ASP.Net set global variables based on login informaton

I;m building a new ASP.net application (C# code behind). I'm using the membership framework for security. I built an additonal userinfo table that links back to the aspnetUsers table. The userInfo table contaiins addional data about the user (last name, a differe userid, etc.) When a user logs in I want to grab that data from the database and be able to call it whenever I need to. For example, the page I'm working on now is the default page that loads once the user logs in. I want to display a gridview of data from that table specific to that user. The data is linked to that user by the userid (an int in a SQL Server database table) in the userInfo table. I need to call that userid at various times. How can I call and store that data?
dodgerfanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
MlandaTCommented:
consider storing the data in a session variable? e.g. just load the additional data, say into a dataset, then store that dataset into a session variable... session("UserInfo")=ds
0
 
Imran Javed ZiaConsultant Software Engineer - .NET ArchitectCommented:
hi,
Yes, you can use Session for this, but it will be better to create couple of custom object like User and store that object in session, it will help you to mange and get values easily.

you may find these examples helpful:

http://www.java2s.com/Code/ASP/Session-Cookie/StoreyourObjectinSessionC.htm
http://forums.asp.net/p/7504/7504.aspx

thanks
0
 
vossjckCommented:
What LJZ suggested is exactly what I have done for my purpose.  We are using ADO/LDAP to login in and I store all of my user information in a User object in session.  It makes it very easy to find the information.  
My object is called and stored in this manner :
 
Marlin.Common.User.cUser cUser = new Marlin.Common.User.cUser(UserName.Text.ToString().Trim(), Password.Text.ToString().Trim());

HttpContext.Current.Session["UserInfo"] = cUser;

Open in new window


Then when I need to retreive the object I do so like this :

Marlin.Common.User.cUser cUserInfo = (Marlin.Common.User.cUser)HttpContext.Current.Session["UserInfo"];
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
Ron MalmsteadInformation Services ManagerCommented:
The following code is something I use during logon...
It gets all the fields from the user table and stores them as session variables...

Session(reader.GetName(i)) = reader.GetValue(i)


Modify cmd.CommandText to match your sql command and test it out...
Realize that i'm doing an MD5() Hash of the user/pass values to prevent the possibility of SQL injection attack.  The usernames and passwords are stored as md5 hash values along side the username/password fields in my table.
protected void Login1_Authenticate(object sender, System.Web.UI.WebControls.AuthenticateEventArgs e)
{
	Session("isLoggedIn") = false;
	string UserName = md5(Login1.UserName);
	string Password = md5(Login1.Password);

	bool LoggedInPass = false;


	SqlConnection conn = new SqlConnection();
	conn.ConnectionString = dbconstring;
	SqlCommand cmd = new SqlCommand();
	cmd.CommandType = CommandType.Text;
	cmd.CommandText = "SELECT * FROM tbl_Users LEFT JOIN tbl_Groups ON tbl_Groups.GroupID = tbl_Users.GroupID" + " WHERE hashemail='" + UserName + "'" + " AND hashpassword='" + Password + "'";
	cmd.Connection = conn;


	try {
		conn.Open();
		SqlDataReader reader = default(SqlDataReader);

		reader = cmd.ExecuteReader;

		using (reader) {

			while (reader.Read) {
				int i = 0;

				for (i = 0; i <= reader.FieldCount - 1; i++) {
					Session(reader.GetName(i)) = reader.GetValue(i);
					Session("isLoggedIn") = true;
				}

			}
		}



	} catch (Exception ex) {
	}

	if (conn.State == ConnectionState.Open)
		conn.Close();

	this.Page_Load(sender, e);

}

Open in new window

0
 
dodgerfanAuthor Commented:
xuserx2000,
That looks similar to what I want to do. I'm not worried about the hash fields, I'm working with open fields. When a user logs in they get sent to the Default.aspx page. It's on this page I want to open the database table and extract certain fields to make them session variables that I can use in other places. So perhaps I should to this in the OnLoad event of the Default .aspx page? So I could start here:
SqlConnection conn = new SqlConnection();
      conn.ConnectionString = myconnection;
      SqlCommand cmd = new SqlCommand();
      cmd.CommandType = CommandType.Text;
      cmd.CommandText = "SELECT UserId, LName, FName From UserInfo WHERE UserName = @UserName;
      cmd.Connection = conn;

Then how do I set the variables from there? I would want one each for UserId, LName and FName. And the UserId in my UserInfo table is not the one in aspnet_Users. The one in this table is a 5 digit number I need to reference throughout the applicaton.

0
 
Ron MalmsteadInformation Services ManagerCommented:
"how do I set the variables from there?"


try {
            conn.Open();
            SqlDataReader reader = default(SqlDataReader);

            reader = cmd.ExecuteReader;

            using (reader) {

                  while (reader.Read) {
                        int i = 0;

                        for (i = 0; i <= reader.FieldCount - 1; i++) {
                              Session(reader.GetName(i)) = reader.GetValue(i);
                              Session("isLoggedIn") = true;
                        }

                  }
            }



....that says... .whatever the result is of the sql statement...
Set a Session variable to ... "fieldname"... with the value.
.... Session(Reader.GetName(i)) = Reader.GetValue(i)

So when you want to call the fields up later... you simply do the following...

Session("UserId")  
Session("LName")
Session("Fname")



 
0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
 
dodgerfanAuthor Commented:
It took me a day to get back to this, but I got it working with your help here. Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.