Session Variables Disappearing

[Paul Yanzick]

Hello,

I am trying to develop a book tracking application for my capstone in
school, and am running into a problem.

The application is an ASP.Net application written in C#. The first page you
go to is a login form, which will set several session variables with the
name used to log in, appropriate security level and some other misc
variables, and then will go to a main menu for each particular security
level using Server.Transfer. Each main menu contains a user control at the
top showing the security level you are logged in as and the username that
you are logged in as.

From here, if I try to utilize a menu item (either hyperlink or a button
that uses Server.Transfer again) to go to a different page, the session
variables no longer seem to exist. For example, one such page goes to a
password change page, and also includes the same user control that the main
menu has at the top, however it doesn't list the information in the session
variables. In fact, it only shows part of the textual part as well. The
actual page itself uses another user control (basically a table with a few
fields on it) that calls a session variable, and that one doesn't show up
either.

I don't receive any errors, there just isn't anything that appears in these
fields. Each page has sessions enabled. If you have any suggestions,
PLEASE let me know!

If you would like to see what happens, take a look at
http://www.st-onge.org/class/dev/booktrack/default.aspx and use
tadmin/tadmin for the username/password. Right now the menu contains just a
button that is unlabeled, but that takes you to the password change utility.

Thanks in advance,
Paul

 

[Milan Negovan]

Hi Paul,

I don't receive any errors, there just isn't anything that appears in these
fields. Each page has sessions enabled. If you have any suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance the
session is disabled in web.config? What does your <sessionState> element
look like?

Also, do you happen to have a <pages> element in web.config that
disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Paul Yanzick]

Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings, so I use
(string) to cast them. For example, in the status bar user control, I use:
lblUserName.Text="Logged in using: " + Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString() to get the
info. The second line I am casting it to an integer to throw into the
function. The funny thing with these and the status bar is once it logs on
and takes you to the menu, all of the info is currect, however if I move
past that, the first line produces 'Logged in using:' and that is it, while
the second line produces absolutely nothing.

Thanks for your help!

Paul

 

[Paul]

First think I'd do is look into the possibility that the session vars
are not yet established (after the Server.Transfer) when you hit the
Application_AuthenticationRequest event in Global.aspx. This is a
problem! It means you can't use the session vars. Using cookies is one
method I've read about (never implemented it myself.) Do a search for
FormsAuthenticationTicket, which is a cookie that can be created if you
are using Forms Authentication, and will be the first choice for setting
a cookie with the vars that you are now putting into session vars. I
guess there is a way to use other cookies, but the
FormsAuthenticationTicket cookie is supposed to be the best way to go.

It's a bummer - an aggravation, but there is a way to do it.

 

[Paul Yanzick]

Thanks for the suggestion, however if this is the case then why does it work
the first time, and then stop working?

Thanks
Paul

 

[Alvin Bruney [MVP]]

you have custom controls on that page? custom controls cannot directly
access session, you need to first get a reference to the session object from
httpcontext.current.

If that still doesn't work, you will need to put code to display the session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" + Session["UserName"].ToString() +
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings, so I use
(string) to cast them. For example, in the status bar user control, I use:
lblUserName.Text="Logged in using: " + Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString() to get the
info. The second line I am casting it to an integer to throw into the
function. The funny thing with these and the status bar is once it logs on
and takes you to the menu, all of the info is currect, however if I move
past that, the first line produces 'Logged in using:' and that is it, while
the second line produces absolutely nothing.

Thanks for your help!

Paul

 

[Milan Negovan]

The only way you can run ahead of Session is if you write an HttpModule or
HttpHandler and tap too early, i.e. before the session object is available
which is not what he's up to. What baffles me is why this produces noting at
all:

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

Something's weird. PaulY, can you zip up some code and put it up for
download? Remove sensitive information from code if you can.

 

[Milan Negovan]

It'll be helpful to see how you authenticate the user, set an authentication
cookie and store info in the session...

 

[.NET Follower]

hi,
also before accessing session variabls..
just check for its existence...
if Session["key"]!=null then
only access..

 

[Paul Yanzick]

Thanks for the suggestion! I do have one question though, that being the
case, why does it work once, but not once I move on from that page?

Thanks
Paul

you have custom controls on that page? custom controls cannot directly
access session, you need to first get a reference to the session object from
httpcontext.current.

If that still doesn't work, you will need to put code to display the session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" + Session["UserName"].ToString() +
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings, so I use
(string) to cast them. For example, in the status bar user control, I use:
lblUserName.Text="Logged in using: " + Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString() to get the
info. The second line I am casting it to an integer to throw into the
function. The funny thing with these and the status bar is once it logs on
and takes you to the menu, all of the info is currect, however if I move
past that, the first line produces 'Logged in using:' and that is it, while
the second line produces absolutely nothing.

Thanks for your help!

Paul

Hi Paul,


I don't receive any errors, there just isn't anything that appears

in
these

fields. Each page has sessions enabled. If you have any suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance the
session is disabled in web.config? What does your <sessionState> element
look like?

