how to retrieve session value?

Question

maria_mj 0 Light Poster

14 Years Ago

I want to retrieve session value(username) from the login page.
I have to verify the user by their username to make the access right control for certain page. In my application, i want to control the access right to "ViewAllProject.aspx" page.

I have save the username in session in login page.
Here is my login code that save username in session:

protected void btnEnter_Click(object sender, EventArgs e)
        {
            String username = txtUsername.Text;
            String password = txtPassword.Text;

            if (rdoUser.SelectedItem.Value == "BDE")
            {
                    SqlConnection SQLConn = new SqlConnection(@"Data Source=sawapp501;Initial Catalog=BDAS;Integrated Security=SSPI");
                    string selectString = "SELECT * FROM BDE WHERE username=@username AND password=@password";

                    SqlCommand cmd = new SqlCommand(selectString, SQLConn);

                    //Prevent SQL Injection.
                    cmd.Parameters.AddWithValue("@username", username);
                    cmd.Parameters.AddWithValue("@password", password);

                    SQLConn.Open();
                    SqlDataReader sdr = cmd.ExecuteReader();

                    bool found = false;
                    
                    if (sdr.Read()) found=true;

                    sdr.Close();
                    SQLConn.Close();

                    if (found)
                    {
                        Session["user1"] = username;
                        Response.Redirect("MainPage.aspx");
                    }

                    else
                    {
                        Response.Write("<script>alert('Invalid Username or Password!!!')</script>");
                      
                    }
            }

In my main page, i have try to retrieve the session value when user click the button that will redirect to "ViewAllProject.aspx" page to control the access to that page.

Below is my coding to control the access right:

protected void btnViewProject_Click(object sender, EventArgs e)
        {
            if (Session["user1"] == "maria")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else if (Session["user1"] == "sally")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else
            {
                Response.Write("<script>alert('You not permitted to access the page...')</script>");            
            }
        }

When i execute the code, there is no error. But, when i click the button to redirect to the "ViewAllProject.aspx" , it keep respond the message "You not permitted to access the page..." even though i have login as "maria" or "sally" that is the person who have permission to access the page.

I don't know what's wrong because there is no error occur.
Please someone help me...

asp.net

4 Contributors
5 Replies
232 Views
1 Day Discussion Span
Latest Post 14 Years Ago Latest Post by maria_mj

rohand 1 Posting Whiz in Training

14 Years Ago

You need to use Convert.ToString().it should be like this

string username = Convert.ToString(Session["user1"]);

i have try the code. But i get error.
following is the code:

protected void btnViewProject_Click(object sender, EventArgs e)
        {
            [B]string username = Session["user1"];[/B]

            if (username == "yati")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else if (username == "shah")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else
            {
                Response.Write("<script>alert('You not permitted to access the page...')</script>");            
            }
        }

the error is:
Cannot implicitly convert type 'object' to 'string'. An explicit conversion exists (are you missing a cast?)

where to fix it??

kvprajapati 1,826 Posting Genius

14 Years Ago

Session is dictionary object where the data type of Key and Value is object.

protected void btnViewProject_Click(object sender, EventArgs e)
        {
         if(Session["user1"]!=null) 
         {   
            string username = Session["user1"].ToString();

            if (username == "yati")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else if (username == "shah")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else
            {
                Response.Write("<script>alert('You not permitted to access the page...')</script>");            
            }
           }
        }

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

reach_yousuf 2 Junior Poster · Answer 1 · 2010-06-29T11:28:40+00:00

I want to retrieve session value(username) from the login page.
I have to verify the user by their username to make the access right control for certain page. In my application, i want to control the access right to "ViewAllProject.aspx" page.
I have save the username in session in login page.
Here is my login code that save username in session:
protected void btnEnter_Click(object sender, EventArgs e)
        {
            String username = txtUsername.Text;
            String password = txtPassword.Text;

            if (rdoUser.SelectedItem.Value == "BDE")
            {
                    SqlConnection SQLConn = new SqlConnection(@"Data Source=sawapp501;Initial Catalog=BDAS;Integrated Security=SSPI");
                    string selectString = "SELECT * FROM BDE WHERE username=@username AND password=@password";

                    SqlCommand cmd = new SqlCommand(selectString, SQLConn);

                    //Prevent SQL Injection.
                    cmd.Parameters.AddWithValue("@username", username);
                    cmd.Parameters.AddWithValue("@password", password);

                    SQLConn.Open();
                    SqlDataReader sdr = cmd.ExecuteReader();

                    bool found = false;
                    
                    if (sdr.Read()) found=true;

                    sdr.Close();
                    SQLConn.Close();

                    if (found)
                    {
                        Session["user1"] = username;
                        Response.Redirect("MainPage.aspx");
                    }

                    else
                    {
                        Response.Write("<script>alert('Invalid Username or Password!!!')</script>");
                      
                    }
            }
In my main page, i have try to retrieve the session value when user click the button that will redirect to "ViewAllProject.aspx" page to control the access to that page.
Below is my coding to control the access right:
protected void btnViewProject_Click(object sender, EventArgs e)
        {
            if (Session["user1"] == "maria")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else if (Session["user1"] == "sally")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else
            {
                Response.Write("<script>alert('You not permitted to access the page...')</script>");            
            }
        }
When i execute the code, there is no error. But, when i click the button to redirect to the "ViewAllProject.aspx" , it keep respond the message "You not permitted to access the page..." even though i have login as "maria" or "sally" that is the person who have permission to access the page.
I don't know what's wrong because there is no error occur.
Please someone help me...

Hi

it's as Simple as this ...
username = Session["user1"]

Mark as solved if it helps you!!!

maria_mj 0 Light Poster · Answer 2 · 2010-06-29T12:57:40+00:00

i have try the code. But i get error.
following is the code:

protected void btnViewProject_Click(object sender, EventArgs e)
        {
            [B]string username = Session["user1"];[/B]

            if (username == "yati")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else if (username == "shah")
            {
                Response.Redirect("ViewAllProject.aspx");
            }

            else
            {
                Response.Write("<script>alert('You not permitted to access the page...')</script>");            
            }
        }

the error is:
Cannot implicitly convert type 'object' to 'string'. An explicit conversion exists (are you missing a cast?)

where to fix it??

maria_mj 0 Light Poster · Answer 3 · 2010-06-30T07:49:41+00:00

maria_mj 0 Light Poster

14 Years Ago

It work great!! Thank you..