protected void LoginUser_LoggedIn(object sender, EventArgs e) { MyShoppingCart cart = new MyShoppingCart(); string shoppingCartId = cart.GetShoppingCartId(); cart.MigrateCart(shoppingCartId, this.LoginUser.UserName); if (this.Session["LoginReferrer"] != null) { base.Response.Redirect(this.Session["LoginReferrer"].ToString()); } this.Session["UserName"] = this.LoginUser.UserName; }
da = new SqlDataAdapter("select count(*) from Login where UserName='" + TextBox1.Text.ToString() + "' and Password='" + TextBox2.Text.ToString() + "' and status='Activate' ", AdminCommerceEntities); int n = Convert.ToInt32(da.SelectCommand.ExecuteScalar()); if (n == 1) { da = new SqlDataAdapter("select * from Login where UserName='" + TextBox1.Text.ToString() + "' and Password='" + TextBox2.Text.ToString() + "' ", AdminCommerceEntities); ds = new DataSet(); da.Fill(ds, "Login"); if (ds.Tables["Login"].Rows.Count > 0 && ds.Tables.Count > 0) { Session["UserName"] = TextBox1.Text.Trim(); Session["UserID"] = ds.Tables["Login"].Rows[0][0].ToString(); AdminCommerceEntities.Close(); Response.Redirect("~/Default.aspx"); } else { Label1.Text = "Invalid userid and password."; } }
Robert'; DROP TABLE Login;--
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)