Also, do you happen to have a <pages> element in web.config that
disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Alvin Bruney [MVP]]

i really have no idea. if you can't figure this out, i 'd be happy to look
at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Thanks for the suggestion! I do have one question though, that being the
case, why does it work once, but not once I move on from that page?

Thanks
Paul

you have custom controls on that page? custom controls cannot directly
access session, you need to first get a reference to the session object from
httpcontext.current.

If that still doesn't work, you will need to put code to display the session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" + Session["UserName"].ToString() +
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings, so I use
(string) to cast them. For example, in the status bar user control, I use:
lblUserName.Text="Logged in using: " + Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString() to

get
the

info. The second line I am casting it to an integer to throw into the
function. The funny thing with these and the status bar is once it

logs
on

and takes you to the menu, all of the info is currect, however if I move
past that, the first line produces 'Logged in using:' and that is it, while
the second line produces absolutely nothing.

Thanks for your help!

Paul



Hi Paul,


I don't receive any errors, there just isn't anything that appears in
these
fields. Each page has sessions enabled. If you have any suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance the
session is disabled in web.config? What does your <sessionState> element
look like?

Also, do you happen to have a <pages> element in web.config that
disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Paul Yanzick]

I may have to have you do that if you are willing...

Some more info..

From the login form (a form with a user control), the user control sets the
session variables. Using Server.Transfer, I move to another page, the main
menu. This has a user control (the user status info) which pulls the
session variables fine. I inserted a label just to pull the information
from a session variable, and that works. The button on the form, which uses
a Server.Transfer to go to another page with a user control to change the
password, is where things break. The same control on the main menu that
produced info, no longer works. The other user control on that page,
doesn't work either, nor does the same process to get session information
prior.

I think I am just doing something stupid here...

Thanks
Paul

i really have no idea. if you can't figure this out, i 'd be happy to look
at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Thanks for the suggestion! I do have one question though, that being the
case, why does it work once, but not once I move on from that page?

Thanks
Paul

you have custom controls on that page? custom controls cannot directly
access session, you need to first get a reference to the session

object
from

httpcontext.current.

If that still doesn't work, you will need to put code to display the session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" + Session["UserName"].ToString() +
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings, so

I
use

(string) to cast them. For example, in the status bar user control, I
use:
lblUserName.Text="Logged in using: " + Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString() to get
the
info. The second line I am casting it to an integer to throw into the
function. The funny thing with these and the status bar is once it logs
on
and takes you to the menu, all of the info is currect, however if I move
past that, the first line produces 'Logged in using:' and that is it,
while
the second line produces absolutely nothing.

Thanks for your help!

Paul



Hi Paul,


I don't receive any errors, there just isn't anything that

appears
in

these
fields. Each page has sessions enabled. If you have any suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance the
session is disabled in web.config? What does your <sessionState> element
look like?

Also, do you happen to have a <pages> element in web.config that
disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Paul Yanzick]

I should also mention I tried using httpcontext too, same thing...

i really have no idea. if you can't figure this out, i 'd be happy to look
at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Thanks for the suggestion! I do have one question though, that being the
case, why does it work once, but not once I move on from that page?

Thanks
Paul

you have custom controls on that page? custom controls cannot directly
access session, you need to first get a reference to the session

object
from

httpcontext.current.

If that still doesn't work, you will need to put code to display the session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" + Session["UserName"].ToString() +
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings, so

I
use

(string) to cast them. For example, in the status bar user control, I
use:
lblUserName.Text="Logged in using: " + Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString() to get
the
info. The second line I am casting it to an integer to throw into the
function. The funny thing with these and the status bar is once it logs
on
and takes you to the menu, all of the info is currect, however if I move
past that, the first line produces 'Logged in using:' and that is it,
while
the second line produces absolutely nothing.

Thanks for your help!

Paul



Hi Paul,


I don't receive any errors, there just isn't anything that

appears
in

these
fields. Each page has sessions enabled. If you have any suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance the
session is disabled in web.config? What does your <sessionState> element
look like?

Also, do you happen to have a <pages> element in web.config that
disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Alvin Bruney [MVP]]

Sure, post the code which reproduces the problem.

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

I should also mention I tried using httpcontext too, same thing...

i really have no idea. if you can't figure this out, i 'd be happy to look
at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Thanks for the suggestion! I do have one question though, that being the
case, why does it work once, but not once I move on from that page?

Thanks
Paul
"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
you have custom controls on that page? custom controls cannot directly
access session, you need to first get a reference to the session object
from
httpcontext.current.

If that still doesn't work, you will need to put code to display the
session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" +

Session["UserName"].ToString()

+

"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the
session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings,

so

I

control,

I

use:
lblUserName.Text="Logged in using: " + Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString()

to
get

the
info. The second line I am casting it to an integer to throw into the
function. The funny thing with these and the status bar is once

it
logs

on
and takes you to the menu, all of the info is currect, however if

I
move

past that, the first line produces 'Logged in using:' and that is it,
while
the second line produces absolutely nothing.

Thanks for your help!

Paul



Hi Paul,


I don't receive any errors, there just isn't anything that appears
in
these
fields. Each page has sessions enabled. If you have any
suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance the
session is disabled in web.config? What does your <sessionState>
element
look like?

