using System;using System.Collections.Generic;using System.Linq;using Syst

1. using System;
2. using System.Collections.Generic;
3. using System.Linq;
4. using System.Web;
5. using System.Web.UI;
6. using System.Web.UI.WebControls;
7. using System.Data.SqlClient;
8. using System.Xml.Linq;
9. using System.Web.Security;
10. using System.Data;
11.  
12. public partial class login : System.Web.UI.Page
13. {
14. protected void Page_Load(object sender, EventArgs e)
15. {
16.  
17. }
18. protected void loginB_Click(object sender, EventArgs e)
19. {
20. string struser = usertxt.Text;
21. string strpass = passtxt.Text;
22. string s;
23. string strSelect = "SELECT count (*) FROM ADMIN WHERE USERNAME = '" + struser + "' AND PASSWORD = '" + strpass + "' ";
24.  
25. SqlConnection con = new SqlConnection(@"Data Source=(LocalDB)\v11.0;AttachDbFilename='F:\adva\authentication\midterm\App_Data\Store.mdf';Integrated Security=True;MultipleActiveResultSets=True;Application Name=EntityFramework");
26. SqlDataAdapter sda = new SqlDataAdapter("Select count (*) from ADMIN WHERE USERNAME = '" + usertxt.Text + "'AND PASSWORD = '" + passtxt.Text +"'",con);
27. SqlCommand cmd = new SqlCommand(strSelect, con);
28. DataTable dt = new DataTable();
29. sda.Fill(dt);
30. if (dt.Rows[0][0].ToString() == "1")
31. {
32.  
33. Session["user_id"] = struser;
34.  
35. Response.Redirect("AddItems.aspx");
36. }
37. else
38. {
39. Response.Redirect("login.aspx");
40.  
41. }
42. // SqlDataReader myReader = cmd.ExecuteReader();
43. /* s = cmd.ExecuteScalar().ToString();
44. Boolean auth = false;
45. if (s=="1")
46. {
47. // auth = true;
48. Session["user"] = struser;
49. Response.Redirect("adminMenu.aspx");
50. }
51. // myReader.Close();
52. con.Close();
53.  
54.  
55. if (auth == true)
56. {
57. // auth success
58. // redirect to menu.aspx
59. Response.Redirect("adminMenu.aspx");
60. }
61. else
62. {
63. // show an error message
64. usertxt.Text = "wrong!";
65. }
66. */
67.  
68. }
69. }