So i have this code right...

PHP Code:


Imports System
Imports System.Web
Imports System.Web.Security
Imports System.Web.UI
Imports System.Web.UI.HtmlControls
Imports System.Web.UI.WebControls
Imports System.Data
Imports System.Data.SqlClient
Imports Microsoft.VisualBasic
Namespace mygdi
Public Class login
    Inherits Page
    Protected WithEvents btnLogin As System.Web.UI.WebControls.Button
    Protected userid As TextBox
    Protected passwd As TextBox
    Protected rememberme As Checkbox
    Protected lblSql As Label
        Protected WithEvents valsummary As System.Web.UI.WebControls.ValidationSummary
        Protected WithEvents valuserid As System.Web.UI.WebControls.RequiredFieldValidator
        Protected WithEvents valpasswd As System.Web.UI.WebControls.RequiredFieldValidator
        Protected lblMessage As Label

    '*********************
    '  Page Load Handler
    '*********************

    Private Sub Page_Load(ByVal s As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        If Not Page.IsPostBack Then
            If Not Request.Cookies("userid") Is Nothing Then ' Load User ID from Cookies
                Dim useridwrk As HttpCookie = Request.Cookies("userid")
                userid.Text = Server.HtmlEncode(useridwrk.Value)
            End If 
        End If
    End Sub

    '*****************
    '  Login Handler
    '*****************

    Private Sub btnLogin_Click(ByVal s As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
        Dim validpwd As Boolean
        Dim useridStr As String
        Dim passwdStr As String
        Dim sTmp As String
        Dim oewdb As ewdb = New ewdb()
        Dim userDataID As String
        useridStr = userid.Text
        passwdStr = passwd.Text
        validpwd = False

        ' User Table Checking
            If Not validpwd Then
                Dim sSelect As String
                Dim sConnStr As String = oewdb.ewConnStr  ' Get Connection String
                sTmp = Replace(useridStr, "'", "''") ' Adjust SQL for '
                sSelect = "SELECT * FROM [Users] WHERE [UserName] = '" & sTmp & "'"
                Dim objDataReader As SqlDataReader
                Dim oConn As New SqlConnection(sConnStr)
                Try
                    oConn.Open() ' Open the Connection to the Database
                    Dim objCommand As New SqlCommand(sSelect, oConn)
                    objDataReader = objCommand.ExecuteReader()
                    Dim useridDB, passwordDB As String
                    If objDataReader.Read() Then
                        useridDB = objDataReader("UserName")
                        passwordDB = objDataReader("Password")
                        If ((useridDB = useridStr) And (passwordDB = passwdStr)) Then
                            validpwd = True
                            userDataID = CStr(objDataReader("UserID"))
                        End If
                    End If
                    objDataReader.Close()
                    oConn.Close()
                Catch oErr As SqlException
                    lblMessage.Text = oewdb.ewDataErrorMessage(oErr) ' Display Error Details
                    If lblMessage.Text = "" Then
                        lblMessage.Text = "Access Login Database Error!"
                    End If
                    Exit Sub  ' And Stop Execution
                End Try
            End If
            If Not validpwd Then
                lblMessage.Text = "Incorrect user ID or password"
            Else
                If rememberme.Checked Then ' Write User ID to Cookies
                    Response.Cookies("userid").Value = useridStr
                    Response.Cookies("userid").Expires = DateAdd("d", 365, Today) ' Change the Expiry Date of the Cookies Here
                End If
                Dim useridWrk As String = useridStr
                useridWrk += "," & userDataID
                FormsAuthentication.RedirectFromLoginPage(useridWrk, True)
            End If
    End Sub

        Private Sub InitializeComponent()

        End Sub
    End Class
End Namespace 


I want to get the session from here to query a database from another asp.net file. What should I do... I mean, wht shoud I write in the script above to share a session and what should I write in another script to make it get the session from the above script, to use it to query database.

In ASP.NET you can share values between pages using the session on the server.

To put something in the session in the code behind of PAGE_A (a user id string in this example) you can just write:
session.item("userid") = "keith"

You can pull it out in the code behind of PAGE_B by doing this:
dim userID as string = session.item("userid")

You can just do the above and it will work but I have found that list of things I need to put in the session grows quickly so I manage it all using an object and then just keep that object in the session. If you want more info on that technique just ask.

Keith

KeithKrueger, I've never heard of putting an object into a session, can you point to where I can learn more.

Well, I don't know a good place to send you so I'll attempt to describe what I do. You can put anything into the session, to keep it managable I use an object, then when I come across something else that needs to be in there I modify the class.

Lately I have been using the term SessionBag for my class name, it's a virtual bag holding all the stuff I need on all my sites pages. Here is a very simple example of a SessionBag class.

-----
Public Class SessionBag

Private m_User As User
Private m_Connectionstring as string

Public Sub New(Byval Connectionstring as string)
m_Connectionstring = Connectionstring
End Sub

Public ReadOnly Property Connectionstring()
Get
Return m_Connectionstring
End Get
End Property

Public Property User as User()
Get
Return m_User
End Get
Set(ByVal Value As User)
m_User = Value
End Set
End Property

End Class
-----

Then in my Global.asax file, in the session_start event I dim a new SessionBag object and put it into the session
----
Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
Dim SB As New SessionBag("mydbconnectionstringgoeshere")
session.item("SessionBag") = SB
End Sub
----

Then on each of my web forms I add a readonly property called SessionBag that references the sessionbag object I have in the session.
----
Private readonly property SessionBag as SessionBag
Get
Return Session.Item("SessionBag")
End Get
End Property
----

Now each page can get to your neatly organized session object simply by calling it's sessionbag property.
Ex: On the login page you would verify the username and password, if correct you would load the user object and throw it into the sessionbag instance simply by saying...
if usernamepasswordcorrect then
dim usr as new User
usr.Load("Keith")
SessionBag.User = usr
end if


This might not seem like a big advantage but when you have a lot of things to manage while a user is logged into your app this makes it much easier to keep track of everything.


Probably the biggest advantage for me is that I write most of my business objects to simply take 1 argument to the constructor, that argument is a SessionBag.


If you want more info/clarification/examples on this let me know.


Keith

I like that, never even thought of using sessions that way, I'm a little impressed I will say.