Also, do you happen to have a <pages> element in web.config that
disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Paul Yanzick]

Sorry for the delay, I have tried posting the project as an attachment,
isn't working, so here is the code:

Default.aspx has no code, just the login control. Code is below:

namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

using System.Web.SessionState;

/// <summary>

/// Summary description for WebUserControl1.

/// </summary>

public class WebUserControl1 : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.TextBox txtUserName;

protected System.Web.UI.WebControls.TextBox txtPassword;

protected System.Web.UI.WebControls.Label txtError;

protected System.Web.UI.WebControls.Button btnCheckLogin;

private void Page_Load(object sender, System.EventArgs e)

{

if(!IsPostBack)

{

txtError.Text="";

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnCheckLogin.Click += new
System.EventHandler(this.btnCheckLogin_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnCheckLogin_Click(object sender, System.EventArgs e)

{

Auth Authentication = new Auth();

try

{

Session["UserID"]=Authentication.GetUserID(txtUserName.Text,txtPassword.Text
);

Session["SecurityLevel"]=Authentication.GetSecurityLevel((int)Session["UserI
D"]);

Session["UserName"]=txtUserName.Text;

Session["PassChange"]=txtUserName.Text;

txtError.Text="";

Server.Transfer(Authentication.GetMainMenu((int)Session["SecurityLevel"]));

}

catch

{

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

txtError.Text="You have entered incorrect user login credentials, please try
again";

}

}

}

}



From there, they get sent to a menu based off of the function called in the
CheckLogin_Click function. The Auth class is just a class I am using for DB
connection items.

Depending on who you log in as, you go to a main menu (different menu
depending on your credentials). Each menu (right now) is a blank page, with
the LoginStatusBar user control, giving information as to who they are
logged in as. The code for the LoginStatusBar.ascx.cs is below:

namespace BookTrack.UserControls

{

using System;

using System.Collections;

using System.ComponentModel;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.SessionState;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for LoginStatusBar.

/// </summary>

public class LoginStatusBar : System.Web.UI.UserControl

{

int LogOutFlag=0;

HttpContext current = HttpContext.Current;

Auth Authenticate = new Auth();

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.Button btnLogout;

protected System.Web.UI.WebControls.Label lblSecurity;

private void Page_Load(object sender, System.EventArgs e)

{

if(LogOutFlag==0)

{

try

{

lblUserName.Text="Logged in using: " +
current.Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)current.Session["SecurityLevel"]);

}

catch

{

}

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnLogout.Click += new System.EventHandler(this.btnLogout_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnLogout_Click(object sender, System.EventArgs e)

{

LogOutFlag=1;

Server.Transfer("../Default.aspx");



}

}

}

Up to this point, everything works fine.

One of the menus, I created a button and have it using Server.Transfer to
move to a password change page. It again has the same login status bar,
however this is where things break. It will produce the 'Logged in using:"
piece, and that is it. The "Security Level:" piece never shows up. In the
main page, I created a label to get the session variable, and it produces
nothing. The code for the Password Change.ascx.cs is below:



namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for PasswordChange.

/// </summary>

public class PasswordChange : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.Button btnChangePassword;

protected System.Web.UI.WebControls.Label Label4;

protected System.Web.UI.WebControls.Label Label3;

protected System.Web.UI.WebControls.Label Label2;

protected System.Web.UI.WebControls.Label Label1;

protected System.Web.UI.WebControls.TextBox txtConfirmPassword;

protected System.Web.UI.WebControls.TextBox txtNewPassword;

protected System.Web.UI.WebControls.TextBox txtOldPassword;

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.CompareValidator vldNewPass;

Auth Authenticate = new Auth();

private void Page_Load(object sender, System.EventArgs e)

{

lblUserName.Text=Session["UserName"].ToString();

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnChangePassword.Click += new
System.EventHandler(this.btnChangePassword_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnChangePassword_Click(object sender, System.EventArgs e)

{

try

{

if((bool)Authenticate.ChangePassword((string)Session["UserName"],txtOldPassw
ord.Text,txtNewPassword.Text))

{

Server.Transfer(Authenticate.GetMainMenu((int)Session["SecurityLevel"]));

}

}

catch

{

}


}

}

}



If you need any more info, please let me know.



Paul

Sure, post the code which reproduces the problem.

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

I should also mention I tried using httpcontext too, same thing...

i really have no idea. if you can't figure this out, i 'd be happy to look
at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Thanks for the suggestion! I do have one question though, that

being
the

case, why does it work once, but not once I move on from that page?

Thanks
Paul
"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
you have custom controls on that page? custom controls cannot directly
access session, you need to first get a reference to the session object
from
httpcontext.current.

If that still doesn't work, you will need to put code to display the
session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" +

Session["UserName"].ToString()

+
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the
session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings,

so

I
use
(string) to cast them. For example, in the status bar user

control,

I
use:
lblUserName.Text="Logged in using: " + Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses

ToString()

to into
the

if

I is
it,

 

[Alvin Bruney [MVP]]

Your class for your webform does not descend from UI page. What's the reason
for this?
Example:

public class WebForm1 : System.Web.UI.Page


--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Sorry for the delay, I have tried posting the project as an attachment,
isn't working, so here is the code:

Default.aspx has no code, just the login control. Code is below:

namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

using System.Web.SessionState;

/// <summary>

/// Summary description for WebUserControl1.

