create a welcome

Perhaps I'm misreading this but...

It sounds to me like you're passing the UN/PW to the DB to check if they're valid for a login and want to then get the UN back from the DB for the purpose of a welcome page.

This may sound silly but... why not simply use the UN that was entered in the first place instead of revisiting the DB for the information?

Alternately, if the DB contains additional information (such as full name in addition to UN/PW) then it should be a simple matter of using a select statement calling the full name column based on a match to the username column. Something along the lines of:

"SELECT fullName from LoginTable WHERE userName='" + providedUN + "'"

and of course providedUN is the username provided in the login process.

Hope this helps :)

sound good..but actually like this..
this is my master page where i want to put the "welcome"

<tr>
                <td class="style2"><asp:TextBox ID="textboxtime" runat="server"></asp:TextBox></td>
                <td><asp:TextBox ID="textboxwelcome" runat="server">welcome </asp:TextBox></td>
            </tr>

i dont know what should i do to call it from the behind code to make it display at the specific place..
sorry, i'm very2 new to this language..
should i use function?where should i put the select statement just like you say?

how can i bring the username from the login page to the other page?

Just Create a session put the user name in it access in your master page and use it where ever you want to use that's all.
eg

Session["FirstName"] = FirstNameTextBox.Text;

to access

String str=Session["FirstName"].ToString();

that's all you need to do.

First, are you using one form/page to login and a separate form/page for your welcome? If so, you would need to look at various methods of passing a variable from the login page to the secondary page.

One such method is to pass the variable as a part of a ClientQueryString, however this is hardly a 'secure' method of passing unencrypted user information from page to page as it puts the information right there in the URL for everyone to see.

You can also use cookies or sessions to move the information place to place as needed but there are other issues that can arise from either of these methods, particularly if improperly coded.

If, on the other hand, your login page is one and the same with your main page (which can be accomplished using ASP:Panels and simply hiding the login panel and showing the Welcome panel upon successful login) you can pass the variable directly within the same page as a local variable without the bother of moving it around between pages. This has the combined benefit of keeping the variable information masked from the user end and not requiring messy transferrance of information outside of the local scope.

Not sure if either option will do what you need but hope this helps :)

ok..i had this and forsure my username is display..
but now i want to make other attribute display..
now, this is my code:

var username = Session["username"];
        string cmdString = "SELECT  ContactName  FROM Customers WHERE username='" + username + "'";

so, i want to make ContactName attribute display..

what should i write?
if i'm using this code

String str=Session["FirstName"].ToString();

i cannot simply replace Firstname with ContactName

and i'm using <asp:label> to display the welcome..just like this

labelwelcome.Text = "Hello " + ???? + " !";

i dont know what should i write at ?????..
i cannot write ContactName; it won't display

i'm using separate page..if login successfully, the page will be redirect to the other page..i had used the session and it success.. when i'm using the sqlcommand like this:

var username = Session["username"];
        string cmdString = "SELECT  ContactName  FROM Customers WHERE username='" + username + "'";

i cannot directly display the "ContactName"..
i want to display "ContactName" using

labelwelcome.Text = "Hello " + ???? + " !";

..
how can i take the contactName and place it at ????...

TQ

simply retreive the contactname from database with that query.

SqlCommand com = new SqlCommand(cmdString, con);
string contact=Convert.ToString(com.ExecuteScalar());

labelwelcome.Text = "Hello " + contact + " !";

TQ..success :)