I am a new ASP.NET developer and I am developing the first web application to me with this programming language. I am trying to use the Wizard Control for managing the user by developing the following scenario: Wizard Step1: contains a TextBox where the admin can put the username of the user and when he clicks on the next button the username will be checked a against the users table in the database; if he is existed in the database, his information will be shown in the Wizard Step2 and his information will be read-only. If he is not existed, the admin will be notified with a message.
Wizard Step2: contains a Repeater or Placeholder that shows the user information.
Wizard Step3: Also, if the user existed this step will show the current role of this user in the system with showing a button for editing the role of him
My ASP.NET code:
<asp:Wizard ID="Wizard1" runat="server" DisplaySideBar="false" Width="80%" >
<WizardSteps>
<asp:WizardStep ID="WizardStep1" runat="server" title="Employee Username/Network ID">
<table border="0">
<tr>
<td class="InputLabel">Username:</td>
<td class="InputControl">
<asp:TextBox ID="TextBox1" runat="server" />
</td>
</tr>
</table>
</asp:WizardStep>
<asp:WizardStep ID="WizardStep2" runat="server" title="Manage User">
<div class="content">
<asp:Repeater ID="Repeater1" runat="server">
<ItemTemplate>
</ItemTemplate>
</asp:Repeater>
</div>
</asp:WizardStep>
<asp:WizardStep ID="WizardStep3" runat="server" Title="Edit User Role">
<label for="role">Current Role: </label>
<asp:Label ID="Label1" runat="server" BackColor="#FFFF99" Font-Bold="True" ForeColor="#000099" />
<asp:RadioButtonList id="radio1" runat="server" TextAlign="left">
<asp:ListItem id="option1" runat="server" value="Admin" />
<asp:ListItem id="option2" runat="server" value="Contribute" />
<asp:ListItem id="option3" runat="server" value="User" />
</asp:RadioButtonList>
<asp:Button ID="Button1" runat="server" Text="Submit" OnClick="Button1_Clicked" />
</asp:WizardStep>
</WizardSteps>
<HeaderTemplate>
<ul id="wizHeader">
<asp:Repeater ID="SideBarList" runat="server">
<ItemTemplate>
<li><a class="<%# GetClassForWizardStep(Container.DataItem) %>" title="<%#Eval("Name")%>">
<%# Eval("Name")%></a> </li>
</ItemTemplate>
</asp:Repeater>
</ul>
</HeaderTemplate>
</asp:Wizard>
And the Code-Behind is
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class UserManagement : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
string username = TextBox1.Text;
string connString = "Data Source=localhost\\sqlexpress;Initial Catalog=psspdb;Integrated Security=True";
string cmdText = "SELECT * FROM employee WHERE Username = @Username";
//For checking the user
if (username != null)
{
if (CheckUsername(username) == true)
{
try
{
SqlConnection conn = new SqlConnection(connString);
conn.Open();
SqlDataReader myReader = null;
SqlCommand myCommand = new SqlCommand(cmdText, conn);
myReader = myCommand.ExecuteReader();
while (myReader.Read())
{
Console.WriteLine(myReader["Name"].ToString());
Console.WriteLine(myReader["JobTitle"].ToString());
Repeater1.DataSource = myReader;
Repeater1.DataBind();
myReader.Close();
conn.Close();
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
}
}
//For sending object to the Wizard1.PreRender
Wizard1.PreRender += new EventHandler(Wizard1_PreRender);
}
//Method for checking the existence of the username in the database (retrun true or false)
private bool CheckUsername(string username)
{
string connString = "Data Source=localhost\\sqlexpress;Initial Catalog=psspdb;Integrated Security=True";
string cmdText = "SELECT Count(*) FROM employee WHERE Username = '" + username + "'";
using (SqlConnection conn = new SqlConnection(connString))
{
conn.Open(); // Open DB connection.
using (SqlCommand cmd = new SqlCommand(cmdText, conn))
{
int count = (int)cmd.ExecuteScalar();
// True (> 0) when the username exists, false (= 0) when the username does not exist.
