different menu for different roles on the same master page

Question

Moemasri 0 Newbie Poster

14 Years Ago

I had finished the login page and all the othr pages i have 3 roles student admin adn a tutor i am creating an asp web application
after loging in the page is redirected to a default page that have a master page i want to put for every user a different menu like this

Private menu As String

    Public ReadOnly Property getmenu() As String
        Get
            Return menu

        End Get
    End Property


    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load


        If Context.User.IsInRole("Student") Then


            menu = "<tr valign=""top""> <td> <a href=""ViewMemo.aspx"" > View Memo</a> </td> </tr> <tr valign=""top""> <td> <a href=""StudentChapter.aspx"" > View Chapters</a> </td> </tr> <tr valign=""top""> <td> <a href=""StudentExam.aspx""> Take Exam</a> </td>  </tr> <tr valign=""top""> <td><a href=""ViewExamGrades.aspx""> View Exam Grades</a></td></tr><tr valign=""top""><td><a href=""ChangePassword.aspx""> Change Password </a></td></tr>"

        ElseIf Context.User.IsInRole("Tutor") Then

            menu = " <tr valign=""top""> <td> <a href=""ChapterCreate.aspx"" >  Create Chapter  </a></td></tr><tr valign=""top""><td><a href=""EditChapter.aspx"" > Edit Chapter</a></td></tr><tr valign=""top""><td><a href=""CreateExamPage.aspx"" > Create Exam</a></td></tr><tr valign=""top""><td><a href=""ManageExams.aspx""> Manage Exams</a></td></tr> <tr valign=""top""><td><a href=""CreateMemo.aspx"" > Create Memo</a></td></tr><tr valign=""top""><td><a href=""ViewExamGrades.aspx""> View Exam Grades</a></td></tr> <tr><td><a href=""ViewStudentLevel.aspx""> View Student Levels </a> </td> </tr> <tr> <td> <a href=""ChangePassword.aspx""> Change Password </a></td></tr>  "

        ElseIf Context.User.IsInRole("Admin") Then

            menu = " <tr valign=""top""><td><a href=""CreateUser.aspx""> Create User</a></td></tr><tr valign=""top""> <td> <a href=""ManageUsers.aspx"" > Manage Users</a></td></tr> "


        End If


    End Sub



End Class

*****plus am adding a get menu command in the html file****
the login source code is

Imports System.Data.SqlClient
Partial Public Class login
    Inherits System.Web.UI.Page

    Protected Sub loginbutton_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles loginbutton.Click

        If AuthenticateUser(loginnamebox.Text, passwordbox.Text) Then
            CreateAuthenticationTicket(loginnamebox.Text, remembermecheckbox.Checked)

        Else

            label1.Text = "Wrong username or password, please try again"


        End If



    End Sub



    Private Function AuthenticateUser(ByVal Username As String, _
ByVal Password As String) As Boolean


        Dim sqlCon As New SqlConnection(ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString)

        Dim query As String = "Select username from users where username = '" & Username & "'  and password  = '" & Password & "'"

        Dim sqlCmd As New SqlCommand(query, sqlCon)

        Dim reader As SqlDataReader



        sqlCon.Open()

        reader = sqlCmd.ExecuteReader()


        Return reader.HasRows
        sqlCon.Close()





    End Function

    Private Function GetUserRoles(ByVal username As String) As String

        Dim sqlCon As New SqlConnection(ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString)

        Dim query As String = "Select role from users where username =  '" & username & "'"

        Dim sqlCmd As New SqlCommand(query, sqlCon)
        Dim reader As SqlDataReader

        sqlCon.Open()

        reader = sqlCmd.ExecuteReader(Data.CommandBehavior.CloseConnection)


        reader.Read()

        Dim role As String = reader.Item(0).trim()


        sqlCon.Close()

        Return role






    End Function

    Private Sub CreateAuthenticationTicket(ByVal userName As String, ByVal isPersistent As Boolean)


        Dim version As String = 1
        Dim issueDate As DateTime = Now
        Dim expirationDate As Date
        Dim userData As String = GetUserRoles(userName)

        Dim cookiePath As String = "/"


        'Set the expirationDate
        If isPersistent Then
            expirationDate = Now.AddYears(1)
        Else
            expirationDate = Now.AddMinutes(60)
        End If


        'Set up the authentication ticket
        Dim FormAuthTicket As FormsAuthenticationTicket = _
        New FormsAuthenticationTicket(version, userName, issueDate, _
        expirationDate, isPersistent, userData, cookiePath)



        'Encrypt the ticket content as a string so it can be stored in a cookie
        Dim encTicket As String = FormsAuthentication.Encrypt(FormAuthTicket)

        'Place the encrypted ticket in a cookie
        Dim AuthCookie As HttpCookie = _
        New HttpCookie(FormsAuthentication.FormsCookieName, encTicket)


        'Set cookie duration if necessary
        If isPersistent Then AuthCookie.Expires = Now.AddYears(1)

        'Send cookie back to user
        Response.Cookies.Add(AuthCookie)

        'Redirect user to the page from whence they came
        Response.Redirect(FormsAuthentication.GetRedirectUrl(userName, isPersistent))


    End Sub






    Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load

    End Sub
End Class

i just dont know what is the problem:S

asp.net

Edited 14 Years Ago by kvprajapati because: Added [code] tags. For easy readability, always wrap programming code within posts in [code] (code blocks).

3 Contributors
3 Replies
615 Views
23 Hours Discussion Span
Latest Post 14 Years Ago Latest Post by kvprajapati

KushMishra 38 Senior Technical Lead

14 Years Ago

May be you should go for the form authentication in asp.net

Here's a demo code for you.......

</configSections> // after this in your web.config add the following.
<appSettings/>
<connectionStrings>
<add name="KMCon" connectionString="initial catalog=KM; data source=DEVELOPER\SQLEXPRESS; Integrated Security=SSPI"/>
</connectionStrings>

And give location path which you want to be accessed by all (including your Images,CSS,Javascipt etc. folders also for their proper working)...........

<location path="Pics.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="Reg.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>

Now add the following code for which you want a resticted and secure access..........

</compilation> // after this in your web.config add the following.
<authentication mode="Forms">
<forms loginUrl="Admin-IMKM/AdminLogin.aspx" defaultUrl="Admin/WelcomeAdmin.aspx"></forms>
</authentication>

Hope this helps ya........

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Moemasri 0 Newbie Poster · Answer 1 · 2010-05-09T17:25:16+00:00

its aweb application not a web site so the

or its the same in this case?

i tried the one u send it to me but it didnt work so i replied

and 10x

kvprajapati 1,826 Posting Genius Team Colleague · Answer 2 · 2010-05-09T18:10:48+00:00

You can add/use SiteMap to secure the navigation of site.

1. http://www.codeproject.com/KB/aspnet/dynamicsitemap.aspx
2. http://msdn.microsoft.com/en-us/library/yy2ykkab.aspx
3. http://forums.asp.net/t/1012145.aspx