SqlConnection con = new SqlConnection("Data Source=PC\\SQLEXPRESS; Initial Catalog=login; Integrated Security=True"); con.Open(); string cmdstr="select count(*) from users where username='"+TextBox1.Text+"'"; SqlCommand checkuser=new SqlCommand(cmdstr,con); int temp=Convert.ToInt32(checkuser.ExecuteScalar().ToString()); if(temp==1) { string cmdstr2="select password from users where username='"+TextBox1.Text+"'"; SqlCommand pass=new SqlCommand(cmdstr2,con); string password=pass.ExecuteScalar().ToString(); if(password==TextBox2.Text) { Session["New"]=TextBox1.Text; Response.Redirect("secure.aspx"); } else { lblyes.Visible=true; lblyes.Text="invalid user"; }
SqlConnection conn = new SqlConnection("Data Source=PC\\SQLEXPRESS; Initial Catalog=mydb; Integrated Security=True"); protected void Page_Load(object sender, EventArgs e) { if (Session["New"] != null) { Label1.Text += Session["New"].ToString(); if (!IsPostBack) { LoadGridView(); } } else { Response.Redirect("Default.aspx"); } } private void LoadGridView() { //conn.Open(); SqlDataAdapter da = new SqlDataAdapter("Select * from user where username='"+Session["New"]+"'", conn); // the problem is in that query i think.. DataSet ds = new DataSet(); da.Fill(ds, "user"); GridView1.DataSource = ds.Tables[0]; GridView1.DataBind(); ; //conn.Close(); } // the fallowing is for logout protected void Button1_Click(object sender, EventArgs e) { Session["New"] = null; Response.Redirect("Default.aspx"); }
"Select * from user where username='"+Session["New"].toString()+"'"
"Select * from user where username='"+Label1.Text+"'"
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)