return (count > 0);
}
}
}
protected void Wizard1_NextButtonClick(object sender, WizardNavigationEventArgs e)
{
if (Wizard1.ActiveStepIndex == 1)
{
string username = TextBox1.Text;
}
}
//Method for replacing the default sidebar of the Wizard Control with a custom sidebar (represented in a repeater)
protected void Wizard1_PreRender(object sender, EventArgs e)
{
Repeater SideBarList = Wizard1.FindControl("HeaderContainer").FindControl("SideBarList") as Repeater;
SideBarList.DataSource = Wizard1.WizardSteps;
SideBarList.DataBind();
}
protected string GetClassForWizardStep(object wizardStep)
{
WizardStep step = wizardStep as WizardStep;
if (step == null)
{
return "";
}
int stepIndex = Wizard1.WizardSteps.IndexOf(step);
if (stepIndex < Wizard1.ActiveStepIndex)
{
return "prevStep";
}
else if (stepIndex > Wizard1.ActiveStepIndex)
{
return "nextStep";
}
else
{
return "currentStep";
}
}
protected void Button1_Clicked(Object sender, EventArgs e)
{
// When the button is clicked,
// show the new role of the user
//Label1.Text = "...button clicked...";
}
}
//Session["Username"] = Username.Text;
//String strUserName = Request.QueryString["Username"];
//string connString = "Data Source=localhost\\sqlexpress;Initial Catalog=psspdb;Integrated Security=True";
//string cmdText = "SELECT * FROM employee WHERE Username = @Username";
////For checking the user
//if (Request.QueryString["Username"] != null)
//{
// //String strUserName = Request.QueryString["Username"];
// ////Check userName Here
// //String strReturnStatus = "false";
// if (CheckUsername(Request.QueryString["Username"]) == true)
// {
// //strReturnStatus = "true";
// try
// {
// SqlConnection conn = new SqlConnection(connString);
// conn.Open();
// SqlDataReader myReader = null;
// SqlCommand myCommand = new SqlCommand(cmdText, conn);
// myReader = myCommand.ExecuteReader();
// while (myReader.Read())
// {
// Console.WriteLine(myReader["Name"].ToString());
// Console.WriteLine(myReader["JobTitle"].ToString());
// Repeater1.DataSource = myReader;
// Repeater1.DataBind();
// myReader.Close();
// conn.Close();
// }
// }
// catch (Exception ex)
// {
// Console.WriteLine(ex.ToString());
// }
// }
I am struggling with the code-behind a lot. It did not work even for checking the username and I don't know why. Also, I am not sure if I should put any piece of code inside or not for showing the user information from the database.
UPDATE:
For the roles, I there are three tables for getting and setting the roles. The structure of them is as following:
User table: Name, Username, Department (Username is the primary key)
Roles table: RoleID, RoleName (RoleID is the primary key)
UserRole table: UserRoleID, Username, RoleID (UserRoleID is the primary key)
ANOTHER UPDATE (LAST):
User table: Name, Username, DepartmentCode (Username is the primary key)
Department table table: DepartmentCode, DepartmantName (DepartmentCode is the primary key)
Roles table: RoleID, RoleName (RoleID is the primary key)
UserRole table: UserRoleID, Username, RoleID (UserRoleID is the primary key)
I am using the following query in the Wizard1_NextButtonClick method:
protected void Wizard1_NextButtonClick(object sender, WizardNavigationEventArgs e)
{
switch (Wizard1.WizardSteps[e.NextStepIndex].ID)
{
case "WizardStep2":
string username = TextBox1.Text;
string connString = "Data Source=localhost\\sqlexpress;Initial Catalog=psspdb;Integrated Security=True";
//For checking the user
if (!String.IsNullOrEmpty(username) && CheckUsername(username))
{
try
{
Session["Username"] = username;
SqlConnection conn = new SqlConnection(connString);
conn.Open();
//string cmdText = "SELECT * FROM employee WHERE Username = @Username";
string cmdText = "SELECT dbo.employee.Username, dbo.employee.Name, dbo.employee.JobTitle, dbo.employee.BadgeNo," +
"ISNULL(dbo.Roles.RoleID, 3) AS RoleID, dbo.Divisions.DivisionName" +
"FROM dbo.Divisions INNER JOIN dbo.employee ON dbo.Divisions.SapCode = dbo.employee.DivisionCode" +
"LEFT OUTER JOIN dbo.Roles RIGHT OUTER JOIN dbo.UserRole ON dbo.Roles.RoleID = dbo.UserRole.RoleID ON" +
"dbo.employee.Username = dbo.UserRole.Username" +
"WHERE (dbo.employee.Username = @Username)";
SqlCommand myCommand = new SqlCommand(cmdText, conn);
myCommand.Parameters.AddWithValue("@Username", username);
DataTable table = new DataTable();
SqlDataAdapter adapter = new SqlDataAdapter(myCommand);
adapter.Fill(table);
string Name = table.Rows[0]["Name"] as string;
string Username = table.Rows[0]["Username"] as string;
//string DivisionName = table.Rows[0]["DivisionName"] as string;
string JobTitle = table.Rows[0]["JobTitle"] as string;
string BadgeNo = table.Rows[0]["BadgeNo"].ToString();
//string role = table.Rows[0]["RoleName"] as string;
lblName.Text = Name;
lblUsername.Text = Username;
//lblDivision.Text = DivisionName;
lblJobTitle.Text = JobTitle;
lblBadgeNo.Text = BadgeNo;
//lblRole.Text = role;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
}
else
{
//If the user does not exist or a blank value has been entered
//Cancel the nextstep redirection and display an error message in a span
e.Cancel = true;
errorSpan.InnerText = "The user id specified is blank or does not exist";
}
break;
case "WizardStep3":
//Simply bind the radio list
radio1.SelectedValue = lblRole.Text;
break;
}
}
The query will show my the Name, Username, Division (or Department), Job Title and Badge Number in the Wizard Step2. Also, it should show me the role of the user in the wizard step 3 with enabling the Admin to insert and delete the role instead of updating the role.
I tested the query in the SQLServer Management Studio and it works well but when I put it in the C# code, I did not get any results in the web page and I don't know why.
