protected void loginButton_Click(object sender, EventArgs e)
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["RegistrationConnectionString"].ConnectionString);
conn.Open();
String checkUser = "******" + username.Text + "'";
SqlCommand com = new SqlCommand(checkUser, conn);
int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
conn.Close();
if (temp == 1)
{
conn.Open();
string checkPassQuery = "select password from Users where username='******'";
SqlCommand comm = new SqlCommand(checkPassQuery, conn);
string pass = comm.ExecuteScalar().ToString();
string loginPasswd = passsword.Text;
if (pass == loginPasswd)
{
Session["loggedInUser"] = username.Text;
UsersTableAdapter U = new UsersTableAdapter();
string role = U.getRoleByUsername(username.Text);
string avatar = U.getImage(username.Text);
Session["userRole"] = role;
Session["avatar"] = avatar;
Response.Write("Passwd is correct");
Response.Redirect("Default.aspx");
}
else
{
gresit.Visible = true;
}
}
else
{
gresit.Visible = true;
}
conn.Close();
}
