private void btnLogin_Click(object sender, EventArgs e) { BPUsers bpUsers = new BPUsers(); int memberID; string returnURL; returnURL = Request.QueryString["returnUrl"]; if (returnURL == null) { returnURL = "Index.aspx"; } memberID = bpUsers.Login(txtLoginID.Text, txtPassword.Text); if (memberID > 0) { FormsAuthenticationTicket ticket; string hash; HttpCookie cookie; ticket = new FormsAuthenticationTicket(1, txtLoginID.Text, DateTime.Now, DateTime.Now.AddMinutes(30), true, memberID + ";" + bpUsers.GetUserGroupPermissions(memberID), FormsAuthentication.FormsCookiePath); hash = FormsAuthentication.Encrypt(ticket); //new way cookie = FormsAuthentication.GetAuthCookie(txtLoginID.Text, false, FormsAuthentication.FormsCookiePath); cookie.Name = FormsAuthentication.FormsCookieName; //cookie.Domain = "." + Request.ServerVariables["HTTP_HOST"]; cookie.Value = hash; Response.AppendCookie(cookie); Response.Redirect(returnURL); } else { lblErr.Visible = true; } }
private void btnSubmit_Click(object sender, System.EventArgs e) { BPUsers bp = new BPUsers(); DSUsers = bp.SelectByID(UserID); BEUsers.tbl_UsersRow user = DSUsers.tbl_Users.FindByUserID(UserID); user.LoginID = txtLoginName.Text; user.Password = txtPassword.Text; int testUserID = bp.Login(txtLoginName.Text, txtPassword.Text); if (testUserID == 0 || testUserID == UserID) { bp.Update(DSUsers); lblErr.Text = ""; Response.Redirect(HttpUtility.UrlDecode( Request.QueryString["ReturnUrl"])); } else { lblErr.Text = "Sorry username and password taken."; } }