Пример #1
0
        protected void btnSubmit_Click1(object sender, EventArgs e)
        {
            string mess = "";

            if (txtUser.Text.Trim() == "")
            {
                mess += "- กรุณาป้อน Username<br/>";
            }

            if (txtPass.Text.Trim() == "")
            {
                mess += "- กรุณาป้อน Password<br/>";
            }

            if (mess == "")
            {
                string          sql = "SELECT * FROM tbl_user WHERE username ='******' AND PASSWORD = '******'";
                MySqlDataReader rs  = function.MySqlSelect(sql);
                if (rs.Read())
                {
                    if (!rs.IsDBNull(0))
                    {
                        // Storee Session
                        Session.Add("User", txtUser.Text);
                        Session.Add("UserName", rs.GetString("name"));
                        Session.Add("UserPrivilegeId", rs.GetString("level"));
                        Session.Add("UserPrivilege", function.GetLevel(int.Parse(rs.GetString("level"))));
                        Session.Add("UserCpoint", rs.GetString("user_cpoint"));
                        Session.Timeout = 60 * 24;

                        //Page.ClientScript.RegisterStartupScript(Page.GetType(), "Message Box", "<script language = 'javascript'>alert('dd')</script>");
                        Response.Redirect("/");
                    }
                    else
                    {
                        mess += "- Username หรือ Password ไม่ถูกต้อง";
                    }
                }
                else
                {
                    mess += "- Username หรือ Password ไม่ถูกต้อง";
                }
                rs.Close();
                function.Close();
            }

            if (mess != "")
            {
                MsgBox(mess);
            }
            else
            {
                msgBox.Text = "";
            }
        }