How to get the value of a particular column from a result set

Question

0.00/5 (No votes)

See more:

, +

I'm using asp.net 4.0 code using visual basic in visual studio 2010 with web forms.

I have the following code:

Presentation layer:

XML

<%@ Page Title="" Language="VB" MasterPageFile="~/MasterPage.master" AutoEventWireup="false" CodeFile="Login.aspx.vb" Inherits="Login" %>

<asp:Content ID="Content1" ContentPlaceHolderID="head" Runat="Server">
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server">
    <br /><br />
    <asp:Label ID="lblUsername" runat="server" Text="Enter Username"></asp:Label>
    <asp:TextBox ID="txtUsername" runat="server" AutoCompleteType="Disabled"></asp:TextBox>
    <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server"
    ControlToValidate="txtUsername" ErrorMessage="RequiredFieldValidator"
    ForeColor="Red">*</asp:RequiredFieldValidator>
    <br /><br />
    <asp:Label ID="lblPassword" runat="server" Text="Enter Password"></asp:Label>
    <asp:TextBox ID="txtPassword" runat="server" TextMode="Password"></asp:TextBox>
    <asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server"
    ControlToValidate="txtPassword" ErrorMessage="RequiredFieldValidator"
    ForeColor="Red">*</asp:RequiredFieldValidator>
    <br /><br />
    Select Account Type
    <asp:DropDownList ID="ddlAccountType" runat="server">
        <asp:ListItem Value="C">Customer</asp:ListItem>
        <asp:ListItem Value="S">Seller</asp:ListItem>
    </asp:DropDownList>
    <br /><br />
   <asp:Label ID="lblRememberMe" runat="server" Text="Remember me"></asp:Label>
   <asp:CheckBox ID="chkRememberMe" runat="server" />
   <br /><br />
    <asp:Button ID="btnLogin" runat="server" Text="Login" />
</asp:Content>

code-behind:

Imports System.Data
Imports System.Data.SqlClient
Imports System.Web.Configuration

Partial Class Login
    Inherits System.Web.UI.Page
    Private ReadOnly _conString As String

    Public Sub New()
        _conString =
        WebConfigurationManager.ConnectionStrings("PetiteAnnonceCS").ConnectionString
    End Sub
    Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLogin.Click

        Dim con2 As New SqlConnection(_conString)
        Dim sql2 As String = "SELECT UserId FROM tblUser WHERE Username=@Username And Password=@Password"
        Dim cmd2 As New SqlCommand(sql2, con2)
        cmd2.Parameters.AddWithValue("@Username", txtUsername.Text)
        cmd2.Parameters.AddWithValue("@Password", txtPassword.Text)
        Dim myReader As SqlDataReader

        Using con2
            con2.Open()
            myReader = cmd2.ExecuteReader
      
            If myReader.HasRows Then
                If chkRememberMe.Checked = True Then
                    Session("Username") = txtUsername.Text
                    Session("LoginTime") = DateAndTime.Now.ToString
                    Session.Timeout = 50000
                    If ddlAccountType.SelectedValue = "C" Then
                        Response.Redirect("~/Customer.aspx")
                    Else : Response.Redirect("~/Seller.aspx")
                    End If
                Else
                    Session("Username") = txtUsername.Text
                    Session("LoginTime") = DateAndTime.Now.ToString
                    If ddlAccountType.SelectedValue = "C" Then
                        Response.Redirect("~/Customer.aspx")
                    Else : Response.Redirect("~/Seller.aspx")
                    End If
                End If

            Else
                MsgBox("Login UnSuccessful!")
            End If
            con2.Close()
        End Using

    End Sub

   
End Class

I have the UserId as the primary key in my table User.
When the user logs in, the system checks if the user is valid, if it's valid the username is stored in a session variable. It's easy to store the username in a session because we can easily grab the value from the textbox, but I want to grab the UserId value also and store it in a session variable which I don't have any clue on how to do it. Can anyone help?
Is there a way to know the user

Posted 13-Nov-14 6:13am

Minhaaj Edoo

Add a Solution

Comments

Richard Deeming 13-Nov-14 13:06pm

You're storing passwords in plain-text. That's an extremely bad idea.

You should only ever store a salted hash of the password, using multiple iterations of a strong hashing algorithm.

Salted Password Hashing - Doing it Right[^]

2 solutions

Solution 1

C#

If myReader.HasRows Then
   Session("UserID") = reader.GetString(0)

refer : Retrieving Data Using a DataReader[^]
you can use ExecuteScalar Method[^] since you need one value. Read the documentation and the samples given.

Posted 13-Nov-14 6:24am

DamithSL

Updated 13-Nov-14 6:28am

v2

Comments

Minhaaj Edoo 13-Nov-14 13:08pm

I have put it like this:
If myReader.HasRows Then
If chkRememberMe.Checked = True Then
Session("Username") = txtUsername.Text
Session("LoginTime") = DateAndTime.Now.ToString
Session.Timeout = 50000
If ddlAccountType.SelectedValue = "C" Then
Session("UserID") = myReader.GetString(0)
Response.Redirect("~/Customer.aspx")
Else : Response.Redirect("~/Seller.aspx")
End If
Else
Session("Username") = txtUsername.Text
Session("LoginTime") = DateAndTime.Now.ToString
If ddlAccountType.SelectedValue = "C" Then
Response.Redirect("~/Customer.aspx")
Else : Response.Redirect("~/Seller.aspx")
End If
End If

But i am not able to get the value printed in a label on the next page unless the value did not get stored.

DamithSL 13-Nov-14 22:07pm

put break point on the Session("UserID") setting line and check whether your application goes through that routing.

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Minhaaj Edoo · Accepted Answer · 2014-12-01T04:34:00

Finally I've finally solved it but unfortunately after I submitted my coursework, the solution is pretty straightforward, I am puzzled on how you guys could not figure it out.

VB

Dim con As New SqlConnection(_conString)
                    Dim sql As String = "SELECT AccountType FROM tblUser WHERE Username=@Username"
                    Dim cmd As New SqlCommand(sql, con)
                    cmd.Parameters.AddWithValue("@Username", txtUsername.Text)
                    Dim myReader As SqlDataReader
                    con.Open()
                    myReader = cmd.ExecuteReader
                    DetailsView1.DataSource = myReader
                    DetailsView1.DataBind()
                    'Read the accountType field from the row returned from the                 query and store it in a string
                    Dim AT As String = myReader("AccountType")
                    If AT.Contains("Customer") Then
                        Response.Redirect("~/Customer.aspx")
                    Else : Response.Redirect("~/Seller.aspx")