| Author |
Topic |
|
jhermiz
3564 Posts |
 Posted - 2004-09-20 : 13:28:46
|
| I need to store 4 specific pieces of data when a user logs in:LoginID (the auto ID number generated for a login)Login (the actual user name)ClientID (this is a foreign key to the User's client that he or she wants to connect to, for instance we have Wisonsin users, Michigan Users, etc)and finallyLoginDate (the time the user logged in).Should this data be stored as a session variable or a cookie ?Also is this captured right when the user clicks the submit button on the login.aspx page ? I have read that a cookie is very limited, but some people use it...What is everyone using nowadays ? If session can someone post an example of the syntax to store those above fields ? Thanks for the help.JonJonwww.web-impulse.comCan you dig it: http://www.thecenturoncompany.com/jhermiz/blog/ |
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-09-20 : 15:12:24
|
I vote session!What I usually do is when the user clicks the login button and they are authenticated, I call a PopulateSession() method, and then FormsAuthentication.RedirectFromLoginPage after that.I usually pass some sort of UserID (Primary Key from Users table) into the PopulateSession method. In that method, I call functions that would give me the info you noted above, and then write that data to session, like this:Private Sub PopulateSession(ByVal gUserID As Guid) Dim oUser As New DashboardDataObject.User(GetConnection()) Session("UserID") = gUserID Session("BrandingPath") = oUser.GetBrandingPath(gUserID) Session("DashboardCustomerID") = oUser.GetCustomerID(gUserID) End SubIn the rest of your app, you get the data like so:mydatagrid.datasource = oUser.GetListofSomethingByUser(Session("UserID"))Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
 |
|
|
jhermiz
3564 Posts |
Posted - 2004-09-20 : 16:06:40
|
quote:
Originally posted by MichaelP
I vote session!What I usually do is when the user clicks the login button and they are authenticated, I call a PopulateSession() method, and then FormsAuthentication.RedirectFromLoginPage after that.I usually pass some sort of UserID (Primary Key from Users table) into the PopulateSession method. In that method, I call functions that would give me the info you noted above, and then write that data to session, like this:Private Sub PopulateSession(ByVal gUserID As Guid) Dim oUser As New DashboardDataObject.User(GetConnection()) Session("UserID") = gUserID Session("BrandingPath") = oUser.GetBrandingPath(gUserID) Session("DashboardCustomerID") = oUser.GetCustomerID(gUserID) End SubIn the rest of your app, you get the data like so:mydatagrid.datasource = oUser.GetListofSomethingByUser(Session("UserID"))Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda>
Mike you do not even know how helpful you truly are. If I win the lottery I wont forget ya...I am going to take your information and try to run and give it a go tomorrow morning. Sorry I did not post back earlier I was in a meeting.God bless you for all your helpful tips / tricks and code.JonJonwww.web-impulse.comCan you dig it: http://www.thecenturoncompany.com/jhermiz/blog/ |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-09-20 : 16:09:21
|
| NP manIf you have a spare generator and an extension cord I'd be a happy camper. :) Still no power at my places because of Hurrican Ivan. They estimate I should have power by Thursday! Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
|
jhermiz
3564 Posts |
Posted - 2004-09-20 : 16:11:06
|
| :(I do remember tara posting something about you being near ivan. Been a few days since you guys have had power :(. Wish you and your family the best.JonJonwww.web-impulse.comCan you dig it: http://www.thecenturoncompany.com/jhermiz/blog/ |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-09-20 : 16:15:26
|
| Thx. Things aren't TOO bad here. I can go out and get food, gas, and go someplace with AC. The folks east and northeast of here have it REALLY bad. No house, food, water, ice, clothing, power, etc. NOTHING.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
