2

I have a GetUser method to call a sql procedure and return a couple of fields. I need to hash the values but in testing it is working. Here is the method:

(edit: "The_User" is a public instance of my User class set outside of the method. This is just what I ended up with after screwing around trying to get the Person_ID to pass to my SaveRecord Method. I am open to doing this differently/better) 

 public ActionResult GetUser(Models.User model)
    {
        User x = new User();
        x.User_Name = model.User_Name;
        x.Password = model.Password;
        using (var conn = new SqlConnection("connection stuff"))
        using (var com = new SqlCommand("GetUser", conn)
        { CommandType = CommandType.StoredProcedure })
        {
            com.Parameters.AddWithValue("@User_Name", x.User_Name);
            com.Parameters.AddWithValue("@Password", x.Password);
            conn.Open();
            using (var reader = com.ExecuteReader())
            {
                while (reader.Read())
                {
                    The_User.User_Name = reader["User_Name"].ToString();
                    The_User.Password =  reader["Password"].ToString();
                    The_User.Person_ID = reader["PersonID"].ToString();
                }
                if (x.User_Name == The_User.User_Name && x.Password == The_User.Password)
                {
                    User_Auth = 1;
                }
                else
                {
                    User_Auth = 0;
                }
            }
            conn.Close();
        }
    }

Later on down the workflow I want to get the Person_ID value from the GetUser method and pass it to another method - "Save Record". Here it is: 

 public ActionResult SaveRecord(Models.ModelData model)
    {
        ModelData md = new ModelData();
        md.thing1 = model.thing1;
        md.thing2 = model.thing2;
        md.thing3 = model.thing3;

        if (md.thing1 is null) { md.thing1 = ""; };
        if (md.thing2 is null) { md.thing2 = ""; };
        if (md.thing3 is null) { md.thing3 = ""; };


        using (var conn = new SqlConnection("connection stuff"))
        using (var com = new SqlCommand("GetAppData1", conn)
        { CommandType = CommandType.StoredProcedure })
        {
            com.Parameters.AddWithValue("@thing1", md.thing1);
            com.Parameters.AddWithValue("@thing2", md.thing2);
            com.Parameters.AddWithValue("@thing3", md.thing3);
            com.Parameters.AddWithValue("@PID", I NEED PERSON ID RIGHT HERE!!!);
            conn.Open();
            com.ExecuteNonQuery();
            conn.Close();
        }
        return View();
    }

I have tried numerous solutions found on Stack overflow and keep running into my passed variable being null by the time I need it when the Save Record method is called. I appreciate any and all Help! :)

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Trevor Staub
  • 23
  • 4
  • 1
    How are you currently getting the `Person_Id` from the get call and passing it to `SaveRecord` ? – Software Dev Jan 10 '20 at 18:16
  • 1
    What do you mean by *down the workflow*? How the two methods are chained together? I'd say you could use the **Session** container to store/retrieve data between requests in a safe way but I'm under impression you don't quite know what you are doing. – Wiktor Zychla Jan 10 '20 at 18:17
  • Clearly the Person Id is set on `The_User` but there's no indication in the code you've shown where `The_User` is defined or what its scope is. – iakobski Jan 10 '20 at 18:22
  • Your `while (reader.Read())` loop just overwrites `The_User` fields over and over, so your authorization check only reflects the status of the last record in the result set. – 3Dave Jan 10 '20 at 18:23
  • Aousaf, I am currently not. I would like to, thats the question. I have tried setting Person_ID = a public variable outside the method, I tired calling the GetUser method and passing the value in an object and several other solutions. – Trevor Staub Jan 10 '20 at 18:25
  • Dave, thats a good point I didnt really consider but my stored procedure only returns one row so It is not really an issue. and by down the workflow I mean after the user hits a couple of other pages, the methods are not connected but when a user finally submits a record I need to know who did it. – Trevor Staub Jan 10 '20 at 18:30
  • 1
    this code don't even compile. Your GetUser Method does not return a value. – Thiago Custodio Jan 10 '20 at 18:49
  • Thiago: Yes it does. I have confirmed that GetUser method is actually getting the correct fields and values in the While loop. Just need to pass those values to the SaveRecord method. – Trevor Staub Jan 10 '20 at 19:03
  • @Trevor Staub - sounds like GetUser() is used on page (?) load, and then SaveRecord() is invoked upon user's action? state is not preserved between page calls, so you need to, either, store User info in a Session (as suggested earlier), or "preserve" it on the client-side, and pass along to SaveRecord() method? – yob Jan 10 '20 at 20:40

1 Answers1

1

There are multiple ways to do this.

First, try adding @Html.HiddenFor(m=> m.Person_ID") as part of the View.cshtml being returned by GetUser ActionResult. Assuming you are returning return View("Name Of View", The_User).

If you are using User.Identity you can extend it as described by the answer on this post

salli
  • 722
  • 5
  • 10