0

I had finished the login page and all the othr pages i have 3 roles student admin adn a tutor i am creating an asp web application
after loging in the page is redirected to a default page that have a master page i want to put for every user a different menu like this

Private menu As String

    Public ReadOnly Property getmenu() As String
        Get
            Return menu

        End Get
    End Property


    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load


        If Context.User.IsInRole("Student") Then


            menu = "<tr valign=""top""> <td> <a href=""ViewMemo.aspx"" > View Memo</a> </td> </tr> <tr valign=""top""> <td> <a href=""StudentChapter.aspx"" > View Chapters</a> </td> </tr> <tr valign=""top""> <td> <a href=""StudentExam.aspx""> Take Exam</a> </td>  </tr> <tr valign=""top""> <td><a href=""ViewExamGrades.aspx""> View Exam Grades</a></td></tr><tr valign=""top""><td><a href=""ChangePassword.aspx""> Change Password </a></td></tr>"

        ElseIf Context.User.IsInRole("Tutor") Then

            menu = " <tr valign=""top""> <td> <a href=""ChapterCreate.aspx"" >  Create Chapter  </a></td></tr><tr valign=""top""><td><a href=""EditChapter.aspx"" > Edit Chapter</a></td></tr><tr valign=""top""><td><a href=""CreateExamPage.aspx"" > Create Exam</a></td></tr><tr valign=""top""><td><a href=""ManageExams.aspx""> Manage Exams</a></td></tr> <tr valign=""top""><td><a href=""CreateMemo.aspx"" > Create Memo</a></td></tr><tr valign=""top""><td><a href=""ViewExamGrades.aspx""> View Exam Grades</a></td></tr> <tr><td><a href=""ViewStudentLevel.aspx""> View Student Levels </a> </td> </tr> <tr> <td> <a href=""ChangePassword.aspx""> Change Password </a></td></tr>  "

        ElseIf Context.User.IsInRole("Admin") Then

            menu = " <tr valign=""top""><td><a href=""CreateUser.aspx""> Create User</a></td></tr><tr valign=""top""> <td> <a href=""ManageUsers.aspx"" > Manage Users</a></td></tr> "


        End If


    End Sub



End Class

*****plus am adding a get menu command in the html file****
the login source code is

Imports System.Data.SqlClient
Partial Public Class login
    Inherits System.Web.UI.Page

    Protected Sub loginbutton_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles loginbutton.Click

        If AuthenticateUser(loginnamebox.Text, passwordbox.Text) Then
            CreateAuthenticationTicket(loginnamebox.Text, remembermecheckbox.Checked)

        Else

            label1.Text = "Wrong username or password, please try again"


        End If



    End Sub



    Private Function AuthenticateUser(ByVal Username As String, _
ByVal Password As String) As Boolean


        Dim sqlCon As New SqlConnection(ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString)

        Dim query As String = "Select username from users where username = '" & Username & "'  and password  = '" & Password & "'"

        Dim sqlCmd As New SqlCommand(query, sqlCon)

        Dim reader As SqlDataReader



        sqlCon.Open()

        reader = sqlCmd.ExecuteReader()


        Return reader.HasRows
        sqlCon.Close()





    End Function

    Private Function GetUserRoles(ByVal username As String) As String

        Dim sqlCon As New SqlConnection(ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString)

        Dim query As String = "Select role from users where username =  '" & username & "'"

        Dim sqlCmd As New SqlCommand(query, sqlCon)
        Dim reader As SqlDataReader

        sqlCon.Open()

        reader = sqlCmd.ExecuteReader(Data.CommandBehavior.CloseConnection)


        reader.Read()

        Dim role As String = reader.Item(0).trim()


        sqlCon.Close()

        Return role






    End Function

    Private Sub CreateAuthenticationTicket(ByVal userName As String, ByVal isPersistent As Boolean)


        Dim version As String = 1
        Dim issueDate As DateTime = Now
        Dim expirationDate As Date
        Dim userData As String = GetUserRoles(userName)

        Dim cookiePath As String = "/"


        'Set the expirationDate
        If isPersistent Then
            expirationDate = Now.AddYears(1)
        Else
            expirationDate = Now.AddMinutes(60)
        End If


        'Set up the authentication ticket
        Dim FormAuthTicket As FormsAuthenticationTicket = _
        New FormsAuthenticationTicket(version, userName, issueDate, _
        expirationDate, isPersistent, userData, cookiePath)



        'Encrypt the ticket content as a string so it can be stored in a cookie
        Dim encTicket As String = FormsAuthentication.Encrypt(FormAuthTicket)

        'Place the encrypted ticket in a cookie
        Dim AuthCookie As HttpCookie = _
        New HttpCookie(FormsAuthentication.FormsCookieName, encTicket)


        'Set cookie duration if necessary
        If isPersistent Then AuthCookie.Expires = Now.AddYears(1)

        'Send cookie back to user
        Response.Cookies.Add(AuthCookie)

        'Redirect user to the page from whence they came
        Response.Redirect(FormsAuthentication.GetRedirectUrl(userName, isPersistent))


    End Sub






    Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load

    End Sub
End Class

i just dont know what is the problem:S

Edited by __avd: Added [code] tags. For easy readability, always wrap programming code within posts in [code] (code blocks).

3
Contributors
3
Replies
7
Views
7 Years
Discussion Span
Last Post by __avd
1

May be you should go for the form authentication in asp.net

Here's a demo code for you.......

</configSections> // after this in your web.config add the following.
<appSettings/>
<connectionStrings>
<add name="KMCon" connectionString="initial catalog=KM; data source=DEVELOPER\SQLEXPRESS; Integrated Security=SSPI"/>
</connectionStrings>

And give location path which you want to be accessed by all (including your Images,CSS,Javascipt etc. folders also for their proper working)...........

<location path="Pics.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="Reg.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>

Now add the following code for which you want a resticted and secure access..........

</compilation> // after this in your web.config add the following.
<authentication mode="Forms">
<forms loginUrl="Admin-IMKM/AdminLogin.aspx" defaultUrl="Admin/WelcomeAdmin.aspx"></forms>
</authentication>

Hope this helps ya........

0

its aweb application not a web site so the

<authentication mode="Windows"/>
not <authentication mode="Forums"/>


or its the same in this case?

i tried the one u send it to me but it didnt work so i replied

and 10x

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.