if (reader.Read())
{
LabelExists.Text = "This e-mail is already registered";
}
else
{
//execute method that creates user
}
}
}
con.Close();
}
Simply use OnCreatingUser, and set e.Cancel = true; if e-mail is already registered.
If you set requiresUniqueEmail="true" for the membership provider, it does this check for you.
I have a SQL database named "administration" with usernames and roles.
What I would like to do with my ASP.NET application is:
once someone accesses my intranet site, I get their username using
string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
Then I check if that username is in my database. I assume I can do this with an IF EXISTS statement.
However I'm not sure how I would do the following: IF the user is in the database I want to display the Web Page as per their role (i.e. all pages are different Admin = see all content and buttons, User = all content no buttons).
However if their username is not in my database I will display a blank page or something along the lines of "Access Denied".
This is the way I have been asked to do it but I cant seem to work it out.
Is it possible?
string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
after getting userName.
sqlconnection cn = new sqlconnection("give connectionstring");
cn.open();
sqlcommand cmd = new sqlcommand();
cmd.commandtext = "select * from "table"; // table name give.
cmd.connection = cn;
sqldatareader rdr = cmd.executereader();
while(rdr.read()){
if(stringName = rdr[columnnumber].toString());
flag = true;
}
if(flag)
//take decesion
else
// take decesion.
cn.close();
you can achieve it like this. u can use. it. bt there are some mistake in syntax i roughly write for u.
I have a log in page shown below
Admin only has a permission to access this page and he creates a new user with the following requirements.
when the particular user login his page is shown below
I need to retrieve the Faculty id,so that it should me automatically displayed in the textbox.
for that i need to call from datbase.? or is there any text box property to display the data ?
I am using asp.net withc#
SqlConnection Conn = new SqlConnection(Connection_String);
SqlCommand Comm1 = new SqlCommand(Command, Conn);
Conn.Open();
textBox.Text = Comm1.ExecuteScalar();
Conn.Close();
In my program, when user wants to edit a record, and presses Edit button, a new window opens up with all the fields and record information is rendered into the respective fields giving user an option to edit any field information they require.
I have added a fileupload control to my webform fields. But I am not sure how to reference fileupload control on my new popped up window .. I am not sure if I am explaining my problem very clearly or not but I will try to explain it with the help of following code:
protected void GridView1_RowEditing(object sender, GridViewEditEventArgs e)
{
lblSet.Text = GridView1.Rows[e.NewEditIndex].Cells[2].Text;
MultiView1.SetActiveView(vRecord);
btnSave.Visible = false;
btnBacktoHome.Visible = true;
//this.lblMedium.Text = GridView1.Rows[e.NewEditIndex].Cells[1].Text;
using (SqlConnection con = new SqlConnection("Data Source=MEHDI-PC\\SQLEXPRESS;Initial Catalog=PIMS;Integrated Security=True"))
{
using (SqlCommand cmd = new SqlCommand())
{
String sql = "select [DocumentID],[Ref],[Subject],[Src],[Dst],[Medium],[Date_Printed],[Date_Received],[Document_Type],[Action_Required],[Due_Date],[Actual_Date],[Content],[Tag],[Issue_No],[Attachment],[Notes],[Assigned_To],[Reply_Ref],[Priority],[Status],[Response],[Physical_File_No],[Physical_Rack_Location] from dbo.Documents1 where [DocumentId]=N'" + GridView1.Rows[e.NewEditIndex].Cells[2].Text + "'";
cmd.Connection = con;
cmd.CommandText = sql;
con.Open();
//SqlDataAdapter da = new SqlDataAdapter(sql,con);
//DataTable dt = new DataTable();
DataSet ds = new DataSet();
using (SqlDataAdapter adp = new SqlDataAdapter(cmd))
{
adp.Fill(ds);
}
this.txtRef.Text = ds.Tables[0].Rows[0][1].ToString();
this.txtSubject.Text = ds.Tables[0].Rows[0][2].ToString();
this.ddlSource.Text = ds.Tables[0].Rows[0][3].ToString();
this.ddlDestination.Text = ds.Tables[0].Rows[0][4].ToString();
this.ddlMedium.Text = ds.Tables[0].Rows[0][5].ToString();
this.txtDatePrinted.Text = ds.Tables[0].Rows[0][6].ToString();
this.txtDateReceived.Text = ds.Tables[0].Rows[0][7].ToString();
this.ddlDocumentType.Text = ds.Tables[0].Rows[0][8].ToString();
this.cbxAction.Checked = ds.Tables[0].Rows[0][9].Equals(cbxAction.Checked);
this.txtDueDate.Text = ds.Tables[0].Rows[0][10].ToString();
this.txtActualDate.Text = ds.Tables[0].Rows[0][11].ToString();
this.txtContent.Text = ds.Tables[0].Rows[0][12].ToString();
this.txtTag.Text = ds.Tables[0].Rows[0][13].ToString();
this.txtIssue.Text = ds.Tables[0].Rows[0][14].ToString();
//this.fileupload1 = ds.Tables[0].Rows[0][15] ;
this.txtNotes.Text = ds.Tables[0].Rows[0][16].ToString();
this.ddlAssignedTo.Text = ds.Tables[0].Rows[0][17].ToString();
this.txtReplyRef.Text = ds.Tables[0].Rows[0][18].ToString();
this.ddlPriority.Text = ds.Tables[0].Rows[0][19].ToString();
this.ddlStatus.Text = ds.Tables[0].Rows[0][20].ToString();
this.ddlResponse.Text = ds.Tables[0].Rows[0][21].ToString();
this.txtPhysicalFileNo.Text = ds.Tables[0].Rows[0][22].ToString();
this.txtPhysicalRackLocation.Text = ds.Tables[0].Rows[0][23].ToString();
if (con != null)
{
con.Close();
}
btnUpdate.Visible = true;
btnSearch.Visible = false;
BindGrid();
}
}
}
Basically when user clicks edit, what my code does is, reads the relevant record in the sql server and loads it from there to a new popped up window in my webform .. puts all the information in the related fields.