/// </summary>

public class WebUserControl1 : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.TextBox txtUserName;

protected System.Web.UI.WebControls.TextBox txtPassword;

protected System.Web.UI.WebControls.Label txtError;

protected System.Web.UI.WebControls.Button btnCheckLogin;

private void Page_Load(object sender, System.EventArgs e)

{

if(!IsPostBack)

{

txtError.Text="";

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnCheckLogin.Click += new
System.EventHandler(this.btnCheckLogin_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnCheckLogin_Click(object sender, System.EventArgs e)

{

Auth Authentication = new Auth();

try

{

Session["UserID"]=Authentication.GetUserID(txtUserName.Text,txtPassword.Text

);

Session["SecurityLevel"]=Authentication.GetSecurityLevel((int)Session["UserI

D"]);

Session["UserName"]=txtUserName.Text;

Session["PassChange"]=txtUserName.Text;

txtError.Text="";

Server.Transfer(Authentication.GetMainMenu((int)Session["SecurityLevel"]));

}

catch

{

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

txtError.Text="You have entered incorrect user login credentials, please try
again";

}

}

}

}



From there, they get sent to a menu based off of the function called in the
CheckLogin_Click function. The Auth class is just a class I am using for DB
connection items.

Depending on who you log in as, you go to a main menu (different menu
depending on your credentials). Each menu (right now) is a blank page, with
the LoginStatusBar user control, giving information as to who they are
logged in as. The code for the LoginStatusBar.ascx.cs is below:

namespace BookTrack.UserControls

{

using System;

using System.Collections;

using System.ComponentModel;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.SessionState;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for LoginStatusBar.

/// </summary>

public class LoginStatusBar : System.Web.UI.UserControl

{

int LogOutFlag=0;

HttpContext current = HttpContext.Current;

Auth Authenticate = new Auth();

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.Button btnLogout;

protected System.Web.UI.WebControls.Label lblSecurity;

private void Page_Load(object sender, System.EventArgs e)

{

if(LogOutFlag==0)

{

try

{

lblUserName.Text="Logged in using: " +
current.Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)current.Session["SecurityLevel"]);

}

catch

{

}

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnLogout.Click += new System.EventHandler(this.btnLogout_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnLogout_Click(object sender, System.EventArgs e)

{

LogOutFlag=1;

Server.Transfer("../Default.aspx");



}

}

}

Up to this point, everything works fine.

One of the menus, I created a button and have it using Server.Transfer to
move to a password change page. It again has the same login status bar,
however this is where things break. It will produce the 'Logged in using:"
piece, and that is it. The "Security Level:" piece never shows up. In the
main page, I created a label to get the session variable, and it produces
nothing. The code for the Password Change.ascx.cs is below:



namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for PasswordChange.

/// </summary>

public class PasswordChange : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.Button btnChangePassword;

protected System.Web.UI.WebControls.Label Label4;

protected System.Web.UI.WebControls.Label Label3;

protected System.Web.UI.WebControls.Label Label2;

protected System.Web.UI.WebControls.Label Label1;

protected System.Web.UI.WebControls.TextBox txtConfirmPassword;

protected System.Web.UI.WebControls.TextBox txtNewPassword;

protected System.Web.UI.WebControls.TextBox txtOldPassword;

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.CompareValidator vldNewPass;

Auth Authenticate = new Auth();

private void Page_Load(object sender, System.EventArgs e)

{

lblUserName.Text=Session["UserName"].ToString();

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnChangePassword.Click += new
System.EventHandler(this.btnChangePassword_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnChangePassword_Click(object sender, System.EventArgs e)

{

try

{

if((bool)Authenticate.ChangePassword((string)Session["UserName"],txtOldPassw
ord.Text,txtNewPassword.Text))

{

Server.Transfer(Authenticate.GetMainMenu((int)Session["SecurityLevel"]));

}

}

catch

{

}


}

}

}



If you need any more info, please let me know.



Paul

Sure, post the code which reproduces the problem.

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

I should also mention I tried using httpcontext too, same thing...


"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
i really have no idea. if you can't figure this out, i 'd be happy

to
look

at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Thanks for the suggestion! I do have one question though, that being
the
case, why does it work once, but not once I move on from that page?

Thanks
Paul
"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
you have custom controls on that page? custom controls cannot directly
access session, you need to first get a reference to the session
object
from
httpcontext.current.

If that still doesn't work, you will need to put code to display the
session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" + Session["UserName"].ToString()
+
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have the
session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are

strings,
so

I
use
(string) to cast them. For example, in the status bar user control,
I
use:
lblUserName.Text="Logged in using: " +
Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses

ToString()

to
get
the
info. The second line I am casting it to an integer to throw into
the
function. The funny thing with these and the status bar is

once
it

logs
on
and takes you to the menu, all of the info is currect, however

if

I
move
past that, the first line produces 'Logged in using:' and that is
it,
while
the second line produces absolutely nothing.

