protected void btnLogin_Click(object sender, EventArgs e) { string userLoginQuery = "select Type from tblUsers where ID = '" + txtID.Text + "' and Password = '******'"; DBCon dbConnection = new DBCon(); dbConnection.ConOpen(); SqlDataReader typeReader = dbConnection.ExecuteReader(userLoginQuery); if (typeReader.Read()) { Session["UserId"] = txtID.Text; string userType = typeReader.GetString(0); dbConnection.ConClose(); switch (userType) { case "TEACHER": Response.Redirect("~/Teacher/TeacherHome.aspx"); break; case "STUDENT": Response.Redirect("~/Student/StudentHome.aspx"); break; case "ADMIN": Response.Redirect("~/Admin/AdminHome.aspx"); break; } } else { lblLoginStatus.Text = "Invalid Username/ Password"; } }
private void Bind_grdCourses() { ////populate courses not added to profile //myCon.ConOpen(); //queryString = "Select ComCod, CourseNo, CourseTitle from tblcourses where ComCod not in ( select ComCod from tblcourseteachermap where TeacherID = '" + Current_User_ID + "')"; //queryCommand = myCon.MakeSqlCommand(queryString); //sqlDA = new SqlDataAdapter(queryCommand); //System.Data.DataSet myDS = new System.Data.DataSet(); //sqlDA.Fill(myDS); ////myReader = myCon.ExecuteReader(queryString); ////grdCourses.DataSource = myReader; //grdCourses.DataSource = myDS; //grdCourses.DataBind(); //btnAddCourses.Visible = (grdCourses.Rows.Count != 0); //myDS.Dispose(); //myCon.ConClose(); String queryString; queryString = "Select ComCod, CourseNo, CourseTitle from tblcourses "; DBCon myCon = new DBCon(); myCon.ConOpen(); if (ddlDepartments.SelectedItem.Text != "All Departments" || ddlSem.SelectedItem.Text != "All Semesters" || txtSearchString.Text != "") { queryString += "where "; if (ddlDepartments.SelectedItem.Text != "All Departments") { queryString = queryString + " ComCod in (Select ComCod from tblDepartment where Department = '" + ddlDepartments.SelectedItem.Text + "'"; if (ddlSem.SelectedItem.Text != "All Semesters") { queryString += " and Semester = '" + ddlSem.SelectedItem.Text + "'"; } queryString += ") "; } else { if (ddlSem.SelectedItem.Text != "All Semesters") { queryString = queryString + " ComCod in (Select ComCod from tblDepartment where Semester = '" + ddlSem.SelectedItem.Text + "') "; } } if (txtSearchString.Text != "") { if (ddlDepartments.SelectedItem.Text != "All Departments" || ddlSem.SelectedItem.Text != "All Semesters") { queryString += " and "; } queryString += ddlSearchItem.SelectedItem.Value + " like '%" + txtSearchString.Text + "%'"; } } queryCommand = myCon.MakeSqlCommand(queryString); sqlDA = new SqlDataAdapter(queryCommand); System.Data.DataSet myDS = new System.Data.DataSet(); sqlDA.Fill(myDS); grdCourses.DataSource = myDS; grdCourses.DataBind(); btnAddCourses.Visible = (grdCourses.Rows.Count != 0); myCon.ConClose(); }