Hi I'm creating a login form from scratch in c# using 3 tiers. I've managed to build a working form that checks if the user data is correct. If he filled in the wrong data he'll get a message. But now I need to create a session to store the id.
I've searched the web and they say you have to add Session["sessionName"]= data
, but if I type Session["userId"]=s.studentNummer
he doesn't recognize anything. Is it better to put the sessions in the DAL or in the DLL? I wanted to write it in the DAL (function checkLogin). Can somebody please help me?
Here's my code:
DALstudent.cs
public class DALstudent
{
dc_databankDataContext dc = new dc_databankDataContext();
public void insertStudent(Student s)
{
dc.Students.InsertOnSubmit(s);
dc.SubmitChanges();
}
public bool checkLogin(string ID, string passw)
{
bool canlogin = false;
var result = (from s in dc.Students
where s.studentNummer == ID && s.studentPasswoord == passw
select s).Count();
if (result == 1)
{
canlogin = true;
}
else
{
canlogin = false;
}
return canlogin;
}
}
BLLstudent.cs
public class BLLstudent
{
DALstudent DALstudent = new DALstudent();
public void insertStudent(Student s)
{
DALstudent.insertStudent(s);
}
public string getMD5Hash(string passwd)
{
MD5CryptoServiceProvider x = new MD5CryptoServiceProvider();
byte[] bs = Encoding.UTF8.GetBytes(passwd);
bs = x.ComputeHash(bs);
StringBuilder str = new StringBuilder();
foreach (byte b in bs)
{
str.Append(b.ToString("x2").ToLower());
}
string password = str.ToString();
return password;
}
public bool checkLogin(string ID, string passw)
{
bool canlogin = DALstudent.checkLogin(ID, passw);
if (canlogin == true)
{
return true;
}
else
{
throw new Exception("Uw gegevens kloppen niet");
}
}
}
login.aspx.cs
public partial class web_login : System.Web.UI.Page
{
protected void btnLogin_Click(object sender, EventArgs e)
{
try
{
BLLstudent BLLstudent = new BLLstudent();
var loginNr = txtLoginNr.Text;
var pass = BLLstudent.getMD5Hash(txtWachtwoord.Text);
var passw = pass;
BLLstudent.checkLogin(loginNr, passw);
Response.Redirect("student/s_procedure_goedkeuring.aspx");
}
catch (Exception Ex)
{
lblFeedback.Text = Ex.Message;
}
}
}
Session is a State Management Technique. A Session can store the value on the Server. It can support any type of object to be stored along with our own custom objects. A session is one of the best techniques for State Management because it stores the data as client-based.
A new session is created once for each new browser that hits your ASP.NET Web site. If a user stops hitting your Web site, his Session will time out after 20 minutes of inactivity, by default.
For external applications, you must create a Session object, if you do not have an Entity object. If you want to use the AdminSession object, the same rule applies.
.NET session state is handled in the presentation tier, although it is accessible in any business logic running in a web worker process (note that there is also out of process session state, but that too is managed from the presentation tier). It is rarely good practice to interact with session outside of the presentation tier.
In the business tier, session can be accessed with:
System.Web.HttpContext.Current.Session
Inside most web entities (Page, Control, View) it is simply referenced by Session
.
Session is a key-based collection; you put a value in with a key, and you retrieve the same value with a key.
protected override void OnLoad( EventArgs e )
{
Session["foo"] = "bar";
string valueFromSession = Session["foo"].ToString();
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With