I read online that reading varbinary data from sql and binding it into the webform is not as simple as calling text data. (maybe I am wrong, please correct me if i am). I am not really worried about fetching data from sql server into the webform, I am worried about referring to the upload control in the new window because if user add a new file in fileupload control in the popped up window and if its not referenced in my code, my program ignores the new uploaded file which is a big flaw in my code.
Problem is with this line of code:
//this.fileupload1 = ds.Tables[0].Rows[0][15] ;
I have commented it out for other code to run.
I am stuck with it for a whole week. Any help will be so much appreciated. Thanks in advance.
You can't bind a record to a file upload control, this control is for uploading files
not
downloading.
Have a look at this link for how to download files.
The upload control should be used to replace the existing file,when the user chooses to replace it i.e. the user will upload a new file and in your business logic you need to update this record using the existing record ID.
In your case I'd bind the ID of the attachment to a hidden field in the grid and leave the upload control alone. When the record is updated check if the file upload control has a file and then using the value of the attachment update the attachment.
Edit: From here I believe you would need to add something along the lines of:
FileUpload file = ((FileUpload)(GridView1.Rows[e.NewEditIndex].FindControl("myFileUploadControl")));
You need to give your file upload control an ID of myFileUploadControl (or whatever you want)
This question also discusses using a fileupload control in a gridview.
I'm new to C# and have a background in SQL so apologies if this is a very stupid query, but I have been trawling google for about 2 hours now and can't find what I need. If someone knows of an article they can point me to, that would be great.
I have a simple windows forms application, and I'm setting up a login box so that users have to enter their user ID to proceed.
I have a SQL Server DB (SQL 2005) with the following table:
Users
UserID (int); userName nvarchar(50)
I am using Visual Studio 2010
What I'm stymied by is how to check whether their userID exists in my SQL Table (called users...) I'm not going to put any code here because it's been rewritten from scratch so many times that a clean slate is probably best!
Ideally, I want the user to enter their user ID, and click 'login'. When they do this, if their userID is not valid in the DB table then I need it to give an error msgBox; if it is valid then it should log them in, passing their userID and userName (stored in the DB table) to a variable which I can use elsewhere in the application to populate fields.
I hope this makes sense, and I'm sure I've missed the perfect article out there which will explain it all - hopefully one of you kind people can point me in the right direction!
Thank you
You should make a simple SQL query with the userID the user entered, like
SELECT UserID from Users where userID= value. The executeNonQuery() will return the number of matches. If the returned value ==1, means that the userid exists in the database. If the returned value is different from 1, means that the userid not exists or it was registered multiple times. So, if is 1 then you cand call a different form to make different things, else you call anoter form or output a messagebox with an error message
/*table code
* create table login
(
id varchar(25),
pass varchar(25)
)
*
*
*
*
*/
string Connectstring = #"Data Source=DELL-PC;Initial Catalog=stud;Integrated Security=True";
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
SqlConnection cn = new SqlConnection(Connectstring);
cn.Open();
SqlCommand cmd = new SqlCommand("select * from log where id=#a and pass=#b", cn);
cmd.Parameters.AddWithValue("#a", textBox1.Text.ToString().ToUpper());
cmd.Parameters.AddWithValue("#b", textBox2.Text);
SqlDataReader dr = cmd.ExecuteReader();
if ((dr.Read() == true))
{
MessageBox.Show("The user is valid!");
Form2 mainForm = new Form2();
mainForm.Show();
this.Hide();
}
else
{
MessageBox.Show("Invalid username or password!");
}
}
Declare a connection string to Your database
string connString = #"Data Source=.\SQLEXPRESS;Initial Catalog=YourDatabase;Integrated Security=True";
After this You can use a validate method below
private bool ValidateUserById(string connString, int id)
{
using (var conn = new SqlConnection(connString))
{
conn.Open();
var sqlString = string.Format("Select * From Users where Id = {0}", id);
using (var cmd = new SqlCommand(sqlString, conn))
{
return cmd.ExecuteScalar() != null;
}
}
}
Then on button click You can check the user
if (ValidateUserById(connString, Convert.ToInt32(textBox1.Text)))
{
//..
}
else
{
//..
}