You can do something like the below
Select the Username and PWD into variables and then validate them
First check if the Username exists in the the database,
If YES, the get all items like ROLE, EMAIL ID ETC and the store them into a Session variable so that they can be used through out the website.
you can modify the below to suit you need.
Sub validateuser()
Try
sqlcon = New OleDbConnection(constr)
sqlcon.Open()
sqlcmd = New OleDbCommand("SELECT COUNT(*) FROM att_userrole WHERE username = '" + Login1.UserName + " AND password = '" + Login1.Password + "'", sqlcon)
retval = sqlcmd.ExecuteScalar
If retval = 1 Then
sqlcmd = New OleDbCommand("SELECT role, emailid FROM att_userrole WHERE username = '" + Login1.UserName + "'", sqlcon)
sqlrdr = sqlcmd.ExecuteReader()
sqlrdr.Read()
Session("username") = Login1.UserName
getrole = (sqlrdr.Item("role"))
Session("userrole") = getrole
getemail = (sqlrdr.Item("emailid"))
Session("reqemailid") = getemail
Response.Redirect("~\Home.aspx")
Else
lbl_msg.Text = ("Invalid login attmept")
End If
Catch ex As Exception
lbl_msg.Text = ex.Message.ToString
End Try
End Sub
Hope this helps