How do I code an inline if statement with a response.redirect within a ASP VB.Net repeater?

Hey Guys,

I have a login sub that fills a repeater if the username and password match. If the repeater count is 0, the username and password did not match. If the count is > than 0, then redirect user.

Now, I have to check for user types. I have a field called user_types within the users table that contains either "1" for regular user or "2" for manager.

Basically, I want to do something like this within the repeater on databind:

 <itemtemplate>
<%
 If Eval("user_type") = 1 Then
  Response.Redirect("page1.aspx")
 Else
  Response.Redirect("page2.aspx")
 End If
%>
 </itemtemplate>

I get an error when trying to use Eval. Is this code possible within the repeater or is there a way to retrieve the value of eval("user_types") wthin a sub? Maybe a way to pass the eval("user_types") value to a sub on databind, then do the redirect?

-Thanks in advance.
rmartesAsked:
Who is Participating?
 
Todd GerbertConnect With a Mentor IT ConsultantCommented:
Sorry...The reader starts off positioned before the first record, so you need to call .Read() to advance it to the first record before attempting to read it's values.
Imports System.Data.SqlClient
Partial Class _Default
    Inherits System.Web.UI.Page
	Imports System.Data.SqlClient
	Partial Class _Default
		Inherits System.Web.UI.Page
		Sub Login(ByVal sender As Object, ByVal e As System.EventArgs)
			Using dbConnection As New SqlConnection("server=localhost; user id=root; password=Just4MySQL; database=intake_db; pooling=false; Allow User Variables=True;")
				dbConnection.Open()
				Using dbCommand As SqlCommand = dbConnection.CreateCommand()
					dbCommand.Parameters.Add("@USERNAME", Trim(txtUserName.Text).toString())
					dbCommand.Parameters.Add("@PASSWORD", txtUserName.Text.Trim())
					dbCommand.CommandText = "SELECT TOP 1 * FROM tbl_USERS WHERE Username=@USERNAME AND Password=@PASSWORD"

					Using dbReader As SqlDataReader = dbCommand.ExecuteReader(Data.CommandBehavior.SingleRow)
						If dbReader.Read() Then	'dbReader.Read() will return false if it can't advance to the next record (which in this case is the first record)
							Session("User") = UCase(txtuserName.text)
							Session("LoggedIn") = True
							Insert_User_TimeIn() 'insert time in into tbl_login_tracking

							If dbReader.GetInt32(dbReader.GetOrdinal("user_type")) = 1 Then
								Response.Redirect("~/UserType1.aspx")
							ElseIf dbReader.GetInt32(dbReader.GetOrdinal("user_type")) = 2 Then
								Response.Redirect("~/UserType2.aspx")
							Else
								Response.Redirect("~/UserTypeUnknown.aspx")
							End If
						Else
							lblNoLogin.visible = True
							lblNoLogin.text = "<img src='../../images/icons/error.png' /> Login failed. Invalid Username and Password."
						End If
					End Using
					dbConnection.Close()
				End Using
		End Sub
	End Class

End Class

Open in new window

0
 
guru_samiCommented:
Why are you using repeater ? I don't understand the logic of doing that...
Can't you simply do that in code-behind  where you login?
Can you share you login code
0
 
Todd GerbertIT ConsultantCommented:
I think that I would probably handle that in the code-behind, using a SqlConnection and SqlDataReader for example.
Have you considered using the built-in .Net Authentication/Role manager?
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
rmartesAuthor Commented:
I'm not sure how to do it within code-behind. Here is the login sub:

Sub Login(sender As Object, e As System.EventArgs)

        Dim dbConnection As MySqlConnection
        Dim dbCommand As MySqlCommand
        Dim dbDataAdapter as MySqlDataAdapter
        Dim dbDataSet as New Dataset()
                  
        dbConnection = New MySqlConnection("server=localhost; user id=root; password=Just4MySQL; database=intake_db; pooling=false; Allow User Variables=True;")
                  
