0

I have a table name is 'User_tbl' where i am saving data of all registered users and the same table is being used to verify the users during Login.

I want to update only 'LastSeen' column with current datetime after login.

Look at this picture.

enter image description here

code behind

  protected void Submit(object sender, EventArgs e)
        {
            SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);

            con.Open();
            SqlCommand cmd = new SqlCommand("select * from User_tbl where UserName =@username and Password=@password", con);
            cmd.Parameters.AddWithValue("@username", txtUserName.Text);
            cmd.Parameters.AddWithValue("@password", txtPWD.Text);

            SqlDataAdapter da = new SqlDataAdapter(cmd);
            DataTable dt = new DataTable();
            da.Fill(dt);


            if (dt.Rows.Count > 0)
            {
                //to define the user seesion (starting user session)

                Session["username"] = txtUserName.Text;

                Response.Redirect("default2.aspx");

            }

            else

            {

                ClientScript.RegisterStartupScript(Page.GetType(), "LoginValidate", "<script language='javascript'> document.getElementById('errorMessage').innerHTML = 'Invalid Username or Password'</script>");

            }


        }
Firoz Khan
  • 623
  • 1
  • 9
  • 23
  • 2
    But you didn't read _that_ column in your `dt`? Also don't store your passwords as a plain text. Read: http://stackoverflow.com/questions/1054022/best-way-to-store-password-in-database – Soner Gönül Feb 24 '15 at 12:54
  • 1
    Best not to use AddWithValue either - see http://blogs.msmvps.com/jcoehoorn/blog/2014/05/12/can-we-stop-using-addwithvalue-already/ – Elliveny Feb 24 '15 at 13:12

1 Answers1

1

Do you mean something like this? 

SqlConnection sqlConn = new SqlConnection(connection string here);
SqlCommand sqlComm = new SqlCommand();
sqlComm = sqlConn.CreateCommand();
sqlComm.CommandText = @"UPDATE User_tbl SET LastSeen=GetDate() WHERE UserName='@userName'";
sqlComm.Parameters.Add("@userName", SqlDbType.VarChar);
sqlComm.Parameters["@userName"].Value = txtUserName.Text;
sqlConn.Open();
sqlComm.ExecuteNonQuery();
sqlConn.Close();

You'd need to place something along those lines in your 'if (dt.Rows.Count > 0)' code.

You may wish to reuse the same connection that you created for your SELECT statement.

Many other options are available. Often this sort of thing is best achieved using a stored procedure, where you can check the login credentials and perform any related updates in a single request to the database server.

Elliveny
  • 2,159
  • 1
  • 20
  • 28
  • i want like this. if (dt.Rows.Count > 0) { //Put logic here to update LastSeen column with datetime Response.Redirect("default2.aspx"); } – Firoz Khan Feb 24 '15 at 13:51
  • yes this is the question..............u r right, but column still not updating and error is not showing too. – Firoz Khan Feb 24 '15 at 14:07