Whenever user logs in retrieve only particular user orders.
Like.
In page_load event,
You will have current user id from login page. So Have a sqlCommand in page_load which take userid as parameter and retrive orders for particular user and fill it in datatable/gridview.
Page_load
Guid theGuid =
SqlCommand cmd=new SqlCommand("select * from Orders where UserId=@UserId",con);
command.Parameters.Add("@UserId", SqlDbType.UniqueIdentifier).Value = System.Data.SqlTypes.SqlGuid.Parse(theGuid.ToString());
//then execute and fill into datatable/dataset.
Also incase if you pass UserId as session variable as string, you have to change it
string theGuid =
SqlCommand cmd=new SqlCommand("select * from Orders where UserId=@UserId",con);
command.Parameters.Add("@UserId", SqlDbType.UniqueIdentifier).Value = System.Data.SqlTypes.SqlGuid.Parse(theGuid);
Regarding ur other question, whenever u are trying to save new order, you have to pass 3 parameters including USerId, so that it wont be null, You can use the above piece of code for adding GUID parameters during Order insert method