|
jhermiz
3564 Posts |
Posted - 2004-09-20 : 16:24:31
|
quote:
Originally posted by MichaelP
I vote session!What I usually do is when the user clicks the login button and they are authenticated, I call a PopulateSession() method, and then FormsAuthentication.RedirectFromLoginPage after that.I usually pass some sort of UserID (Primary Key from Users table) into the PopulateSession method. In that method, I call functions that would give me the info you noted above, and then write that data to session, like this:Private Sub PopulateSession(ByVal gUserID As Guid) Dim oUser As New DashboardDataObject.User(GetConnection()) Session("UserID") = gUserID Session("BrandingPath") = oUser.GetBrandingPath(gUserID) Session("DashboardCustomerID") = oUser.GetCustomerID(gUserID) End SubIn the rest of your app, you get the data like so:mydatagrid.datasource = oUser.GetListofSomethingByUser(Session("UserID"))Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda>
Just a couple of questions on this...What is oUser is that your own class? Cause I do see methods that are invoked by that object? Would you just create your own functions or are these functions available? FOr instance, I stated I would like to store the UserID, the ClientID, and the user name...Since htis is all data from the same table, could I just return a record from a sproc that simply did this:Session("UserID") = rs("UserID")Session("ClientID") = rs("ClientID")Session("UserName") = rs("UserName")Or should I be doing it a bit differently ?Thanks again,JonJonwww.web-impulse.comCan you dig it: http://www.thecenturoncompany.com/jhermiz/blog/ |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-09-20 : 16:34:10
|
Jon, yes the oUser class is a class I created.quote:
Since this is all data from the same table, could I just return a record from a sproc that simply did this:....
That's exactly how I'd handle it. If you wanted to go with a more object oriented way, you could have your class return a "User" object that has properties like UserID etc, and just store the User object in session. There are a TON of ways to skin this cat.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
|
jhermiz
3564 Posts |
Posted - 2004-09-20 : 17:01:06
|
| HmmBut lets say I dont have a class and all I do is Session("UserID") = rs("UserID")etc etc...Will this be only good for that page that I am looking at?I dont understand sessions to much, maybe your class has some sort of scope ? How should I handle this if I need these values across various pages ?Jonwww.web-impulse.comCan you dig it: http://www.thecenturoncompany.com/jhermiz/blog/ |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-09-20 : 17:10:33
|
| This is ASP.net right?This will work fine.Session("UserID") = rs("UserID")In your other pages, use Session("UserID") to get the value back out of session. Session will stay "in scope" acorss the pages until it times out (which is like 20 mins by default). Each time you go from page to page that 20 minute timer is reset.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
|
jhermiz
3564 Posts |
Posted - 2004-09-20 : 22:22:57
|
| HI Mike,Yes this is asp.net...do you think this is an ok way of doing it? I have not really implemented much on classes besides defaults that are automatically created by vs.net. Should I create a class in this ? Im just not sure how to implement a stand alone class in vs.net and then have it be part of my app. Do I need all that for these fields that I am storing in this session?Thanks again and gnite!!!JonJonwww.web-impulse.comCan you dig it: http://www.thecenturoncompany.com/jhermiz/blog/ |
|
|
|
jhermiz
3564 Posts |
Posted - 2004-09-21 : 09:07:00
|
