That is why you should store the User's ID in a Session variable.



The server maintains a Session for every unique browser that comes to the site. That way User A won't see User B's data and User B won't see User A's data.



But beware! The Session will expire in 20 minutes (default). You can make the session timeout longer, but it will still only store data for so long (and won't persist if IIS is restarted). You need to have any information that you want saved permanently stored in a database.

It sounds to me like you need to do some reading about this. As it turns out, there are many ways to "persist" information in a .NET web application.



The most global is indeed the session. You can fill a session variable when a person first hits a site. As long as you don't change it, it will stay set until the user closes the browser or goes for more than 20 minutes without posting back (hitting another page on the site). You can configure that in the web.config file.



Here is how to add something to the session. On one page, you can say something like ...

Session("UserID") = txtLogin.Text.Trim()



On another page, you can say something like ...

Dim cmd As New SqlCommand

Dim cn As New SqlConnection(Session("db_connectionstring")

cmd.Connection = cn

cmd.CommandText = "SELECT field1, field2 FROM sometable WHERE User = @UserID

cmd.Parameters.Add("@UserID", SqlDbType.Varchar)

cmd.Parameters("@UserId").Value = Session("UserID")



Dim dr As SqlDataReader = cmd.ExecuteReader()



blah.. blah... blah...

Store the info in a Cookie.

The cookie resides on the user's machine, so the data will stay with the right person.



Alternately, you can embed the data in the web address.

default.aspx?var1=asdf



Then you can do a QueryString to get it back.