Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- protected void Button1_Click(object sender, EventArgs e)
- {
- SqlConnection con = new SqlConnection("Data Source=(local);Initial Catalog=payroll;Integrated Security=True");
- SqlCommand cmd = new SqlCommand("Select employeeid FROM employees WHERE username='" + TextBox1.Text + "'and password='"+TextBox2.Text+"'", con);
- cmd.CommandType = CommandType.Text;
- cmd.Parameters.AddWithValue("@username", TextBox1.Text);
- cmd.Parameters.AddWithValue("@password", TextBox2.Text);
- con.Open();
- SqlDataReader dr = cmd.ExecuteReader();
- if (dr.Read()) //I'M WRONG FROM HERE ONWARDS.
- {
- Response.Redirect("Admin.aspx");
- }
- con.Close();
- dr.Close();
- }
Add Comment
Please, Sign In to add comment