Thanks for your help!

Paul



Hi Paul,


I don't receive any errors, there just isn't anything that
appears
in
these
fields. Each page has sessions enabled. If you have any
suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a

chance
the

session is disabled in web.config? What does your

element
look like?

Also, do you happen to have a <pages> element in web.config that
disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Paul Yanzick]

There really isn't a reason.... In fact, I didn't change from the defaults.
Is this causing the issue?

Your class for your webform does not descend from UI page. What's the reason
for this?
Example:

public class WebForm1 : System.Web.UI.Page


--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Sorry for the delay, I have tried posting the project as an attachment,
isn't working, so here is the code:

Default.aspx has no code, just the login control. Code is below:

namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

using System.Web.SessionState;

/// <summary>

/// Summary description for WebUserControl1.

/// </summary>

public class WebUserControl1 : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.TextBox txtUserName;

protected System.Web.UI.WebControls.TextBox txtPassword;

protected System.Web.UI.WebControls.Label txtError;

protected System.Web.UI.WebControls.Button btnCheckLogin;

private void Page_Load(object sender, System.EventArgs e)

{

if(!IsPostBack)

{

txtError.Text="";

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnCheckLogin.Click += new
System.EventHandler(this.btnCheckLogin_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnCheckLogin_Click(object sender, System.EventArgs e)

{

Auth Authentication = new Auth();

try

{

Session["UserID"]=Authentication.GetUserID(txtUserName.Text,txtPassword.TextSession["SecurityLevel"]=Authentication.GetSecurityLevel((int)Session["UserI

D"]);

Session["UserName"]=txtUserName.Text;

Session["PassChange"]=txtUserName.Text;

txtError.Text="";

Server.Transfer(Authentication.GetMainMenu((int)Session["SecurityLevel"]));

}

catch

{

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

txtError.Text="You have entered incorrect user login credentials, please try
again";

}

}

}

}



From there, they get sent to a menu based off of the function called in the
CheckLogin_Click function. The Auth class is just a class I am using

for

DB
connection items.

Depending on who you log in as, you go to a main menu (different menu
depending on your credentials). Each menu (right now) is a blank page, with
the LoginStatusBar user control, giving information as to who they are
logged in as. The code for the LoginStatusBar.ascx.cs is below:

namespace BookTrack.UserControls

{

using System;

using System.Collections;

using System.ComponentModel;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.SessionState;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for LoginStatusBar.

/// </summary>

public class LoginStatusBar : System.Web.UI.UserControl

{

int LogOutFlag=0;

HttpContext current = HttpContext.Current;

Auth Authenticate = new Auth();

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.Button btnLogout;

protected System.Web.UI.WebControls.Label lblSecurity;

private void Page_Load(object sender, System.EventArgs e)

{

if(LogOutFlag==0)

{

try

{

lblUserName.Text="Logged in using: " +
current.Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)current.Session["SecurityLevel"]);

}

catch

{

}

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnLogout.Click += new System.EventHandler(this.btnLogout_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnLogout_Click(object sender, System.EventArgs e)

{

LogOutFlag=1;

Server.Transfer("../Default.aspx");



}

}

}

Up to this point, everything works fine.

One of the menus, I created a button and have it using Server.Transfer to
move to a password change page. It again has the same login status bar,
however this is where things break. It will produce the 'Logged in using:"
piece, and that is it. The "Security Level:" piece never shows up. In the
main page, I created a label to get the session variable, and it produces
nothing. The code for the Password Change.ascx.cs is below:



namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for PasswordChange.

/// </summary>

public class PasswordChange : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.Button btnChangePassword;

protected System.Web.UI.WebControls.Label Label4;

protected System.Web.UI.WebControls.Label Label3;

protected System.Web.UI.WebControls.Label Label2;

protected System.Web.UI.WebControls.Label Label1;

protected System.Web.UI.WebControls.TextBox txtConfirmPassword;

protected System.Web.UI.WebControls.TextBox txtNewPassword;

protected System.Web.UI.WebControls.TextBox txtOldPassword;

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.CompareValidator vldNewPass;

Auth Authenticate = new Auth();

private void Page_Load(object sender, System.EventArgs e)

{

lblUserName.Text=Session["UserName"].ToString();

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnChangePassword.Click += new
System.EventHandler(this.btnChangePassword_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnChangePassword_Click(object sender, System.EventArgs e)

{

try

{

if((bool)Authenticate.ChangePassword((string)Session["UserName"],txtOldPassw

ord.Text,txtNewPassword.Text))

{

Server.Transfer(Authenticate.GetMainMenu((int)Session["SecurityLevel"]));

}

}

catch

{

}


}

}

}



If you need any more info, please let me know.



Paul

Sure, post the code which reproduces the problem.

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
I should also mention I tried using httpcontext too, same thing...


"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
i really have no idea. if you can't figure this out, i 'd be happy to
look
at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Thanks for the suggestion! I do have one question though, that being
the
case, why does it work once, but not once I move on from that page?

