I have a really strange issue that I'm unable to figure out. I'm not sure how it even happens. This only happens in IE 10 (have not tried other versions of IE, yet). This does not happen in Firefox, Chrome, Opera, or Safari. When User 1 logs into the website, they are able to see stores they belong too. If there are 10 stores and they only have access to 4, then they only see those 4 stores in the drop down. The drop down is dynamic and receives the values from SQL Server tables. If User 1 logs out, they are sent to a Logged Out Page which abandons the session, signs the user out of forms authentication, and then redirects them back to the login page. Now, User 2 logs in. It goes to the "Dashboard" and it shows that User 2 is logged in. As User 2 navigates to a specific page, the User 2 username becomes User 1's username and then User 2 is now able to see all the stores that User 1 is a part of. Navigate away from this page, and User 2's information is displayed. Navigate back to that specific page, and User 1 is back. As I have said before, I'm not sure what's going on. I'm not even sure what code to show you. I would assume that if it were a coding issue, it would be in my page load on that specific page. Here is that page load of that webform.
Code Behind
protected void Page_Load(object sender, EventArgs e)
{
conn.Open();
//This selects the user's ID where the user name equals the user that is currently logged in.
SqlCommand cmdUserID = new SqlCommand("SELECT UserID from Users WHERE UserName = '" + User.Identity.Name + "'", conn);
selectUserID = Convert.ToString(cmdUserID.ExecuteScalar());
//Selections the location ID where the userID is equal the the UserName.
SqlCommand cmdLocationID = new SqlCommand("SELECT LocationID from UserControl WHERE UserID = '" + selectUserID + "'ORDER BY LocationID ASC", conn);
selectLocationID = Convert.ToString(cmdLocationID.ExecuteScalar());
//Selects the Coporate or Store where the userID is equal to the UserName.
SqlCommand cmdCorporateStore = new SqlCommand("SELECT MAX(CorporateStore) from Users WHERE UserID = '" + selectUserID + "'", conn);
selectCorporateStore = Convert.ToString(cmdCorporateStore.ExecuteScalar());
//Selects if the user is an Admin.
SqlCommand cmdAdmin = new SqlCommand("SELECT MAX(Admin) from Users WHERE UserID = '" + selectUserID + "'", conn);
selectAdmin = Convert.ToString(cmdAdmin.ExecuteScalar());
conn.Close();
//use to display "Garage" when an admin logs in.
if (selectAdmin == "Yes")
{
Control allUsers = this.Page.Master.FindControl("login").FindControl("loginview").FindControl("ulmenu").FindControl("allUsers");
allUsers.Visible = true;
}
gvVehicleTEMP.ControlStyle.Font.Size = 8;
if (!IsPostBack)
{
ddlDealershipRec.Items.Clear();
List<string> locationList = new List<string>();
List<int> locationIDList = new List<int>();
conn.Open();
//used to populate the dropDownList depending who is logged in.
using (SqlDataReader reader = cmdLocationID.ExecuteReader())
{
while (reader.Read())
{
int locationID = reader.GetInt32(0);
locationIDList.Add(locationID);
}
conn.Close();
}
foreach (int id in locationIDList)
{
conn.Open();
SqlCommand cmdLocation = new SqlCommand("SELECT LocationName FROM Location WHERE LocationID = '" + id + "' ORDER BY LocationName ASC", conn);
using (SqlDataReader reader = cmdLocation.ExecuteReader())
{
while (reader.Read())
{
string location = reader.GetString(0);
locationList.Add(location);
}
conn.Close();
}
}
foreach (string location in locationList)
{
ddlDealershipRec.Items.Add(new ListItem(location));
}
if (Session["Search"] != null)
{
if (gvVehicleTEMP.Rows.Count == 0)
{
gvVehicleTEMP.Visible = true;
gvVehicleBOUNCE.Visible = false;
string Search = (string)(Session["Search"]);
string Option = (string)(Session["Option"]);
string Dealership = (string)(Session["Dealership"]);
ddlDealershipRec.SelectedValue = Dealership;
ddlSearchOptions.SelectedValue = Option;
tbSearch.Text = Search;
conn.Open();
if (ddlSearchOptions.Text == "Stock #")
{
DataTable dt = new DataTable();
SqlDataAdapter da = new SqlDataAdapter("SELECT * FROM VehicleTEMP WHERE (Dealership LIKE '%" + Dealership + "%') AND StockNumber = '" + Search + "'", conn);
da.Fill(dt);
gvVehicleTEMP.DataSource = dt;
gvVehicleTEMP.DataBind();
conn.Close();
Session.Clear();
}
else if (ddlSearchOptions.Text == "Deal #")
{
DataTable dt = new DataTable();
SqlDataAdapter da = new SqlDataAdapter("SELECT * FROM VehicleTEMP WHERE (Dealership LIKE '%" + Dealership + "%') AND FIMAST = '" + Search + "'", conn);
da.Fill(dt);
gvVehicleTEMP.DataSource = dt;
gvVehicleTEMP.DataBind();
conn.Close();
Session.Clear();
}
if (selectCorporateStore == "Store")
{
foreach (GridViewRow row in gvVehicleTEMP.Rows)
{
gvVehicleTEMP.FooterRow.Visible = false;
gvVehicleTEMP.Columns[16].Visible = false;
gvVehicleTEMP.Columns[17].Visible = false;
gvVehicleTEMP.Columns[20].Visible = false;
gvVehicleTEMP.Columns[21].Visible = false;
gvVehicleTEMP.Columns[22].Visible = false;
gvVehicleTEMP.Columns[23].Visible = false;
gvVehicleTEMP.Columns[26].Visible = false;
((TextBox)row.FindControl("tbStockNumber")).Enabled = false;
((DropDownList)row.FindControl("ddlLocation")).Enabled = false;
((TextBox)row.FindControl("tbGrossProfit")).Enabled = false;
((TextBox)row.FindControl("tbReason")).Enabled = false;
((TextBox)row.FindControl("tbFunded")).Enabled = false;
((TextBox)row.FindControl("tbTitled")).Enabled = false;
}
}
else if (selectCorporateStore == "Corporate")
{
foreach (GridViewRow row in gvVehicleTEMP.Rows)
{
btnTopUpdate.Visible = true;
gvVehicleTEMP.Columns[4].Visible = false;
gvVehicleTEMP.FooterRow.Visible = true;
((TextBox)row.FindControl("tbStockNumber")).Enabled = true;
((DropDownList)row.FindControl("ddlLocation")).Enabled = true;
((TextBox)row.FindControl("tbGrossProfit")).Enabled = true;
((TextBox)row.FindControl("tbReason")).Enabled = true;
((TextBox)row.FindControl("tbFunded")).Enabled = true;
((TextBox)row.FindControl("tbTitled")).Enabled = true;
}
}
}
}
}
}
There is a lot going on in the page_load, but everything looks okay to me. I am using AD authentication (but I was unable to use Roles to allow specific users to see certain information) with FormsAuthentication. I'm pretty much chalking it up to IE, but the company uses IE as the standard browser. Does anyone know of a solution, or see something that I did wrong? I forgot to mention that this happens on the production server and the development server (only in IE) but debugging on local Machine in IE doesn't cause a problem. IIS is version 7 on Server 2008. Any suggestions are greatly appreciated. If more info is needed, let me know.
EDIT: Happening with IE 9 and 11. If I refresh the page that is in question, it works fine. Not too sure what's going on.