i want to view the profile(details) of a specific logged customer from sql database to gridview

Question

here is my viewprofile.aspx code where the binding will take place. im planning to bind my data in sql to my gridview but it is showing me all of the data(from sql) instead of that of the specific logged in customer. Here is my code:

protected void Page_Load(object sender, EventArgs e)
        {
            if (Session["New"] != null)
            {
                bindgrid();
            }
        }
public void bindgrid()
        {
            SqlConnection conn = new SqlConnection("Data Source = 'PAULO'; Initial Catalog=ShoppingCartDB;Integrated Security =True");
            SqlCommand cmd = new SqlCommand("select * from UserData WHERE Username = Username ", conn);

        SqlDataAdapter da = new SqlDataAdapter("", conn);
        da.SelectCommand = new SqlCommand("select * from UserData WHERE Username = Username", conn);
        DataSet ds = new DataSet();
        da.Fill(ds, "data");
        GridView1.DataSource = ds.Tables[0].DefaultView;
        GridView1.DataBind();
    }

Answer 1

it is showing me all of the data(from sql) instead of that of the specific logged in customer

That's because of the WHERE condition in your SELECT query which says WHERE Username = Username which is a TAUTOLOGY and will always be TRUE and so fetching all rows.

In essence your SELECT query is just doing

select * from UserData;

You need to specify the logged in customerid in WHERE condition to get his/her record.

Considering that you have a variable named Username in your ASP.NET code where you have stored current logged in customer name; then change your code like below

SqlCommand cmd = new SqlCommand("select * from UserData WHERE Username = @Username ", conn);
cmd.Parameters.AddWithValue("@Username", Username);
da.SelectCommand = cmd;