• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 962
  • Last Modified:

Reference page variable in master page?

I'm finishing up the security aspect of an application that has been convereted from classic ASP to ASP.Net (C#).

The existing application has a variable on each page called 'seclvl'.  This is an integer value, that tells the application what level of security (from a session variable) a logged in user has to be in order to view the contents of that page.  

I'm looking for a way to accomplish this in the new application, using a similar system.  IDEALLY, in the <% Page %> declaration, I'd love to have a SecLvl=x tag that I could populate with the Title and Language tags!  **grin**  But I don't think that's in the cards for me.  Next best thing, or so I figure, is to have each code behind page have a protected variable, secLvl=x, which the master page can reference during the render or init events.  I can't seem to figure out the delegation / referencing needed to accomplish this though.

master.master
------------------

<%@ Master Language="C#" AutoEventWireup="true" CodeFile="master.master.cs" Inherits="MasterPage" %>
<html>
<head>
<link href="style/style.css" type="text/css" rel="stylesheet">
</head>
<div id=header></div>
<asp:ContentPlaceHolder ID="content" runat="server"></asp:ContentPlaceHolder>
<div id=footer></div>

master.master.cs
---------------------
// pseudo code here...
// Check to see if user is 'valid' from session.  If so, do nothing.  If user != 'valid' then
// Check the database and see what info you can get from the logged in user name.
// Set session variables for logged in user, and set valid flag, then redirect back to referring page.
// I would also like to check here to see if users' secLvl is high enough (from the validation call before) to access the page they
// are trying to access

page1.aspx
----------------
<%@ Page Language="C#" MasterPageFile="~/master.master" AutoEventWireup="true"
  CodeFile="page1.aspx.cs" Inherits="Default" Title="Page 1"  %>
<asp:content id=content contentplaceholderid=content runat=server>
Content goes here...if you have enough security to see it!!!

If you're seeing this, then you must.
</content>

page1.aspx.cs
----------------
// bunch of other stuff here, but important part would be below
protected secLvl = 10;


So is this something that is doable?  Is there a 'better' way??  Once again, I'd like to be able to get the security level value of a specific page when the page loads, and compare that page's value with the value assigned when the user first logs in.

Other options are equally welcome :)

Thanks in advance...

Shaymus
0
ShaymusBane2
Asked:
ShaymusBane2
  • 2
1 Solution
 
Jojo1771Commented:
Sorry if I dont understand.

Are you wanting somthing like a session variable?

Session("SecLevel") =2

If Session("SecLevel") =2 then
'winner
end if

Session vars are constant accoss the entire site for that user. So set SecLevel on login and just check it at every page. If you are going to use session variables, I suggest you look at using SessionState Server.

Thanks,
Jojo
0
 
ShaymusBane2Author Commented:
Something like that...

When a user connects to the site, their information is checked against a database entry, and that information is set into session variables. ie.

Session["user"] = name
Session["secLvl"] = 5
etc.

This is exactly like what you've suggested...the trick is how to do this in the master page...or rather, how to setup to do this with a specific function call in the master page, that retrieves some static page variable and compares the security level set on the page, with that in the users' session secLvl.

example in master
---------------------

private bool isValidUser() {
int pageLevel = ?? // not sure how you'd get the variable from the page here
// I tried by setting a Label that was visible=false, but I couldn't figure out how to reference the displayed page
// From the generic master page.
int userLevel = Int32.Parse(Session["secLvl"].ToString());

if (pageLevel > userLevel) {
  // User is not allowed to see this page...redirect to an error page
} else {
  // User IS allowed to see this page...let them...
}


Once again, I'd like to have a variable set on each page, that is checked in the master page when the user first attempts to go to a page.  Hope I clarified instead of 'mudified' what I was talking about.
0
 
deanvanrooyenCommented:
create a hidden control on the aspx page and find it using findcontrol in the masters Page_Load

http://msdn2.microsoft.com/en-us/c8y19k6h.aspx

C# Copy Code// Gets a reference to a TextBox control inside a ContentPlaceHolder
ContentPlaceHolder mpContentPlaceHolder;
TextBox mpTextBox;
mpContentPlaceHolder =
    (ContentPlaceHolder)Master.FindControl("ContentPlaceHolder1");
if(mpContentPlaceHolder != null)
{
    mpTextBox = (TextBox) mpContentPlaceHolder.FindControl("TextBox1");
    if(mpTextBox != null)
    {
        mpTextBox.Text = "TextBox found!";
    }
}

// Gets a reference to a Label control that is not in a
// ContentPlaceHolder control
Label mpLabel = (Label) Master.FindControl("masterPageLabel");
if(mpLabel != null)
{
    Label1.Text = "Master page label = " + mpLabel.Text;
}

0
 
ShaymusBane2Author Commented:
Yay!  That works...not the cleanest or sweetest solution, but it'll do in a pinch...one correction from the pasted code...

Master.FindControl(blah blah blah)

needs to be 'this.FindControl' when used in the master page....realized that when Master kept coming up null....

Thanks for that.

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now