foreach(DataRow row in dt.Rows)
{
if(row["UserName"].ToString() == this.txtUsername.Text && row["Password"].ToString() == this.txtPassword.Text )
{
Session["Logged"] = "Yes";
Session["User"] = this.txtUsername.Text;
Response.Redirect("Main.aspx");
}
else
{
this.Label1.Text = "Login Failed!
Username or Password is not correct";
}
}
Friend, the way you are using to fetch data from DB is insecure. You should use stored-proc.