如何在mvc CRUD操作中设置会话。 [英] how to set session in in mvc CRUD operation.

问题描述

i have following code.

 User Controller
[HttpGet]
      public ActionResult Login()
      {
          return View();
      }
 
      [HttpPost]
      public ActionResult Login(Models.User user)
      {
          var qery = db.Users.Where(q => q.UserName == user.UserName && q.Password == user.Password);
          if (ModelState.IsValid)
          {
              if (qery.Any())
              {
                  if (qery.FirstOrDefault().Role.Role1.ToLower()=="admin")
                  {
                      return RedirectToAction("Index", "user");
                  }
                  else
                  {
                      return RedirectToAction("Details", "user", new { id=qery.FirstOrDefault().Id});
                  }
              }
          }
          return View(user);
      }

 

now my Question is i want to use Session in Login And Logout Page.
and i m Using Mvc CRUD operation.(i.e Entity framework)

推荐答案

以下是一些链接供您使用，请转到希望这会对你有所帮助。



http://stackoverflow.com/questions/560084/session-variables-in-asp-net-mvc [ ^ ]



ASP.NET MVC中的会话 [ ^ ]



http://stackoverflow.com/questions/8711998/ how-set-session-variables-in-asp-net-mvc-3-with-jquery [ ^ ]

Here are some links for your help , please go through hope this will help you.

http://stackoverflow.com/questions/560084/session-variables-in-asp-net-mvc[^]

Session in ASP.NET MVC[^]

http://stackoverflow.com/questions/8711998/how-set-session-variables-in-asp-net-mvc-3-with-jquery[^]

会话变量与CRUD，Entity Framework或您必须触发的任何其他此类进程无关，它们只是变量（如名称所示）可以用来为客户端存储基于会话的数据。 CRUD操作基于对象;特别是在创建，读取，更新，删除对象的数据源中。



举例说明会话令牌，用户名和您想要存储的所有其他基于用户的数据，但希望在会话结束后立即删除;浏览器窗口关闭，用户终止会话，或者您发现不应该发生的事情并且您自己清除会话。在这些情况下，您使用Session变量。他们是这样的，

Session variables have nothing to do with the CRUD, or Entity Framework or any other such process that you have to trigger, they are just variables (as name states) that one can use to store session-based data for a client. A CRUD operation is based on objects; specifically in a data source for CREATING, READING, UPDATING, DELETING the object.

Take an example of session-token, username, and all other user-based data that you want to store but want to get removed as soon as the session ends; browser window closed, user terminates the session, or you find something that should not be going on and you clear the session yourself. In these cases you use the Session variables. They're something like this,

Session["variable_name"] = "My name is Afzaal Ahmad Zeeshan";

瞧！变量已经创建，现在要访问它，你做了以下事情...

Voila! Variable has been created, now to access it, you do the following thing...

if(Session["variable_name"] != null) {
   // Always check whether the variable exists or not
   // Following has a string type; because you assigned string value
   var name = Session["variable_name"];
}

您也可以使用不同类型的数据;如struct或class，只需转换它们。现在我有一个问题，你想在哪里使用Session变量？我在你的代码中找不到任何你可能想要存储任何内容的地方......



有关使用Session变量的更多信息，请阅读本文 [<}中的会话变量部分a href =http://www.codeproject.com/Articles/857879/How-to-share-data-among-different-web-pages-using\"target =_ blanktitle =New Window> ^ <我的...有关CRUD的背景知识，你可以阅读这篇文章 [ ^ ]（基于SQL Server）。个人提示是在CRUD操作中不使用Session变量，除非设计要求。

You can use different type of data too; such as struct or class, just cast them. Now I have a question, where do you want to use the Session variable? I don't find any place in your code where you might possibly want to be storing anything at all...

For more on using the Session variable please read the Session variable section in this article[^] of mine... And for a background about CRUD you can read this article[^] of mine (based on SQL Server). A personal tip would be to not use the Session variables in CRUD operations unless required by design.

非常感谢所有给出建议的人。


i还需要一个建议。



我使用管理员和用户角色。



如果用户使用会话登录则他不应该访问私人网址。



例如：我有用户，当他登录时URL是

localhost4584：/ user / Details / 2.



但是这个用户可以编辑网址，他可以回到用户私人数据限制为用户查看。

for eg.localhost4584：/ user和用户可以查看机密数据。





这里我的问题是如何阻止用户评估私人网址。

Thank you so much for all who give suggestion.

i need one more suggestion.

I m Using Admin and user Role.

if user is login using session then he should not access to private url.

for eg: i have user and when he login then URL is
localhost4584:/user/Details/2 .

But this user can edit url and he can go back to user Private data which is restricted to see by user.
for eg.localhost4584:/user and user can see confidential data.


And here my Question is how to prevent user to assess private url.

这篇关于如何在mvc CRUD操作中设置会话。的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！