i've problem with login page.i need some guides or example coding to help me. i successfully create simple login page rite now n now i want adds some features based on accesslevel. i don't wanna using and i really don't know how to use roles based..so i really needs ur help..here my simple code..hope u can help me guys..
here my code:
Default.aspx
here my code:
Default.aspx
Code:
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="test._Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
<meta name="GENERATOR" content="Microsoft Visual Studio .NET 7.1">
<meta name="CODE_LANGUAGE" content="C#">
<meta name="vs_defaultClientScript" content="JavaScript">
<meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
</head>
<body>
<form id="frmlogin" method="post" runat="server">
<table id="mainTable" border="0">
<tr>
<td>
<table class="t_border" id="loginTable" cellspacing="15" cellpadding="0">
<tr>
<td><b>Email:</b></td>
<td><asp:textbox id="txtUserName" runat="server" width="160px"></asp:textbox>
<asp:requiredfieldvalidator id="rvUserValidator" runat="server" controltovalidate="txtUserName" errormessage="You must supply a Username!"
display="None"></asp:requiredfieldvalidator></td>
</tr>
<tr>
<td><b>Password: </b></td>
<td><asp:textbox id="txtPassword" runat="server" width="160px" TextMode="Password" ></asp:textbox>
<asp:requiredfieldvalidator id="rvPasswordValidator" runat="server" controltovalidate="txtPassword" errormessage="Empty Passwords not accepted"
display="None"></asp:requiredfieldvalidator></td>
</tr>
<tr>
<td align="center" colspan="2"><asp:button id="cmdSubmit" runat="server" text="Submit" borderstyle="Solid" OnClick="cmdSubmit_Click"></asp:button></td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table id="messageDisplay">
<tr>
<td><asp:validationsummary id="Validationsummary1" runat="server" width="472px" displaymode="BulletList"></asp:validationsummary></td>
</tr>
</table>
</td>
</tr>
</table>
</form>
<asp:label id="lblMessage2" runat="server" width="288px" font-bold="True" font-italic="True"
font-size="Medium" forecolor="#C00000"></asp:label> <br />
<br />
</body>
</html>
Default.aspx.cs
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
/* references from 1. http://www.programmingtalk.com/archive/index.php/t-2066.html
* 2. http://www.daniweb.com/forums/thread24148.html */
protected void cmdSubmit_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
if (DBConnection(txtUserName.Text, txtPassword.Text))
{
Session["name"] = txtUserName.Text;
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, true);
Response.Redirect("home.aspx");
if (accesslevel = 1)
{
Response.Redirect("home2.aspx");
}
else if (accesslevel = 2)
{
Response.Redirect("home3.aspx");
}
}
else
{
lblMessage2.Text = "Account information is incorrect!";
}
}
}
private bool DBConnection(String txtUserName, String txtPassword)
{
bool authenticated;
OdbcParameter mail;
OdbcParameter pswd;
//OdbcParameter accesslevel;
string myscalar;
OdbcConnection myConn = new OdbcConnection(ConfigurationManager.ConnectionStrings["hrTraining"].ConnectionString);
OdbcCommand cmd = new OdbcCommand("SELECT email, password, name, id, userlevel FROM hris WHERE (email = '" + txtUserName + "' AND password = '" + txtPassword + "')", myConn);
mail = cmd.Parameters.Add("?email", OdbcType.Char, 40);
mail.Value = txtUserName;
pswd = cmd.Parameters.Add("?password", OdbcType.VarChar, 40);
pswd.Value = txtPassword;
//accesslevel = cmd.Parameters.Add("?userlevel", OdbcType.Int);
myConn.Open();
//cmd.ExecuteNonQuery();
OdbcDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
myscalar = cmd.ExecuteScalar();
Session["userID"] = myscalar;
authenticated = true;
}
else
{
authenticated = false;
}
reader.Close();
myConn.Close();
myConn.Dispose();
return authenticated;
}
}
Comment