Thanks
Paul
"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
you have custom controls on that page? custom controls cannot
directly
access session, you need to first get a reference to the session
object
from
httpcontext.current.

If that still doesn't work, you will need to put code to

display
the

session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" +
Session["UserName"].ToString()
+
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to

have
the

session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings,
so
I
use
(string) to cast them. For example, in the status bar user
control,
I
use:
lblUserName.Text="Logged in using: " +
Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString()
to
get
the
info. The second line I am casting it to an integer to

throw
into

the
function. The funny thing with these and the status bar is once
it
logs
on
and takes you to the menu, all of the info is currect,

however
if

I
move
past that, the first line produces 'Logged in using:' and

that
is

it,
while
the second line produces absolutely nothing.

Thanks for your help!

Paul



Hi Paul,


I don't receive any errors, there just isn't anything that
appears
in
these
fields. Each page has sessions enabled. If you have any
suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance
the
session is disabled in web.config? What does your

element
look like?

Also, do you happen to have a <pages> element in

web.config
that

disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Paul Yanzick]

Which class are you referring to? I don't see one specifically that isn't,
other than the user controls.

Your class for your webform does not descend from UI page. What's the reason
for this?
Example:

public class WebForm1 : System.Web.UI.Page


--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Sorry for the delay, I have tried posting the project as an attachment,
isn't working, so here is the code:

Default.aspx has no code, just the login control. Code is below:

namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

using System.Web.SessionState;

/// <summary>

/// Summary description for WebUserControl1.

/// </summary>

public class WebUserControl1 : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.TextBox txtUserName;

protected System.Web.UI.WebControls.TextBox txtPassword;

protected System.Web.UI.WebControls.Label txtError;

protected System.Web.UI.WebControls.Button btnCheckLogin;

private void Page_Load(object sender, System.EventArgs e)

{

if(!IsPostBack)

{

txtError.Text="";

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnCheckLogin.Click += new
System.EventHandler(this.btnCheckLogin_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnCheckLogin_Click(object sender, System.EventArgs e)

{

Auth Authentication = new Auth();

try

{

Session["UserID"]=Authentication.GetUserID(txtUserName.Text,txtPassword.TextSession["SecurityLevel"]=Authentication.GetSecurityLevel((int)Session["UserI

D"]);

Session["UserName"]=txtUserName.Text;

Session["PassChange"]=txtUserName.Text;

txtError.Text="";

Server.Transfer(Authentication.GetMainMenu((int)Session["SecurityLevel"]));

}

catch

{

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

txtError.Text="You have entered incorrect user login credentials, please try
again";

}

}

}

}



From there, they get sent to a menu based off of the function called in the
CheckLogin_Click function. The Auth class is just a class I am using

for

DB
connection items.

Depending on who you log in as, you go to a main menu (different menu
depending on your credentials). Each menu (right now) is a blank page, with
the LoginStatusBar user control, giving information as to who they are
logged in as. The code for the LoginStatusBar.ascx.cs is below:

namespace BookTrack.UserControls

{

using System;

using System.Collections;

using System.ComponentModel;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.SessionState;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for LoginStatusBar.

/// </summary>

public class LoginStatusBar : System.Web.UI.UserControl

{

int LogOutFlag=0;

HttpContext current = HttpContext.Current;

Auth Authenticate = new Auth();

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.Button btnLogout;

protected System.Web.UI.WebControls.Label lblSecurity;

private void Page_Load(object sender, System.EventArgs e)

{

if(LogOutFlag==0)

{

try

{

lblUserName.Text="Logged in using: " +
current.Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)current.Session["SecurityLevel"]);

}

catch

{

}

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnLogout.Click += new System.EventHandler(this.btnLogout_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnLogout_Click(object sender, System.EventArgs e)

{

LogOutFlag=1;

Server.Transfer("../Default.aspx");



}

}

}

Up to this point, everything works fine.

One of the menus, I created a button and have it using Server.Transfer to
move to a password change page. It again has the same login status bar,
however this is where things break. It will produce the 'Logged in using:"
piece, and that is it. The "Security Level:" piece never shows up. In the
main page, I created a label to get the session variable, and it produces
nothing. The code for the Password Change.ascx.cs is below:



namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for PasswordChange.

/// </summary>

public class PasswordChange : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.Button btnChangePassword;

protected System.Web.UI.WebControls.Label Label4;

protected System.Web.UI.WebControls.Label Label3;

protected System.Web.UI.WebControls.Label Label2;

protected System.Web.UI.WebControls.Label Label1;

protected System.Web.UI.WebControls.TextBox txtConfirmPassword;

protected System.Web.UI.WebControls.TextBox txtNewPassword;

protected System.Web.UI.WebControls.TextBox txtOldPassword;

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.CompareValidator vldNewPass;

Auth Authenticate = new Auth();

private void Page_Load(object sender, System.EventArgs e)

{

lblUserName.Text=Session["UserName"].ToString();

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnChangePassword.Click += new
System.EventHandler(this.btnChangePassword_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnChangePassword_Click(object sender, System.EventArgs e)

{

try

{

if((bool)Authenticate.ChangePassword((string)Session["UserName"],txtOldPassw

ord.Text,txtNewPassword.Text))

{

Server.Transfer(Authenticate.GetMainMenu((int)Session["SecurityLevel"]));

}

}

catch

{

}


}

}

}



If you need any more info, please let me know.



