Hello. I want to log in with a user and capture user data (id, name and date of birth) from the database after successful login and store that data in a session to pass it around. Im using ASP.NET thanks
Thanks. Session created but if i log in with a different user i still get the previous user details. y is this happening?
Stored procedure
CREATE PROCEDURE [Validate_Applicant]
@USERNAME NVARCHAR(20),
@PASSWORD NVARCHAR(20)
AS
BEGIN
SET NOCOUNT ON;
DECLARE @APPLICANTID INT, @FNAME VARCHAR
SELECT @APPLICANTID = applicant_id, @FNAME = applicant_first_name
FROM [Applicant] WHERE [applicant_username] = @USERNAME AND [applicant_password] = @PASSWORD
IF @APPLICANTID IS NOT NULL
BEGIN
SELECT * FROM [Applicant]
END
END
Here is my code
Public Class Applicant_Login
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
End Sub
Protected Sub Validate_Applicant(ByVal sender As Object, ByVal e As EventArgs)
Dim constr As String = ConfigurationManager.ConnectionStrings("DataConnectionString").ConnectionString
Using con As SqlConnection = New SqlConnection(constr)
Using cmd As SqlCommand = New SqlCommand("Validate_Applicant")
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@USERNAME", txt_userName.Text.Trim())
cmd.Parameters.AddWithValue("@PASSWORD", txt_password.Text.Trim())
cmd.Connection = con
con.Open()
Dim sda As SqlDataAdapter = New SqlDataAdapter(cmd)
Dim dt As DataTable = New DataTable()
sda.Fill(dt)
If dt.Rows.Count > 0 Then
MsgBox("Login Successful")
Session("ID") = dt.Rows(0)("applicant_id").ToString()
Session("FirstName") = dt.Rows(0)("applicant_first_name").ToString()
Session("MiddleName") = dt.Rows(0)("applicant_middle_name").ToString()
Session("Sex") = dt.Rows(0)("applicant_sex").ToString()
Session("DOB") = dt.Rows(0)("applicant_date_of_birth").ToString()
Session("IDCard") = dt.Rows(0)("applicant_id_card_number").ToString()
Session("Username") = dt.Rows(0)("applicant_username").ToString()
Session("Password") = dt.Rows(0)("applicant_password").ToString()
Session("Status") = dt.Rows(0)("applicant_status").ToString()
Response.Redirect("../asp/mohAddApplicant_TechnicalOfficer.aspx")
Else
MsgBox("Invalid UserName/Password")
End If
con.Close()
con.Dispose()
End Using
End Using
End Sub
End Class