protected void Page_Load(object sender, EventArgs e) { if (Session["LoggedIn"] != null && Session["Role"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null) { if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value)) { Session.Clear(); Session.Abandon(); Session.RemoveAll(); Response.Redirect("Staff_Login.aspx"); if (Request.Cookies["ASP.NET_SessionId"] != null) { Response.Cookies["ASP.NET_SessionId"].Value = string.Empty; Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20); } if (Request.Cookies["AuthToken"] != null) { Response.Cookies["AuthToken"].Value = string.Empty; Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20); } } else { if (Session["Role"].ToString() == "Staff") // ensures that only staff are able to access the page { // on page load codes here DBServiceReference.Service1Client client = new DBServiceReference.Service1Client(); var user = client.GetAccountByEmail(Session["LoggedIn"].ToString()); reports_lb.Text = client.CountUnresolvedReports().ToString(); reviews_lb.Text = client.CountPendingReviews().ToString(); gems_lb.Text = client.CountPendingGems().ToString(); // populating charts double[] yValues = { 25, 27 }; string[] xValues = { "Female", "Male" }; gender_chart.Series["gender"].Points.DataBindXY(xValues, yValues); gender_chart.Series["gender"].Points[0].Color = Color.PaleVioletRed; gender_chart.Series["gender"].Points[1].Color = Color.PaleTurquoise; } else { Session.Clear(); Session.Abandon(); Session.RemoveAll(); Response.Redirect("Staff_Login.aspx"); if (Request.Cookies["ASP.NET_SessionId"] != null) { Response.Cookies["ASP.NET_SessionId"].Value = string.Empty; Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20); } if (Request.Cookies["AuthToken"] != null) { Response.Cookies["AuthToken"].Value = string.Empty; Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20); } } } } else { Session.Clear(); Session.Abandon(); Session.RemoveAll(); Response.Redirect("Staff_Login.aspx"); if (Request.Cookies["ASP.NET_SessionId"] != null) { Response.Cookies["ASP.NET_SessionId"].Value = string.Empty; Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20); } if (Request.Cookies["AuthToken"] != null) { Response.Cookies["AuthToken"].Value = string.Empty; Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20); } } }