        Dim strSQL As String = "SELECT * FROM tbl_USERS WHERE tbl_USERS.USERNAME = ?USERNAME AND tbl_USERS.PASSWORD = ?PASSWORD;"
                  
        dbConnection.Open()
        dbCommand = New MySqlCommand(strSQL, dbConnection)
                  
        'username and password
        dbCommand.Parameters.Add("?USERNAME", Trim(txtUserName.Text).toString())
        dbCommand.Parameters.Add("?PASSWORD", Trim(txtPassword.Text).toString())
                  
        dbDataAdapter = New MySQLDataAdapter(dbCommand)
        dbDataAdapter.Fill(dbDataSet, "tbl_USERS")
        rptUser.DataSource = dbCommand.executeReader(System.Data.CommandBehavior.CloseConnection)
        rptUser.DataBind()
                  
        'user found
         If rptUser.items.Count <> 0 Then
                     Session("User") = UCase(txtuserName.text)
                     Session("LoggedIn") = true
      Insert_User_TimeIn() 'insert time in into tbl_login_tracking
         Else
      lblNoLogin.visible = true
      lblNoLogin.text = "<img src='../../images/icons/error.png' /> Login failed. Invalid Username and Password."
         End If
            
End Sub
0
 
Todd GerbertIT ConsultantCommented:
Here's a rough idea of how it might work...I don't have MySql so this example uses MS SQL objects, but I'm assuming the methods & syntax are similar enough for you to make sense of it.
Imports System.Data.SqlClient
Partial Class _Default
    Inherits System.Web.UI.Page
	Sub Login(ByVal sender As Object, ByVal e As System.EventArgs)
		Using dbConnection As New SqlConnection("server=localhost; user id=root; password=Just4MySQL; database=intake_db; pooling=false; Allow User Variables=True;")
			dbConnection.Open()
			Using dbCommand As SqlCommand = dbConnection.CreateCommand()
				dbCommand.Parameters.Add("@USERNAME", Trim(txtUserName.Text).toString())
				dbCommand.CommandText = "SELECT * FROM tbl_USERS WHERE Username=@USERNAME"

				Using dbReader As SqlDataReader = dbCommand.ExecuteReader()
					If (Not dbReader.HasRows) Or (dbReader("Password") <> txtPassword.Text.Trim()) Then
						lblNoLogin.visible = True
						lblNoLogin.text = "<img src='../../images/icons/error.png' /> Login failed. Invalid Username and Password."
					Else
						Session("User") = UCase(txtuserName.text)
						Session("LoggedIn") = True
						Insert_User_TimeIn() 'insert time in into tbl_login_tracking

						If dbReader.GetInt32(dbReader.GetOrdinal("user_type")) = 1 Then
							Response.Redirect("~/UserType1.aspx")
						ElseIf dbReader.GetInt32(dbReader.GetOrdinal("user_type")) = 2 Then
							Response.Redirect("~/UserType2.aspx")
						Else
							Response.Redirect("~/UserTypeUnknown.aspx")
						End If
					End If
				End Using
			End Using
			dbConnection.Close()
		End Using
	End Sub
End Class

Open in new window

0
 
rmartesAuthor Commented:
Is there a way to check for a username and password match directly from the sql command or data adaptor and retrieve the value from the user_type field without declaring a repeater?
0
 
rmartesAuthor Commented:
tgerbert, I'll give that a try....thanks
0
 
rmartesAuthor Commented:
tgerbert, I converted your example to use MySQL, but I keep getting an "Invalid attempt to access a field before calling Read()" error on the "If (Not dbReader.HasRows) Or (dbReader("username") <> txtUsername.Text.Trim()) Then" line. Isn't the command being executed (dbCommand.ExecuteReader()) before I call the username field?
0
 
rmartesAuthor Commented:
Right on the button...
0
 
rmartesAuthor Commented:
tgerbert, thank you so much. You hooked me up dude. I've been using repeaters and other client-side objects to retrieve fields values for a while now. I knew there was a way to retrieve code-behind, but never learned how to. Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.