protected void btnLogin_Click(object sender, EventArgs e) { string cs = ConfigurationManager.ConnectionStrings["DBMS"].ConnectionString; SqlConnection con = new SqlConnection(cs); SqlCommand com = new SqlCommand("select id from reg where user=@user and password=@pass", con); com.Parameters.AddWithValue("@user", txUName.Text); com.Parameters.AddWithValue("@pass", txPass.Text); con.Open(); var oid = com.ExecuteScalar(); con.Close(); if (oid == null) { lblEr.Visible = true; } else { Session.Add("id", oid.ToString()); Session.Add("user", txUName.Text); com = new SqlCommand("select type from dbo.reg where user=@u", con); com.Parameters.AddWithValue("@u", txUName.Text); con.Open(); var otype = com.ExecuteScalar(); con.Close(); var vtype = "admin"; if (vtype == otype.ToString()) { Session.Add("admin", otype.ToString()); Response.Redirect("admin.aspx"); } Response.Redirect("user.aspx"); } }
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)