Passing Data with Hidden Fields asp.net

G

Guest

Whats the best way to pass Data with hidden fields in asp.net.
I want to capture a LOGON_USER(from an intranet using Windows
Authentication)and then send the data to a table in the Database.
Any ideas?
 
K

Ken Cox [Microsoft MVP]

Hi Patrick,

Perhaps you could explain further what you need to accomplish?

Are you getting the name of LOGON_USER from the current page and doing the
data insert in that same page? If so, you don't need a hidden field. Just
put the userid into a local variable and pass it into your SQL insert.

Let us know a little more?

Ken
 
P

Patrick Olurotimi Ige

Ken thats exactly what i want to do..!
the LOGON_USER to the Database and the time entered..
If i don't need to use hidden files..
Can you show me another way i can do this in SQL as you stated!
Thanks!
 
K

Ken Cox [Microsoft MVP]

Hi Patrick,

Here's how I'd do it. The code below uses SQL Server.

Make sure you're not allowing Anonymous access to the Web.

Let us know if this helps?

Ken
Microsoft MVP [ASP.NET]
Toronto


Private Sub Page_Load _
(ByVal sender As System.Object, ByVal e As System.EventArgs) _
Handles MyBase.Load
' By Ken Cox - Microsoft MVP [ASP.NET]
' Get the Logged on user
' Make sure Anonymous is not checked in IIS Manager
' otherwise this may be empty
Dim strLogonUsr As String
strLogonUsr = Request.ServerVariables("LOGON_USER")
Dim myConnection = New SqlConnection("server=p4320;" _
& "Initial Catalog=logonusr;User ID=logonusruser;" & _
"Password=logonusruser;")
' Build a SQL INSERT statement string for all the input-form
' field values.
Dim insertCmd As String = _
"insert into LogDetail values (@Logon_User, @Logon_Time);"
' Initialize the SqlCommand with the new SQL string.
Dim myCommand = New SqlCommand(insertCmd, myConnection)
' Create new parameters for the SqlCommand object and
' initialize them to the field values.
' Create the parameter for the logon user
myCommand.Parameters.Add(New SqlParameter("@Logon_User", _
SqlDbType.VarChar, 50))
' Assign the value
myCommand.Parameters("@Logon_User").Value = strLogonUsr
' Create the parameter for the time
myCommand.Parameters.Add(New SqlParameter("@Logon_Time", _
SqlDbType.DateTime, 8))
' Assign the value as Now()
myCommand.Parameters("@Logon_Time").Value = Now()
myCommand.Connection.Open()

Try
' Execute the command
myCommand.ExecuteNonQuery()
' Report success
Label1.Text = "Inserted!"
Catch exc As SqlException
' Report trouble
Label1.Text = exc.Message
Finally
' Close the connection no matter what
myCommand.Connection.Close()
End Try
End Sub



<form id="Form1" method="post" runat="server">
<asp:Label id="Label1" runat="server">Label</asp:Label>
</form>
 
P

Patrick Olurotimi Ige

Thx Ken..
I used another approach which i used Hidden input textbox.
But your approach looks more interesting..!!!
Patrick
 
P

Patrick Olurotimi Ige

Ken for the sample but i have another Questions below:-
--------------------------------------------------------
When u click on the SURVEY link it checks if the USER is in the Database
if he/she is in the DB it retunrs access denied Which i have done.
And if they aren't INSERT the user..

But getting problems with my stored procedure below:-

CREATE procedure oyinbo(@username varchar(50), @password varchar(50) )
as
if exists
-- You cannot register usernames already registered on the database
twice.
(
select username from register where username = @username
)
return 1 else
insert register(username,password) values(@username,@password)
GO

It checks the USER and denies it but it never gives me access to the
page ...which i think it inserts the user before checking..


My codebehind is :-
Sub Page_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
'Put user code to initialize the page here

conn = New
SqlConnection("server=(local);database=mydatabase;integrated
security=true;")
conn.Open()
txtuser.ID = Request.ServerVariables("LOGON_USER")

cmdcommand = New SqlCommand("rote", conn)
cmdcommand.CommandType = CommandType.StoredProcedure
param = cmdcommand.Parameters.Add("ReturnValue", SqlDbType.Int)
param.Direction = ParameterDirection.ReturnValue
cmdcommand.Parameters.Add("@username", txtuser.Name)

'cmdcommand.Parameters.Add(New SqlParameter("@DateCreated",
SqlDbType.DateTime, 8))
'cmdcommand.Parameters("@DateCreated").Value = Now()

cmdcommand.ExecuteNonQuery()

If cmdcommand.Parameters("ReturnValue").Value = 1 Then

Response.redirect("noaccess.aspx")
' lblMessage.Text = "Username already exists!"
Else

' lblMessage.Text = "Success!"
Response.Redirect("startsurvey.aspx")

End If




conn.Close()


End Sub


Anything i'm doing wrong?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Remove hidden from only hovered element 1
Issue with passing fetched data to POST form. How can I? 0
Passing variable from Batch to Powershell help? 2
Persisting hidden fields. 2
Passing LOGON USER to the DB 0
EEG stream data with mne and brainfolw 0
Passing LOGON USER to the DB 3
Asp.net interactive map 0

Members online

Total: 23 (members: 1, guests: 22)
Robots: 499

Forum statistics

Threads
473,769
Messages
2,569,579
Members
45,053
Latest member
BrodieSola

Latest Threads

Top