check session in every page?

if you are using a MasterPage you can put the checking code in the MasterPage's Page_Load event if not use either the Global.asax or a custom HttpModule and put the cheking code inside the the AcquireRequestState event handler for the first and the PostRequestHandlerExecute event handler for the second

Exmaple with Global.asax

public class Global : System.Web.HttpApplication
{ ...
    void Application_AcquireRequestState(object sender, EventArgs e)
    {            
        HttpContext context = HttpContext.Current;
        // CheckSession() inlined
        if (context.Session["LoggedIn"] != "true")
        {
          context.Response.Redirect("default.aspx");
        }
    }
  ...
}

You should probably consider using forms authentication:
http://www.asp.net/web-forms/videos/authentication/using-basic-forms-authentication-in-aspnet

You can configure a page, or folder to always require authorization, so the runtime will take care of that requirement rather than you having to check manually.

Derive your pages from a custom class that derives from Page

override the Load method by adding your session check code

now all your pages have the validation

public class MyPage : System.Web.UI.Page
 protected void Page_Load(object sender, EventArgs e)
 {
   if (Session["yoursession"] != "true")
   {
     //code
   }
 }



public class yourCustomPage1 : MyPage
{   
 protected void Page_Load(object sender, EventArgs e)
 {
   //you don't have to check or call any method..
 }
}

public class yourCustomPage2 : MyPage
{   
 protected void Page_Load(object sender, EventArgs e)
 {
   //you don't have to check or call any method..
 }
}

etc...

check session in every page?

Tags:

C#

.Net

Related

Recent Posts