if you are using login control..
<asp:Label ID="lblMessage" runat="server" Text="Label"></asp:Label>
<asp:Login ID="ctlLogin" runat="server" OnAuthenticate="OnAuthenticate">
<LayoutTemplate>
<asp:TextBox ID="UserName" runat="server"></asp:TextBox>
<asp:TextBox ID="Password" runat="server" TextMode="Password" ></asp:TextBox>
<asp:Button ID="Button2" ValidationGroup="ctlLogin" CommandName="Login" runat="server" Text="Button" />
</LayoutTemplate>
</asp:Login>
code behind...
bool Authenticated;
protected void OnAuthenticate(object sender, AuthenticateEventArgs e)
{
Authenticated = false;
Authenticated = UserAuthenticate(ctlLogin.UserName, ctlLogin.Password);
e.Authenticated = Authenticated;
if (Authenticated == true)
{
Response.Redirect("~/home.aspx");
}
}
private bool UserAuthenticate(string UserName, string Password)
{
bool passwordMatch = false;
SqlCommand cmd = new SqlCommand("Select email,Password FROM [User] where Email=@userName", con);
cmd.CommandType = CommandType.Text;
SqlParameter sqlParam = cmd.Parameters.Add("@userName", SqlDbType.VarChar, 100);
sqlParam.Value = UserName;
try
{
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
reader.Read();
if (reader.HasRows)
{
if (reader != null)
{
string dbid = reader.GetString(0);
string dbpass = reader.GetString(1);
if (dbid == UserName && dbpass == Password)
{
passwordMatch = true;
}
}
}
else
{
lblMessage.Text = "You have not registered yet!";
}
}
catch (Exception ex)
{
throw new Exception("Execption verifying password. " + ex.Message);
}
finally
{
con.Close();
}
return passwordMatch;
}
hope you will get idea. good luck.