i want to compare my session value to my Id value using if statement. so far i got this:
string strConnString = "Data Source = 'PAULO'; Initial Catalog=ShoppingCartDB;Integrated Security =True";
string str;
SqlCommand com;
protected void Page_Load(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(strConnString);
con.Open();
str = "select * from CustomerDetails Where CustomerName = '"+Session["New"].ToString()+"'";
com = new SqlCommand(str, con);
SqlDataReader reader = com.ExecuteReader();
List<string> ListOfId = new List<string>();
while (reader.Read())
{
ListOfId.Add(reader["Id"].ToString());
}
if (!IsPostBack)
{
if (Session["New"].ToString() != Request.QueryString["Id"])
{
Response.Redirect("Error.aspx");
}
What i want to happen is when the session value ("username") has no equivalent value of id in sql, it will be redirected to an error page.
Like in the picture above, these id values are from the username "faufao". if session("faufao" = "13"), it will continue. Otherwise if the username is faufao, and id value is 4, it will proceed to error page.
The code is working. It catches the session and the id value (tried it in labels). My problem now is how to compare them.
My code:
if (Session["New"].ToString() != Request.QueryString["Id"])
{
Response.Redirect("Error.aspx");
}
It seems like i am lacking something here. Because it always redirects me to error page even though session:faufao has the query string of 13.
Any tricks on this?
Aucun commentaire:
Enregistrer un commentaire