Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- protected void btn_login_Click(object sender, EventArgs e)
- {
- con.Open();
- string query = "SELECT COUNT(*) FROM users WHERE username=@userName AND password=@password";
- string adquery = "SELECT COUNT(*) FROM users WHERE username=@userName AND password=@password AND isadmin='True'";
- SqlCommand cmd = new SqlCommand(query, con);
- SqlCommand cmd2 = new SqlCommand(adquery, con);
- cmd.Parameters.Add(new SqlParameter("@userName", txtUserName.Text));
- cmd.Parameters.Add(new SqlParameter("@password", txtPassWord.Text));
- cmd2.Parameters.Add(new SqlParameter("@userName", txtUserName.Text));
- cmd2.Parameters.Add(new SqlParameter("@password", txtPassWord.Text));
- string output = cmd.ExecuteScalar().ToString();
- string outputadmin = cmd2.ExecuteScalar().ToString();
- if (output == "1" && outputadmin == "0")
- {
- //Creating a session for the user
- Session["user"] = txtUserName.Text;
- Response.Redirect("StudentZone.aspx");
- }
- else if (output == "1" && outputadmin == "1")
- {
- Session["admin"] = txtUserName.Text;
- Response.Redirect("admin.aspx");
- }
- else
- {
- Response.Write("Login failed.");
- }
- con.Close();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement