0

管理者がユーザー向けの調査を作成するための Web サイトをセットアップするように言われました。登録すると、管理者/ユーザーには一意のUserIDが与えられます。( UserID 'Identity Specification' を 'Yes' に設定したので、自動インクリメントされます。)

管理者アカウントにログインした後.... CreateSurveyページに移動します。そこにはラベルとテキスト ボックスがあり、次の情報 (「SurveyID」、「SurveyName」、「CreatedBy」、および「DateCreated」)をデータベースに入力します。送信ボタンをクリックした後。

管理者がUserIDを入力する必要がないように、管理者のUserIDを「CreatedBy」に設定する必要があります。

現在ログオンしている管理者のユーザー ID を取得して「CreatedBy」に設定するにはどうすればよいですか?

ログインページ:

protected void btnSubmit_Click(object sender, EventArgs e)
{
    Session["name"] = txtBoxName.Text;
    Session["password"] = txtBoxPassword.Text;

    string name = txtBoxName.Text;
    string password = txtBoxPassword.Text;
    string admin = "";

    Boolean check = checkuser(name, password, ref admin);

    if (check == true)
    {
        if (admin.ToLower() == "admin")
        {
            string url = string.Format("~/Admin/Admin.aspx?name={0}", txtBoxName.Text);
            Response.Redirect(url);
        }
        else
        {
            string url = string.Format("~/User/SurveyWorks.aspx?name={0}", txtBoxName.Text);
            Response.Redirect(url);
        }
    }
    else
    {
        ShowAlert("Please try again!");
    }
}

public Boolean checkuser(string name, string password, ref string checkAdmin)
{
    Boolean check = false;
    SqlConnection connection = new SqlConnection();
    connection.ConnectionString =
    @"Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\SurveyFdBk_DB.mdf;Integrated Security=True;User Instance=True";


    var comd = connection.CreateCommand();
    try
    {
        connection.Open();
        comd.CommandText = "SELECT UserID, Name, Role FROM Users WHERE Name = '" + name + "' and Password = '" + password + "'";
        SqlDataReader dr = comd.ExecuteReader();

        if (dr.Read())
        {
            checkAdmin = dr["Role"].ToString();
            Session["UserID"] = dr["UserID"].ToString();
            Session["Name"] = dr["Name"].ToString();
            check = true;
        }

        else
        {
            check = false;
        }
    }
    finally
    {
        connection.Close();
    }

    return check;
}

登録ページ:

protected void btnSubmitRegistration_Click(object sender, EventArgs e)
{
    SqlConnection connection = null;
    SqlCommand command = null;

    try
    {
        string connectionString = ConfigurationManager.ConnectionStrings["SurveyFdDBConnString"].ConnectionString;
        connection = new SqlConnection(connectionString);
        connection.Open();
        string type = lblMsg.Text;

        string sql = "Insert into Users (Name, Company, Password, Role, DateCreated) Values " + "(@Name, @Company, @Password, @Role, @DateCreated)";
        command = new SqlCommand(sql, connection);
        command.Parameters.AddWithValue("@Name", txtBoxName.Text);
        command.Parameters.AddWithValue("@Company", txtBoxCompany.Text);
        command.Parameters.AddWithValue("@Role", txtBoxRole.Text);
        command.Parameters.AddWithValue("@Password", txtBoxPassword.Text);
        command.Parameters.AddWithValue("@DateCreated", DateTime.Now);

        if (!string.IsNullOrEmpty(txtBoxName.Text))
        {
            SqlConnection conn = new SqlConnection();
            conn.ConnectionString =
            @"Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\SurveyFdBk_DB.mdf;Integrated Security=True;User Instance=True";

            conn.Open();
            SqlCommand cmd = new SqlCommand("select Name from Users where Name= @Name", conn);
            cmd.Parameters.AddWithValue("@Name", txtBoxName.Text);
            SqlDataReader dr = cmd.ExecuteReader();

            int rowCount = command.ExecuteNonQuery();

            if (dr.HasRows)
            {
                ShowAlert("Username Taken");
            }

            else if (rowCount != 0)
            {
                Response.Write("Registration Success.<br/>");
            }

            conn.Close();
        }
    }


    catch (Exception ex)
    {
        Response.Write("Error: " + ex.Message);
    }


    finally
    {
        if (connection != null)
            connection.Close();

        txtBoxName.Text = string.Empty;
        txtBoxCompany.Text = string.Empty;
    }
}

CreateSurvey ページ:

protected void btnCreateSurvey_Click(object sender, EventArgs e)
{
    SqlConnection connection = null;
    SqlCommand command = null;

    try
    {
        string connectionString = ConfigurationManager.ConnectionStrings["SurveyFdDBConnString"].ConnectionString;
        connection = new SqlConnection(connectionString);
        connection.Open();

        string sql = "Insert into Survey (SurveyID, SurveyName, CreatedBy, DateCreated, Anonymous) Values " + "(@SurveyID, @SurveyName, @CreatedBy, @DateCreated, @Anonymous)";
        command = new SqlCommand(sql, connection);
        command.Parameters.AddWithValue("@SurveyID", txtBoxSurveyID.Text);
        command.Parameters.AddWithValue("@SurveyName", txtBoxSurveyName.Text);
        command.Parameters.AddWithValue("@CreatedBy", txtBoxCreatedBy.Text);
        command.Parameters.AddWithValue("@DateCreated", DateTime.Now);
        command.Parameters.AddWithValue("@Anonymous", txtBoxAnonymous.Text);

        int rowCount = command.ExecuteNonQuery();

        if (rowCount != 0)
        {
            Response.Write("Survey created successfully.<br/>");
            Response.Redirect("~/Admin/SetSurveyQuestions.aspx");
        }
    }

    catch (Exception ex)
    {
        Response.Write("Error: " + ex.Message);
    }

    finally
    {
        connection.Close();
        txtBoxSurveyID.Text = string.Empty;
        txtBoxSurveyName.Text = string.Empty;
        txtBoxAnonymous.Text = string.Empty;
    }
}
4

2 に答える 2

0

UserID の保存には session を使用できます。

// To save UserID in session
Session.Add("userID", "123");
// or
Session["userID"] = "123";

// Get UserID from session
string userID = (string)(Session["userID"]);

// Remove from session
Session.Remove("userID");
于 2013-11-05T03:23:05.613 に答える