Beginner questions on C#

I have two very simple pages that seem to work very well - one is a login page, where the user enter's their email, which gets validated against a set of parameters, then set into a session (if valid). The user is then passed to the second page in the process, which would be the "home" page of the project.

The second "home" page has a small piece of code to make sure the user has in fact logged in. If they haven't (like the book marked page two to bypass login), they are redirected to page one.

In theory.

For some reason, it doesn't work.

Page one's code:
public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        //nothing yet
    }

    public static bool isEmail(string inputEmail)
    {
        string strRegex = @"^([a-zA-Z0-9_\-\.]+)@((domain1\.com)|(domain2\.com))$";
       
        Regex re = new Regex(strRegex);

        if (re.IsMatch(inputEmail))
            return (true);
        else
            return (false);
    }

    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        if (!isEmail(this.txtEmailAddress.Text))
        {
            lblErrorMessage.Text = this.txtEmailAddress.Text + " is not a valid email address.";
        }
        else
        {
            lblErrorMessage.Text = "Email Address is valid.";
            Session.Add("UserEmail",this.txtEmailAddress.Text);
            Response.Redirect("Default.aspx");
        }
    }
}

Page two's code:
public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string strUserEmail = (string)(Session["UserEmail"]);

        if (isLoggedIn(strUserEmail))
        {
            Response.Redirect("login.aspx");
        }
        else
        {
            lblEmailDisplay.Text = strUserEmail;
        }
    }

    public static bool isLoggedIn(string userEmailString)
    {
        if (userEmailString == "") {
            return (false);
        } else {
            return (true);
        }
    }
}



The issue I get is this: the session object doesn't seem to clear itself when the browser closes, so the user is always "logged in". If I go straight to default.aspx, the address I used once to log in still displays. OR I get error condition #2, where the login page sends the info to page two, but page two ALWAYS redirects back.

Help!
LVL 3
Paul KahlAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

quoclanCommented:
Session object will be destroyed when the browser close.
You just modify little like this :

Page two's code:
public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string strUserEmail = (string)(Session["UserEmail"]);  //if Session["UserEmail"] is not existed, strUserEmail = null

        if (!isLoggedIn(strUserEmail))             //! is added
        {
            Response.Redirect("login.aspx");
        }
        else
        {
            lblEmailDisplay.Text = strUserEmail;
        }
    }

    public static bool isLoggedIn(string userEmailString)
    {
        if (userEmailString == null) {           // compare userEmailString with null
            return (false);
        } else {
            return (true);
        }
    }
}

Or, you can make strUserEmail = "" if Sesssion["UserEmail"] is not existed by using Convert.ToString() like this
public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string strUserEmail = Convert.ToString((Session["UserEmail"]));  //if Session["UserEmail"] is not existed, strUserEmail = ""

        if (!isLoggedIn(strUserEmail))             //! is added
        {
            Response.Redirect("login.aspx");
        }
        else
        {
            lblEmailDisplay.Text = strUserEmail;
        }
    }

    public static bool isLoggedIn(string userEmailString)
    {
        if (userEmailString == "") {           // preserved
            return (false);
        } else {
            return (true);
        }
    }
}

Hope this help you.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C#

From novice to tech pro — start learning today.