646 Chapter 13 • Creating a Message Board with ADO and XML
Figure 13.67 The Page_Load Method (Admin.aspx.vb)
Private Sub Page_Load(ByVal sender As System.Object, _ ByVal e As System.EventArgs) Handles MyBase.Load 'only logged-in admins can enter this page
If Me.IsLoggedIn = False Then
Response.Redirect("default.aspx")
ElseIf Me.CurrentUser.IsAdmin = False Then
Response.Redirect("default.aspx")
End If
'get the users bound to the drop down list If Not Me.IsPostBack Then
Dim myUsers As DataSet
Dim sql As String
sql = "SELECT UserID, UserName FROM Users"
myUsers = dotBoardObjects.DataControl.GetDataSet(sql) dlUsers.DataTextField = "Username" dlUsers.DataValueField = "UserID"
dlUsers.DataMember = "data" dlUsers.DataSource = myUsers dlUsers.DataBind()
End If
Me.ApplyStyles(Me.Controls)
End Sub
The first thing this method does is guarantee that there is a logged in user, and that the currently logged in user is an administrator. If either of these is not true, it sends the user back to default.aspx. Next, it makes sure the page has not posted back to itself; since there’s no need to DataBind a drop-down list every time the page is executed, as ASP.NET will handle that for us. If the page has not posted back to itself, it builds a SQL statement to retrieve the UserIDs and Usernames from the Users table in the database. It then gets a DataSet from the dotBoardObjects.DataControl class, and dynamically binds the DropDownList to the
DataSet. Finally, it applies the styles to this page and exits.
The next thing we need to do is get the ability to select a user from the drop-down list, and have the page load that user’s information.The click event