Good Morning,Mike I tried calling a function and pulling some session data..so my login code looked like this:<script runat="server"> Sub Page_Load End Sub Sub Button_Click( s As Object, e As EventArgs ) Dim lngID as Long lblMessage.Text = "" If IsValid Then lngID = DBAuthenticate( txtUsername.Text, txtPassword.Text) If lngID > 0 Then 'good employee 'next we call a function to store some session info SetSessionData(lngID) FormsAuthentication.RedirectFromLoginPage( txtUsername.Text, chkRemember.Checked ) End If End If End Sub Function SetSessionData(lngID as Long) Dim conMyData As SqlConnection Dim cmdSelect As SqlCommand Dim dtrLoginData As SqlDataReader 'try and make a connection Try conMyData = New SqlConnection( ConfigurationSettings.AppSettings("strConn") ) cmdSelect = New SqlCommand( "select_user_session_data", conMyData ) cmdSelect.CommandType = CommandType.StoredProcedure cmdSelect.Parameters.Add( "@LoginID", SqlDbType.BigInt ).Value = lngID conMyData.Open() dtrLoginData = cmdSelect.ExecuteReader() 'assign session data Session("LoginID") = dtrLoginData("LoginID") Session("Login") = dtrLoginData("Login") Session("ClientID") = dtrLoginData("ClientID") Session("Client") = dtrLoginData("Client") 'catch any exceptions that might be thrown Catch e as Exception Response.Write("An Error Occurred: " & e.toString()) 'clean up and close resources Finally conMyData.Close() End Try End Function Function DBAuthenticate( strUsername As String, strPassword As String ) As Integer Dim conMyData As SqlConnection Dim cmdSelect As SqlCommand Dim parmReturnValue As SqlParameter Dim intResult As Integer 'try and make a connection Try conMyData = New SqlConnection( ConfigurationSettings.AppSettings("strConn") ) cmdSelect = New SqlCommand( "DBAuthenticate", conMyData ) cmdSelect.CommandType = CommandType.StoredProcedure parmReturnValue = cmdSelect.Parameters.Add( "RETURN_VALUE", SqlDbType.Int ) parmReturnValue.Direction = ParameterDirection.ReturnValue cmdSelect.Parameters.Add( "@username", strUsername ) cmdSelect.Parameters.Add( "@password", strPassword ) conMyData.Open() cmdSelect.ExecuteNonQuery() intResult = cmdSelect.Parameters( "RETURN_VALUE" ).Value 'catch any exceptions that might be thrown Catch e as Exception Response.Write("An Error Occurred: " & e.toString()) 'clean up and close resources Finally conMyData.Close() End Try If intResult < 0 Then If intResult = -1 Then lblMessage.Text = "Username Not Registered!" Else lblMessage.Text = "Invalid Password!" End If End If Return intResult End Function</script>Note the SetSessionData function which pulls a record based on the ID. Ok fine and dandy...so on the click of the login button I then call the FormsAuthentication.RedirectFromLoginPage and open a page called default.aspx.In there I have:<%@ Import Namespace="System.Web.Security " %><html> <script language="VB" runat=server> Sub Page_Load(Src As Object, E As EventArgs) Welcome.Text = "Hello, " + User.Identity.Name + " you have logged in at: " + DateTime.Now() UserID.Text = Session("LoginID") UserName.Text = Session("Login") ClientID.Text = Session("ClientID") Client.Text = Session("Client") End Sub Sub Signout_Click(Src As Object, E As EventArgs) FormsAuthentication.SignOut() Response.Redirect("login.aspx") End Sub </script> <body> <form runat=server> <font face="Arial, Helvetica, sans-serif" size="2"><asp:label id="Welcome" runat=server/></font><p> <asp:label id="UserID" runat=server/><p> <asp:label id="UserName" runat=server/><p> <asp:label id="ClientID" runat=server/><p> <asp:label id="Client" runat=server/><p> <asp:button text="Signout" OnClick="Signout_Click" runat=server/></p> </form> </body></html>But I dont see any of the session data I had originally pulled.Can someone point out my mistake  Thank YouJonwww.web-impulse.comCan you dig it: http://www.thecenturoncompany.com/jhermiz/blog/ |
|
|
|
jhermiz
3564 Posts |
Posted - 2004-09-21 : 09:56:44
|
| Got it...had to apply the read() function before reading the reader...I had read about this somewhere too!Thanks / JonJonwww.web-impulse.comCan you dig it: http://www.thecenturoncompany.com/jhermiz/blog/ |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-09-21 : 10:31:48
|
| Yep, you missed the read() call.Glad it's all working man!Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
|
|
storage