On the first step of the asp:Wizard I have a login using DirectoryServices to authenticate. But then I want to take the UserID, Date, and the SCOPE_IDENTITY() and insert it into a table. Here is what I have tried. When I hit next the information is not inserted but the AD function is checked properly. I am not sure what i am doing wrong
protected void OnActiveStepChanged(object sender, EventArgs e)
{
//check for the employee in AD
string Domain = "mydomain.local";
string EmployeeID = txtEmpID.Text;
string Password = txtPassword.Text;
string ADStatus = null;
// If the ActiveStep is changing to Step2, check to see whether the
// user authenticated the AD Login Process. If it is, skip to the Step2 step.
if (Wizard1.ActiveStepIndex == Wizard1.WizardSteps.IndexOf(this.WizardStep2))
{
if (AuthenticateActiveDirectory(Domain, EmployeeID, Password) == true)
{
//If success ...
ADStatus = "Success";
Session["SessionADStatus"] = ADStatus;
string strDepartment = ddlDepartment.SelectedValue;
SqlConnection conn1 = new SqlConnection(ConfigurationManager.ConnectionStrings["myconnection"].ConnectionString);
SqlCommand cmd1 = new SqlCommand("INSERT INTO [pharm_OrderID](UserID, RequestType, CreateDate) values (@UserID, @RequestType, @CreateDate);", conn1);
cmd1.CommandType = CommandType.Text;
conn1.Open();
string strUserID = txtEmpID.Text;
cmd1.Parameters.Add("@UserID", SqlDbType.NVarChar, 50);
cmd1.Parameters["@UserID"].Value = strUserID;
string strRequestType = ddlReturnType.SelectedValue;
cmd1.Parameters.Add("@ReturnType", SqlDbType.NVarChar, 50);
cmd1.Parameters["@ReturnType"].Value = strRequestType;
string strCreateDate = lblOrderAttemptTime.Text;
cmd1.Parameters.Add("@CreateDate", SqlDbType.NVarChar, 50);
cmd1.Parameters["@CreateDate"].Value = strCreateDate;
conn1.Dispose();
cmd1.Dispose();
Wizard1.ActiveStepIndex = Wizard1.WizardSteps.IndexOf(this.WizardStep2);
}
else
{
ADStatus = "Failure";
Session["SessionADStatus"] = ADStatus;
lblADError.Visible = true;
lblADError.Text = "Unable to authenticate Employee ID or Password.";
Wizard1.ActiveStepIndex = Wizard1.WizardSteps.IndexOf(this.WizardStep1);
}
}
}
I am not an expert of AD, but a command needs to be executed to produce any result.
Try to add
cmd1.ExecuteNonQuery();
before disposing the connection and the command
using(SqlConnection conn1 = new SqlConnection(........))
using(SqlCommand cmd1 = new SqlCommand("INSERT INTO [pharm_OrderID]" +
"(UserID, RequestType, CreateDate) " +
"values (@UserID, @RequestType, @CreateDate);", conn1))
{
conn1.Open();
string strUserID = txtEmpID.Text;
cmd1.Parameters.Add("@UserID", SqlDbType.NVarChar, 50);
cmd1.Parameters["@UserID"].Value = strUserID;
string strRequestType = ddlReturnType.SelectedValue;
cmd1.Parameters.Add("@ReturnType", SqlDbType.NVarChar, 50);
cmd1.Parameters["@ReturnType"].Value = strRequestType;
string strCreateDate = lblOrderAttemptTime.Text;
cmd1.Parameters.Add("@CreateDate", SqlDbType.NVarChar, 50);
cmd1.Parameters["@CreateDate"].Value = strCreateDate;
cmd1.ExecuteNonQuery();
}
Wizard1.ActiveStepIndex = Wizard1.WizardSteps.IndexOf(this.WizardStep2);
...
Added also the using statement to close the connection and to dispose both command and connection.
You should always use this pattern to correctly close the connection also in case of exceptions thrown inside the using block