public partial class _Default : System.Web.UI.Page
{
SqlConnection con = new SqlConnection(@"Data Source = A\SQLEXPRESS;Initial Catalog=bank;Integrated Security = True");
SqlDataAdapter ada;
DataSet ds;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnlogin_Click(object sender, EventArgs e)
{
try
{
string struname = txtusername.Text;
string strpwd = txtpwd.Text;
ds = new DataSet();
ada = new SqlDataAdapter("SELECT * FROM users WHERE Username = '" + struname + "' and Password = '" + strpwd + "'", con);
ada.Fill(ds, "users");
if (Convert.ToBoolean(ds.Tables["users"].Rows[0]["IsAdmin"].ToString() == "True"))
{
Response.Redirect("AdminScreen.aspx");
}
else if (ds.Tables[0].Rows.Count == 0)
{
Response.Write("<script>alert('Please check the Username and Password')</script>");
clearcontrols();
txtusername.Focus();
}
else
{
Session["Id"] = ds.Tables[0].Rows[0][0].ToString();
Session["username"] = ds.Tables[0].Rows[0][1].ToString();
}
}
catch
{
Response.Write("<script>alert('Please check the Username and Password')</script>");
}
}
public void clearcontrols()
{
txtusername.Text = "";
txtpwd.Text = "";
}
}
}