-2

I am new in asp, here my question is that i have a website with pages home, about, contact, and login. In this website user can login and then access the home page, on home page there is a grid view with master page. The problem is that user can access the home page without login, just edit the path in address bar. For example the login page path is

http://lolhost:54515/mastergridvie/Login.aspx

and user edit it

http://localhost:54515/mastergridvie/Home.aspx

so user can go on home page without login, How I can prevent this?

I know for this there use a session, but I have no idea how to and where create a session for this :( Please can anyone help me?

dkroy
  • 2,020
  • 2
  • 21
  • 39
Diamond Hearts
  • 1
  • 1
  • 1
  • Use `Authorize` attribute on your `HomeController` – Kamil Budziewski Jul 25 '13 at 09:52
  • Can u guide me how i can use these controller ? Please. – Diamond Hearts Jul 25 '13 at 09:54
  • 1
    @wudzik she is using webforms so she wouldn't have a home controller. – dkroy Jul 25 '13 at 09:54
  • http://stackoverflow.com/questions/4217576/is-there-an-authorizeattribute-equivalent-to-just-standard-web-forms-not-mvc-f – Kamil Budziewski Jul 25 '13 at 09:55
  • yes i am useing webforms with master page – Diamond Hearts Jul 25 '13 at 09:56
  • @DiamondHearts your best best is to use codproject.com and run through a few tutorials on Webforms or ASP.NET MVC. The first option is much quicker, but the second option will help you learn the fundamentals for web-development much better. Not to mention the latter is the future. MVC would be more beneficial for your long-term develoment as a web-developer and the long tail maintenance of your website, but the webforms will deliver your product quicker if you have a background in .net winforms desktop development. – dkroy Jul 25 '13 at 10:02

1 Answers1

3

Create Session in login page like this.

Session["userid"]="something";

And After That Check in Every Page Load like This.

if(Session["userid"] == null)
{
  Response.Redirect("Login.aspx");
}
Raghubar
  • 2,768
  • 1
  • 21
  • 31
  • This is similar to what I was going to post, although cookie-less session authentication isn't the most widely accepted method for webform authentication. – dkroy Jul 25 '13 at 09:57