Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
yvette
Yak Posting Veteran
74 Posts |
 Posted - 2010-10-26 : 01:16:22
|
| Hi,i have three user name admin, supervisor and staff.after login, system will based on emptype to differentiate among of them and redirect to different homepage. (Emptype 1 - admin, 2 - supervisor, 3 - staff)my login code like this:Partial Class Login Inherits System.Web.UI.Page 'Dim myConn As SqlConnection Dim cmd As SqlCommand Dim dr As SqlDataReader Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLogin.Click Dim StrConn As String StrConn = ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString Dim myConn As New SqlConnection(StrConn) myConn.Open() cmd = New SqlCommand("SELECT UserName, Password, EmpType FROM EMPLOYEE where UserName = '" & txtUserName.Text & "'", myConn) dr = cmd.ExecuteReader If dr.Read Then If (dr(0).ToString = txtPassword.Text) Then Validation() Else lblStatus.Text = "Incorrect Password" End If Else lblStatus.Text = "User doesn't Exist" End If End Sub Protected Sub Validation() Try Dim EmpType As String If EmyType = 1 Then Response.Redirect("Admin_HomePage.aspx") Else If EmyType = 2 Then Response.Redirect("Supervisor_HomePage.aspx") Else If EmyType = 3 Then Response.Redirect("Staff_HomePage.aspx") End If End If End If Catch ex As Exception Response.Write(ex.Message) End Try End SubAnyone can help??thanks... |
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2010-11-21 : 17:36:25
|
| this is a very bad practice.Read up on ASP.NET Membership provider and asp.net authentication, you dont have to create clear text passwords, its totally different in aspnet and how its implemented.here is a sample videohttp://www.youtube.com/watch?v=8t1MoIsMUKE |
 |
|
|
|
|
|
how to authenticate user role