You must Sign In to post a response.
  • Category: ASP.NET

    Session value getting null?

    Hi,

    I am tring to pre and post login. First i am checking before login cookies then i am getting
    cookies name after loging i am getting another cookies name but my session values is getting
    null So i cannot go another page. becuase of when my another in page load i have written a
    condition. if my user name is not null then return default page of login. So it is getting
    session values is null (Session["CMS_USER_ID"]). So how avoid session null but session values must not change and
    cookies name create with new name.

    hi,

    private void ValidateUserCredentials()
    {
    DataTable source;

    UserEntity userEntity;
    UserLogic userLogic;
    int blockedUserName = 0;
    string pwdDecrypt = string.Empty;

    try
    {
    userEntity = new UserEntity();
    userLogic = new UserLogic();

    userEntity.UserName = this.tbUsername.Text;

    //if already user locked/block
    blockedUserName = userLogic.SelectIsUserNameBloked(userEntity);

    if (blockedUserName == 1)
    {
    //Give your message or what ever you want
    string text = "\\n Kindly Contact System Administrator.";
    ScriptManager.RegisterStartupScript(this, this.GetType(), "Msg", "alert('Your Account has been locked." + text + "');", true);

    this.tbUsername.Text = string.Empty;
    this.tbPassword.Text = string.Empty;
    this.tbTest.Text = string.Empty;

    this.tbUsername.Focus();

    return;
    }

    //if user try login 3 times
    source = userLogic.SelectUserMasterCredentials(userEntity);

    //if Data Exists
    if (this.tbUsername.Text != string.Empty && this.tbPassword.Text != string.Empty)
    {
    if (source.Rows.Count > 0)
    {
    pwdDecrypt = GM.DecryptStringAES(this.tbPassword.Text, _key, _IV); //, _key, _IV

    if (Convert.ToString(source.Rows[0]["USER_NAME"]) == this.tbUsername.Text.ToString() && GM.DecryptPassword(Convert.ToString(source.Rows[0]["PASSWORD"]), Convert.FromBase64String(source.Rows[0]["SALT"].ToString()), Convert.FromBase64String(source.Rows[0]["IV"].ToString())) == Convert.ToString(pwdDecrypt))
    {
    Session["CMS_USER_ID"] = Convert.ToString(source.Rows[0]["ID"]);
    Session["PROFILE_ID"] = Convert.ToString(source.Rows[0]["PROFILE_ID"]);
    Session["CMS_USER_NAME"] = Convert.ToString(source.Rows[0]["USER_NAME"]);
    Session["PASSWORD"] = Convert.ToString(source.Rows[0]["PASSWORD"]);


    //Create new cookies
    string guid = Guid.NewGuid().ToString();
    Session["KONKAN"] = guid;
    // now create a new cookie with this guid value
    Response.Cookies.Add(new HttpCookie("KONKAN", guid));

    if (this.tbPassword.Text.ToString().ToUpper() == "ALLIED007")
    {
    Server.Transfer("~/cms/ChangePassword.aspx", false);
    }
    else
    {
    Server.Transfer("~/cms/Home.aspx", false);
    }

    this.tbUsername.Text = string.Empty;
    this.tbPassword.Text = string.Empty;
    this.tbTest.Text = string.Empty;
    }
    else if (Convert.ToString(source.Rows[0]["USER_NAME"]) == this.tbUsername.Text.ToString() && GM.DecryptPassword(Convert.ToString(source.Rows[0]["PASSWORD"]), Convert.FromBase64String(source.Rows[0]["SALT"].ToString()), Convert.FromBase64String(source.Rows[0]["IV"].ToString())) != Convert.ToString(pwdDecrypt))
    {
    LoginAttempts++;
    Session["Login"] = Convert.ToInt32(Session["Login"]) + LoginAttempts;

    if (Convert.ToInt32(Session["Login"]) < 3)
    {
    ScriptManager.RegisterStartupScript(this, this.GetType(), "Msg", "alert('Invalid credentials. Please try again.');", true);

    this.tbUsername.Text = string.Empty;
    this.tbPassword.Text = string.Empty;
    this.tbTest.Text = string.Empty;

    this.tbUsername.Focus();

    return;
    }
    else if (Convert.ToInt32(Session["Login"]) == 3)
    {
    //Give your message or what ever you want
    string text = "\\n Kindly Contact System Administrator.";
    ScriptManager.RegisterStartupScript(this, this.GetType(), "Msg", "alert('Your Account has been locked." + text + "');", true);

    userLogic.UpdateUserNameBlock(userEntity);

    this.tbUsername.Text = string.Empty;
    this.tbPassword.Text = string.Empty;
    this.tbTest.Text = string.Empty;

    this.tbUsername.Focus();
    LoginAttempts = 0;
    //Session.Abandon();

    return;
    }
    }
    }
    }
    }
    catch (Exception ex)
    {
    throw ex;
    }
    finally
    {
    source = null;
    userLogic = null;
    userEntity = null;
    blockedUserName = 0;
    LoginAttempts = 0;
    pwdDecrypt = "";
    }
    }
  • #767676
    How you are calling the "ValidateUserCredentials()" method?.
    Did you try to debug it? I think it is calling two times. It is calling from postback aslo. Can you double check it?
    .

    By Nathan
    Direction is important than speed

  • #767685
    Hi,

    May be your session is expired, because of that only you may face this type of issue.

    Could you please confirm one thing everytime you got the same issue or sometimes that too idle time crosses your session time interval that time you got this issue?

    I suggest you to debug the program and recheck in which line of code your session is expired and due to which reason it is destroyed. Whether it is destroyed because of your code or any settings you have to investigate.

    --------------------------------------------------------------------------------
    Give respect to your work, Instead of trying to impress your boss.

    N@veen
    Blog : http://naveens-dotnet.blogspot.in/

  • #767687
    Hai Chandrashekhar B Patil,
    Looks like the method is calling two times and making the value as null during the initializing. As there are separate concepts for the Cookies and Session so it doesn't matter you create the new cookie or using old cookie, the session data will remain the same.
    One thing you can try, initialize the values before the method as below:

    DataTable source;

    UserEntity userEntity;
    UserLogic userLogic;
    int blockedUserName = 0;
    string pwdDecrypt = string.Empty;
    private void ValidateUserCredentials()
    {
    try
    {
    userEntity = new UserEntity();
    userLogic = new UserLogic();

    userEntity.UserName = this.tbUsername.Text;

    //if already user locked/block
    blockedUserName = userLogic.SelectIsUserNameBloked(userEntity);

    if (blockedUserName == 1)
    {
    //Give your message or what ever you want
    string text = "\\n Kindly Contact System Administrator.";
    ScriptManager.RegisterStartupScript(this, this.GetType(), "Msg", "alert('Your Account has been locked." + text + "');", true);

    this.tbUsername.Text = string.Empty;
    this.tbPassword.Text = string.Empty;
    this.tbTest.Text = string.Empty;
    this.tbUsername.Focus();
    return;
    }
    }

    Hope it will be helpful to you.

    Regards,
    Pawan Awasthi(DNS MVM)
    +91 8123489140 (whatsApp), +60 14365 1476(Malaysia)
    pawansoftit@gmail.com


Sign In to post your comments