Paul

Sure, post the code which reproduces the problem.

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
I should also mention I tried using httpcontext too, same thing...


"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
i really have no idea. if you can't figure this out, i 'd be happy to
look
at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Thanks for the suggestion! I do have one question though, that being
the
case, why does it work once, but not once I move on from that page?

Thanks
Paul
"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
you have custom controls on that page? custom controls cannot
directly
access session, you need to first get a reference to the session
object
from
httpcontext.current.

If that still doesn't work, you will need to put code to

display
the

session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" +
Session["UserName"].ToString()
+
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to

have
the

session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings,
so
I
use
(string) to cast them. For example, in the status bar user
control,
I
use:
lblUserName.Text="Logged in using: " +
Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses ToString()
to
get
the
info. The second line I am casting it to an integer to

throw
into

the
function. The funny thing with these and the status bar is once
it
logs
on
and takes you to the menu, all of the info is currect,

however
if

I
move
past that, the first line produces 'Logged in using:' and

that
is

it,
while
the second line produces absolutely nothing.

Thanks for your help!

Paul



Hi Paul,


I don't receive any errors, there just isn't anything that
appears
in
these
fields. Each page has sessions enabled. If you have any
suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance
the
session is disabled in web.config? What does your

element
look like?

Also, do you happen to have a <pages> element in

web.config
that

disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Alvin Bruney [MVP]]

I spent a great deal of time just trying to get the example to compile with
all the missing undefined classes which really didn't help.

Please provide a short but complete program which demonstrates the problem
according to jons instructions here
http://www.yoda.arachsys.com/csharp/complete.html

Short but complete means I want to paste it into my ide and have it compile
so that i can spend 20 minutes on the bug, and not 20 minutes trying to get
it to compile.

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Which class are you referring to? I don't see one specifically that isn't,
other than the user controls.

Your class for your webform does not descend from UI page. What's the reason
for this?
Example:

public class WebForm1 : System.Web.UI.Page


--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b

Sorry for the delay, I have tried posting the project as an attachment,
isn't working, so here is the code:

Default.aspx has no code, just the login control. Code is below:

namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

using System.Web.SessionState;

/// <summary>

/// Summary description for WebUserControl1.

/// </summary>

public class WebUserControl1 : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.TextBox txtUserName;

protected System.Web.UI.WebControls.TextBox txtPassword;

protected System.Web.UI.WebControls.Label txtError;

protected System.Web.UI.WebControls.Button btnCheckLogin;

private void Page_Load(object sender, System.EventArgs e)

{

if(!IsPostBack)

{

txtError.Text="";

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnCheckLogin.Click += new
System.EventHandler(this.btnCheckLogin_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnCheckLogin_Click(object sender, System.EventArgs e)

{

Auth Authentication = new Auth();

try

{

Session["UserID"]=Authentication.GetUserID(txtUserName.Text,txtPassword.TextSession["SecurityLevel"]=Authentication.GetSecurityLevel((int)Session["UserI

D"]);

Session["UserName"]=txtUserName.Text;

Session["PassChange"]=txtUserName.Text;

txtError.Text="";

Server.Transfer(Authentication.GetMainMenu((int)Session["SecurityLevel"]));

}

catch

{

Session["UserID"]="";

Session["SecurityLevel"]="";

Session["UserName"]="";

txtError.Text="You have entered incorrect user login credentials,

please
try

again";

}

}

}

}



From there, they get sent to a menu based off of the function called

in
the

CheckLogin_Click function. The Auth class is just a class I am using

for

DB
connection items.

Depending on who you log in as, you go to a main menu (different menu
depending on your credentials). Each menu (right now) is a blank

page,
with

the LoginStatusBar user control, giving information as to who they are
logged in as. The code for the LoginStatusBar.ascx.cs is below:

namespace BookTrack.UserControls

{

using System;

using System.Collections;

using System.ComponentModel;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.SessionState;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for LoginStatusBar.

/// </summary>

public class LoginStatusBar : System.Web.UI.UserControl

{

int LogOutFlag=0;

HttpContext current = HttpContext.Current;

Auth Authenticate = new Auth();

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.Button btnLogout;

protected System.Web.UI.WebControls.Label lblSecurity;

private void Page_Load(object sender, System.EventArgs e)

{

if(LogOutFlag==0)

{

try

{

lblUserName.Text="Logged in using: " +
current.Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +
Authenticate.GetSecurityLevelText((int)current.Session["SecurityLevel"]);

}

catch

{

}

}

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnLogout.Click += new System.EventHandler(this.btnLogout_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnLogout_Click(object sender, System.EventArgs e)

{

LogOutFlag=1;

Server.Transfer("../Default.aspx");



}

}

}

Up to this point, everything works fine.

