View Single Post
  #4 (permalink)  
Old February 27th, 2012, 11:37 PM
vbboyd vbboyd is offline
Friend of Wrox
Points: 1,905, Level: 17
Points: 1,905, Level: 17 Points: 1,905, Level: 17 Points: 1,905, Level: 17
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: May 2011
Posts: 411
Thanks: 13
Thanked 7 Times in 7 Posts
Default This is a really tough question but I think that I might have a solution:

Given the following code for the Webmaster page in the markup view
Code:
<div class="Menu">
        <asp:LoginView ID="loginView" runat="server">
          <LoggedInTemplate>
            <asp:LoginName ID="loginName" runat="server"
                FormatString="Hello, {0}!" />
                 (<asp:LoginStatus ID="loginStatus" runat="server" />)
            <asp:SiteMapDataSource id="ImarProductionsSiteMap" runat="server"
                ShowStartingNode="false" />
            <asp:Menu id="ImarProductionsMenu" runat="server"
                DataSourceID="dorknozzleSiteMap">
              <StaticItemTemplate>
                <img src="Images/book_closed.gif" alt="+"
                    width="16" height="16" style="border-width: 0;" />
                <%# Eval("Text") %>
              </StaticItemTemplate>
            </asp:Menu>
         </LoggedInTemplate>
          <AnonymousTemplate>
            <asp:LoginStatus ID="loginStatus" runat="server" />
          </AnonymousTemplate>
        </asp:LoginView> 
      </div>
      <!-- Content -->
      <div class="Content">
As you can see I can capture the user LoginName in the LoginTemplate how would I capture the Password using the code example up above so that the password is is not displayed? This way after they logged in successfully and go to the Default.aspx page, I can use their password (which in case is their EmployeeID) and put it in a query in the form load so that I can find out which department they belong to? Here is the code to the Default.aspx page:
Code:
protected void Page_Load(object sender, EventArgs e)
  {
    // Read the employees list when initially loading the page
    if (!IsPostBack)
    {
      LoadEmployeesList();
//loading a DropDown list box with the Employee Names and their UserIDs
    }
  }
  private void LoadEmployeesList()
  {
    // Declare objects
    SqlConnection conn;
    SqlCommand comm;
    SqlDataReader reader;
    // Read the connection string from Web.config
    string connectionString =
        ConfigurationManager.ConnectionStrings[
        "ImarProductionsEmpDatabase"].ConnectionString;
    // Initialize connection
    conn = new SqlConnection(connectionString);
    // Create command
    comm = new SqlCommand(
        "SELECT EmployeeID, Name, DepartmentID FROM Employees where DepartmentID = [COLOR="Sienna"]Password[/COLOR]", conn);
    // Enclose database code in Try-Catch-Finally
    try
    {
      // Open the connection
      conn.Open();
      // Execute the command
      reader = comm.ExecuteReader();
      // Populate the list of categories
      employeesList.DataSource = reader;
      employeesList.DataValueField = "EmployeeID";
      employeesList.DataTextField = "Name";
      employeesList.DataBind();
      // Close the reader
      reader.Close();
    }
    catch
    {
      // Display error message
      dbErrorLabel.Text =
          "Error loading the list of employees!<br />";
    }
    finally
    {
      // Close the connection
      conn.Close();
    }
    // Disable the update button
    updateButton.Enabled = false;
    // Disable the delete button
    deleteButton.Enabled = false;
    // Clear any values in the TextBox controls
    nameTextBox.Text = "";
    userNameTextBox.Text = "";
    addressTextBox.Text = "";
    cityTextBox.Text = "";
    stateTextBox.Text = "";
    zipTextBox.Text = "";
    homePhoneTextBox.Text = "";
    extensionTextBox.Text = "";
    mobilePhoneTextBox.Text = "";
  }

 protected void selectButton_Click(object sender, EventArgs e)
  {
    // Declare objects
    SqlConnection conn;
    SqlCommand comm;
    SqlDataReader reader;
    // Read the connection string from Web.config
    string connectionString =
        ConfigurationManager.ConnectionStrings[
        "ImarProductions"].ConnectionString;
    // Initialize connection
    conn = new SqlConnection(connectionString);
    // Create command
    comm = new SqlCommand(
        "SELECT Name, Username, Address, City, State, Zip, " +
        "HomePhone, Extension, MobilePhone FROM Employees " +
        "WHERE EmployeeID = @EmployeID", conn);
    // Add command parameters
    comm.Parameters.Add("@EmployeeID", System.Data.SqlDbType.Int);
    comm.Parameters["@EmployeeID"].Value =
        employeesList.SelectedItem.Value;
    // Enclose database code in Try-Catch-Finally
    try
    {
      // Open the connection
      conn.Open();
      // Execute the command
      reader = comm.ExecuteReader();
      // Display the data on the form
      if (reader.Read())
      {
        nameTextBox.Text = reader["Name"].ToString();
        userNameTextBox.Text = reader["Username"].ToString();
        addressTextBox.Text = reader["Address"].ToString();
        cityTextBox.Text = reader["City"].ToString();
        stateTextBox.Text = reader["State"].ToString();
        zipTextBox.Text = reader["Zip"].ToString();
        homePhoneTextBox.Text = reader["HomePhone"].ToString();
        extensionTextBox.Text = reader["Extension"].ToString();
        mobilePhoneTextBox.Text = reader["MobilePhone"].ToString();
      }
      // Close the reader 
      reader.Close();
      // Enable the Update button
      updateButton.Enabled = true;
      // Enable the Delete button
      deleteButton.Enabled = true;
    }
    catch
    {
      // Display error message
      dbErrorLabel.Text =
          "Error loading the employee details!<br />";
    }
    finally
    {
      // Close the connection
      conn.Close();
    }
  }
This is a really, really tough question I know, since it is not very easy to follow my logic, but I like to have a go at a very tough creative challenge every once in a while.
Reply With Quote