Azm Amn

Azm Amn

  • NA
  • 108
  • 16.6k

Login Page ASP.NET

Jul 30 2015 1:11 AM
Hi, 
 
I created a login page with a stored procedure in my DB. I want the application to check the designation of the user in the DB and redirect them to the respective page. If Circle Inspector redirect to a page, if Sub Inspector or Constable redirect to another page.
 
Behind Code Login Page
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;
namespace Final_Project
{
public partial class WebForm1 : System.Web.UI.Page
{
SqlConnection con = new SqlConnection("Data Source=AHZAM-PC\\AHZAM;Initial Catalog=Police;Integrated Security=True");
protected void Page_Load(object sender, EventArgs e)
{
}
public int Validate_Login(String Username, String Password)
{
SqlCommand cmdselect = new SqlCommand();
cmdselect.CommandType = CommandType.StoredProcedure;
cmdselect.CommandText = "lgin";
cmdselect.Parameters.Add("@Username", SqlDbType.VarChar, 50).Value = Username;
cmdselect.Parameters.Add("@Password", SqlDbType.VarChar, 50).Value = Password;
cmdselect.Parameters.Add("@OutRes", SqlDbType.Int, 4);
cmdselect.Parameters["@OutRes"].Direction = ParameterDirection.Output;
cmdselect.Connection = con;
int Results = 0;
try
{
con.Open();
cmdselect.ExecuteNonQuery();
Results = (int)cmdselect.Parameters["@OutRes"].Value;
}
catch (SqlException ex)
{
lblMessage.Text = ex.Message;
}
finally
{
cmdselect.Dispose();
if (con != null)
{
con.Close();
}
}
return Results;
}
protected void btnlogin_Click(object sender, EventArgs e)
{
if ((txtUsername.Text== "Admin") && (txtPassword.Text=="@dMiN"))
{
Response.Redirect("Admin CP.aspx");
}
int Results = 0;
if (txtUsername.Text != string.Empty && txtPassword.Text != string.Empty)
{
Results = Validate_Login(txtUsername.Text.Trim(), txtPassword.Text.Trim());
if (Results == 1)
{
Response.Redirect("User CP.aspx");
}
else
{
lblMessage.Text = "Invalid Login";
lblMessage.ForeColor = System.Drawing.Color.Red;
//Dont Give too much information this might tell a hacker what is wrong in the login
}
}
else
{
lblMessage.Text = "Please make sure that the username and the password is filled in";
}
}
}
}
Please help me how am i suppossed to do the redirection according to the designation on the DB 
 

Answers (13)