One of the menus, I created a button and have it using Server.Transfer to
move to a password change page. It again has the same login status bar,
however this is where things break. It will produce the 'Logged in using:"
piece, and that is it. The "Security Level:" piece never shows up.

In
the

main page, I created a label to get the session variable, and it produces
nothing. The code for the Password Change.ascx.cs is below:



namespace BookTrack.UserControls

{

using System;

using System.Data;

using System.Drawing;

using System.Web;

using System.Web.UI.WebControls;

using System.Web.UI.HtmlControls;

/// <summary>

/// Summary description for PasswordChange.

/// </summary>

public class PasswordChange : System.Web.UI.UserControl

{

protected System.Web.UI.WebControls.Button btnChangePassword;

protected System.Web.UI.WebControls.Label Label4;

protected System.Web.UI.WebControls.Label Label3;

protected System.Web.UI.WebControls.Label Label2;

protected System.Web.UI.WebControls.Label Label1;

protected System.Web.UI.WebControls.TextBox txtConfirmPassword;

protected System.Web.UI.WebControls.TextBox txtNewPassword;

protected System.Web.UI.WebControls.TextBox txtOldPassword;

protected System.Web.UI.WebControls.Label lblUserName;

protected System.Web.UI.WebControls.CompareValidator vldNewPass;

Auth Authenticate = new Auth();

private void Page_Load(object sender, System.EventArgs e)

{

lblUserName.Text=Session["UserName"].ToString();

}

#region Web Form Designer generated code

override protected void OnInit(EventArgs e)

{

//

// CODEGEN: This call is required by the ASP.NET Web Form Designer.

//

InitializeComponent();

base.OnInit(e);

}


/// <summary>

/// Required method for Designer support - do not modify

/// the contents of this method with the code editor.

/// </summary>

private void InitializeComponent()

{

this.btnChangePassword.Click += new
System.EventHandler(this.btnChangePassword_Click);

this.Load += new System.EventHandler(this.Page_Load);

}

#endregion

private void btnChangePassword_Click(object sender, System.EventArgs e)

{

try

{

if((bool)Authenticate.ChangePassword((string)Session["UserName"],txtOldPassw

ord.Text,txtNewPassword.Text))

{

Server.Transfer(Authenticate.GetMainMenu((int)Session["SecurityLevel"]));

}

}

catch

{

}


}

}

}



If you need any more info, please let me know.



Paul

"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
Sure, post the code which reproduces the problem.

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
I should also mention I tried using httpcontext too, same thing...


"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
i really have no idea. if you can't figure this out, i 'd be

happy
to

look
at the code

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Thanks for the suggestion! I do have one question though, that
being
the
case, why does it work once, but not once I move on from that page?

Thanks
Paul
"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in
message
you have custom controls on that page? custom controls cannot
directly
access session, you need to first get a reference to the session
object
from
httpcontext.current.

If that still doesn't work, you will need to put code to display
the
session
variable in the page load and troubleshoot from there

if(Session["UserName"]!= null)
Response.Write("<script>alert('" +
Session["UserName"].ToString()
+
"')</script>");

should display something
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
Hello!

The session state information in the web.config is as follows:

<sessionState

mode="InProc"

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data
source=127.0.0.1;Trusted_Connection=yes"

cookieless="false"

timeout="20"

/>

There is no <pages> element in the Web.config. I want to have
the
session
variables be available to all of the pages in the project.

Most of the variables that are in the session state are strings,
so
I
use
(string) to cast them. For example, in the status bar user
control,
I
use:
lblUserName.Text="Logged in using: " +
Session["UserName"].ToString();

lblSecurity.Text="Security Level: " +

Authenticate.GetSecurityLevelText((int)Session["SecurityLevel"]);

The first line accesses the session directly, and uses
ToString()
to
get
the
info. The second line I am casting it to an integer to throw
into
the
function. The funny thing with these and the status bar

is
once

it
logs
on
and takes you to the menu, all of the info is currect, however
if
I
move
past that, the first line produces 'Logged in using:' and that
is
it,
while
the second line produces absolutely nothing.

Thanks for your help!

Paul



Hi Paul,


I don't receive any errors, there just isn't anything that
appears
in
these
fields. Each page has sessions enabled. If you have any
suggestions,
PLEASE let me know!

You mentioned each page had session enabled. Is there a chance
the
session is disabled in web.config? What does your
<sessionState>
element
look like?

Also, do you happen to have a <pages> element in web.config
that
disables the session state for certain files?

Also, how do you cast values you read from the Session object?

 

[Paul Yanzick]

Ok, got the issue figued out!

On my main page, I have a login control that will set the session variables,
and should something go wrong (cannot connect to the database, nothing is
returned when trying to verify the user ID or security level, etc), it will
then set the variables blank.

The odd part is that part 'seemed' to work, as when you log in it takes you
to the next page and everything is fine. From there though, no matter what
page you went to, it stopped working.

I commented out the lines to blank out the session variables in the control
presented on the first page, and everything is working now! Why that
affected it, I am not sure yet, but it did. I guess the lesson is to be
careful of what you are doing as even though things seem to work, they can
burn you down the road!

Thanks everyone for your help on this! Greatly appreciated!

Paul