0

In C# 3.0 ASP.NET I'm composing a CMS and I want to compose a SQL query that accesses my user identity.

In my master page I have a SqlDataSource that I want to compose a SQL query that returns an ID from a table

EDIT

OK, look at this example: (this is in Page_Load)

sqlDataSource1.SelectCommand = String.Format("select PageGroupID from users where Username = {0};", Page.User.Identity.Name);

But it doesn't work :(

Please help me!

Improve this question
1
  • what do you mean it doesn't work? Are you using a gridview or some bound countrol? Commented Aug 3, 2012 at 10:02

3 Answers 3

Reset to default
3

It won't work because you're constructing an invalid SQL string using string.format Try this, instead.

sqlDataSource1.SelectCommand =
     String.Format("select PageGroupID from users where Username = '{0}';", 
     Page.User.Identity.Name);

Then when it works, go and read about SQL injection and why constructing SQL strings like this is A BAD IDEA.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Please reference this article - it should help you get the right value from Page.User.Identity.Name and then you can go from there by ensuring your database has matching values based on what it's returning.

Improve this answer

Comments

0

To understand difference try this;

string.Format("<br />Page.User.Identity: {0} " +  "<br />Request.LogonUserIdentity: {1}",
Page.User.Identity.Name, Request.LogonUserIdentity.Name);

Use Request.LogonUserIdentity.Name.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.