helo guys...am doing my website in asp.net and its gonna be an ecommerce site with shopping cart and all..I learned that i will need to makke use of session in the login form and pass it to the other forms...can anyone help and gimme some explanation
In this way you can redirect user who didnt login to login page.
can u plz explain me more precisely?? look i have a login form. and when i login, it redirects me to certain pages allowed to either user or administrator. but when i change the page.aspx name from the address bar of my browser, it is giving me pages that one should not have acccess to...i found out that i should use session..but am kinda lost in this area..plz gimme a helping hand.
You can set the sessions with the username of the person who logs in.
Use this session in your your page_load events on your pages in the site to check if it exists. if it doesnt, then they have not logged in (the session isnt there and hasnt been created yet) so redirect back to the login page with response.redirect!
If (Session("UserName") Is Nothing) Then
it works..but now the problem is that once login and that the user is directed to the default.aspx page, if login.aspx is typed in the address bar, it bring me to login.aspx page which is wrong...any solution?