Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Web;
- using System.Web.UI;
- using System.Web.UI.WebControls;
- public partial class login : System.Web.UI.Page
- {
- const string fileName = "database.accdb";
- protected void Page_Load(object sender, EventArgs e)
- {
- if (Session["user"] == null && Session["admin"] == null) {
- if (Request.Form["submit"] != null) {
- string selectQuery = "SELECT * FROM Users WHERE username = '" + Request.Form["username"] + "' AND password = '" + Request.Form["password"] + "' OR email = '" + Request.Form["username"] + "' AND password = '" + Request.Form["password"] + "'";
- if (MyAdoHelper.Exist(fileName, selectQuery)) {
- string isAdminQuery = "SELECT * FROM Users WHERE username = '" + Request.Form["username"] + "' AND level = 'admin' OR email = '" + Request.Form["email"] + "' AND level = 'admin'";
- if (MyAdoHelper.Exist(fileName, isAdminQuery)) {
- Session["admin"] = Request.Form["username"];
- Response.Redirect("Default.aspx");
- Response.End();
- }
- else {
- Session["user"] = Request.Form["username"];
- Response.Redirect("Default.aspx");
- Response.End();
- }
- }
- else {
- Response.Redirect("unsuccessful_login.aspx");
- Response.End();
- }
- }
- }
- else {
- Response.Redirect("Default.aspx");
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement