Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C# ASP.NET
I want to create a loginpage for user and check whether they are admin or general user. i have written the following code. I think the logic is correct but I dont know why the output of the program is not correct. Please help me with this.
 
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
 
namespace Bidders_Joint
{
public partial class WebForm2 : System.Web.UI.Page
{
string constr = ConfigurationManager.ConnectionStrings["BiddersJoint"].ToString();
string password;
string type;
protected void Page_Load(object sender, EventArgs e)
{
 
}
 
protected void btnLogin_Click(object sender, EventArgs e)
{



SqlConnection con = new SqlConnection(constr);
SqlCommand cmd = new SqlCommand("select Password,Type from TABLE_USER where User_ID = @userid", con);
cmd.Parameters.AddWithValue("@userid",txtUserid.Text.ToString());
try
{
cmd.Connection.Open();
SqlDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
password = dr["Password"].ToString();
type = dr["Type"].ToString();
}
if ((password == txtPassword.Text.ToString()) && (type == "admin"))
{
Response.Redirect("administrator.aspx");
}
 
if ((password==txtPassword.Text.ToString()) && (type=="general"))
{
Response.Redirect("userspage.aspx");
}
else
{
lblMessage.Text = "wrong userid or password";
}

 
}
catch (Exception ex)
{
 
lblMessage.Text = ex.Message;
}
finally
{
cmd.Connection.Close();
}
}
 

 

}
}
 
output is always worng userid or password even when userid and password are correct
Posted 12-Jul-13 19:03pm
Comments
dholakiyaankit at 13-Jul-13 0:13am
   
debug the code get values where you have problem tell us
anshulpui2 at 13-Jul-13 1:44am
   
the code is not working. Please check the solution given below, I used that but still it did not work
anshulpui2 at 13-Jul-13 1:21am
   
@siddhesh, I tried to use your code too. But no redirection is taking place. Nothing happens even if I type wrong userid or password :(
Siddhesh Patankar at 13-Jul-13 1:45am
   
Just check the logic the SQl query will check if the username password pair is present or not... if present it will return rows else no. then you can compare the types. I guess if that doesnt work you will have to debug the code to find out what results you are getting. First put a break point on DataReader to check if the query is giving out any output or not

1 solution

Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

Change the code to this... actually your logic is correct but approach is wrong.
The usual approach is
 
 
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
 
namespace Bidders_Joint
{
public partial class WebForm2 : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
 
}
 
protected void btnLogin_Click(object sender, EventArgs e)
{
string constr = ConfigurationManager.ConnectionStrings["BiddersJoint"].ToString();
string type;
SqlConnection con = new SqlConnection(constr);
SqlCommand cmd = new SqlCommand("select Type from TABLE_USER where User_ID = @userid AND Password=@password" , con);
cmd.Parameters.AddWithValue("@userid",txtUserid.Text);
cmd.Parameters.AddWithValue("@password",txtPassword.Text);
try
{
con.open();//cmd.Connection.Open();
SqlDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
if(dr.HasRows)
{
   type = dr["Type"].ToString();
   if (type == "admin")
  {
      Response.Redirect("administrator.aspx");
  }
 else  if (type=="general")
  {
       Response.Redirect("userspage.aspx");
  }
}
 
else
{
lblMessage.Text = "wrong userid or password";
}
}
 
}
catch (Exception ex)
{
 lblMessage.Text = ex.Message;
}
finally
{
con.close(); //cmd.Connection.Close();
}
}
 

 
I have put the variables you declared inside the Click event and Changed the query.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Maciej Los 310
1 OriginalGriff 285
2 Afzaal Ahmad Zeeshan 200
3 Sergey Alexandrovich Kryukov 195
4 BillWoodruff 180
0 OriginalGriff 6,499
1 Sergey Alexandrovich Kryukov 6,048
2 DamithSL 5,193
3 Manas Bhardwaj 4,657
4 Maciej Los 4,120


Advertise | Privacy | Mobile
Web02 | 2.8.1411022.1 | Last Updated 13 Jul 2013
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100