{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 来,给爷笑一个 的问题《User profiles in asp.net》','https://www.manongdao.com/q-709872.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have an asp.net project and I am trying to develop the user profile part, so that users can log in with their own profile (profile containing admin and users).
Is it okay to set a cookie on users computer, when the user is logged in and then let the user browse in site? I mean after after I check user name and password, by checking this cookie on every page I let the user browse the page or redirect to the login page.
Is this way okay?
Is this safe to use?
Is there any better approach for this?
I have written a couple of how-to answers about creating profiles from scratch:
For Web Sites (where the profile object is automatically generated for you based on Web.config settings).
For Web Applications (like MVC, where you need to specify the class inheriting
ProfileBase)You can use SqlProfileProvider. Adding profile properties can be done by adding some code to your web.confing (inside system.web section, database for sqlprofile structure must be present):
In this example I have added two profile properties languageId nad Company. You can access this properties using following code:
For additional info about SqlProfileProvider visit following link:
http://msdn.microsoft.com/en-us/library/system.web.profile.sqlprofileprovider.aspx