validating user before loading a page?

G

Guest

Is it possible to execute a query or do some validation before loading a page..
I have a survey page and i want to validate users before loading the page.
I have done it in the page_load.
But the problem i have is that if the user gets the URL and directly paste
it to the browser the USER still sees the page.
Is there a way how to check the user in the DB before loading the page (I
mean just by pasting the URL to the browser or just by clicking the IE
browser?
 
S

Steve C. Orr [MVP, MCSD]

P

Patrick Olurotimi Ige

Thanks Steve but what i want is that:-
When u click on the SURVEY link it checks if the USER is in the Database
if he/she is in the DB it retunrs access denied Which i have done.
And if they aren't INSERT the user..

But getting problems with my stored procedure below:-

CREATE procedure oyinbo(@username varchar(50), @password varchar(50) )
as
if exists
-- You cannot register usernames already registered on the database
twice.
(
select username from register where username = @username
)
return 1 else
insert register(username,password) values(@username,@password)
GO

It checks the USER and denies it but it never gives me access to the
page ...which i think it inserts the user before checking..


My codebehind is :-
Sub Page_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
'Put user code to initialize the page here

conn = New
SqlConnection("server=(local);database=mydatabase;integrated
security=true;")
conn.Open()
txtuser.ID = Request.ServerVariables("LOGON_USER")

cmdcommand = New SqlCommand("rote", conn)
cmdcommand.CommandType = CommandType.StoredProcedure
param = cmdcommand.Parameters.Add("ReturnValue", SqlDbType.Int)
param.Direction = ParameterDirection.ReturnValue
cmdcommand.Parameters.Add("@username", txtuser.Name)

'cmdcommand.Parameters.Add(New SqlParameter("@DateCreated",
SqlDbType.DateTime, 8))
'cmdcommand.Parameters("@DateCreated").Value = Now()

cmdcommand.ExecuteNonQuery()

If cmdcommand.Parameters("ReturnValue").Value = 1 Then

Response.redirect("noaccess.aspx")
' lblMessage.Text = "Username already exists!"
Else

' lblMessage.Text = "Success!"
Response.Redirect("startsurvey.aspx")

End If




conn.Close()


End Sub


Any thing i'm doing wrong?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top