protected bool Validate(string userid, string password) { sqlController sqC = new sqlController(); DataTable dt = sqC.GetCredentials(userid); if (dt.Rows.Count > 0) { string passwordHash = dt.Rows[0]["password"].ToString(); string userPassword = Hash.EncodePasswordToBase64(password.TrimStart().TrimEnd()); if (dt.Rows[0]["userid"].ToString().Trim() == userid && passwordHash == userPassword) { User user = new User(); user.ID = (int)dt.Rows[0]["id"]; user.UserID = dt.Rows[0]["userid"].ToString().Trim(); user.Name = dt.Rows[0]["name"].ToString().Trim(); user.IsAdmin = (int)dt.Rows[0]["isadmin"] == 1; Session["User"] = user; return(true); } else { return(false); } } else { return(false); } }