-----------------to compare user id and password for login page creation-----------------
----take two txt boxes and one button------------
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.OleDb;
public partial class Login : System.Web.UI.Page
{
OleDbConnection con = new OleDbConnection(ConfigurationManager.ConnectionStrings["access"].ToString());
OleDbCommand cmd;
protected void Page_Load(object sender, EventArgs e)
{
Page.Form.DefaultFocus = txt_UserName.ClientID;
}
protected void Btn_Login_Click(object sender, EventArgs e)
{
if (ValidateUser(txt_UserName.Text.ToString(), txt_Pwd.Text.ToString()))
{
switch (txt_UserName.Text.ToLower())
{
case "admg":
Response.Redirect("~/Modified/ADMG.aspx");
break;
case "collector":
Response.Redirect("~/Modified/Collector.aspx");
break;
case "ddmg":
Response.Redirect("~/Modified/DDMG.aspx");
break;
case "dfo":
Response.Redirect("~/Modified/DFO.aspx");
break;
case "dmg":
Response.Redirect("~/Modified/DMG.aspx");
break;
case "goi":
Response.Redirect("~/Modified/GOI.aspx");
break;
case "jonaljd":
Response.Redirect("~/Modified/JonalJD.aspx");
break;
case "mro":
Response.Redirect("~/Modified/MRO.aspx");
break;
case "new":
Response.Redirect("~/Modified/application form.aspx");
break;
}
}
Response.Write("Invalid Credentials");
}
private bool ValidateUser(string userName, string passWord)
{
string lookupPassword = null;
// Check for invalid userName.
// userName must not be null and must be between 1 and 15 characters.
try
{
// Consult with your SQL Server administrator for an appropriate connection
// string to use to connect to your local SQL Server.
con.Open();
// Create SqlCommand to select pwd field from users table given supplied userName.
cmd = new OleDbCommand("Select password from Login where Login_name=@userName", con);
cmd.Parameters.AddWithValue("@userName", txt_UserName.Text.ToString());
// Execute command and fetch pwd field into lookupPassword string.
lookupPassword = (string)cmd.ExecuteScalar();
// Cleanup command and connection objects.
cmd.Dispose();
con.Dispose();
}
catch (Exception ex)
{
// Add error handling here for debugging.
// This error message should not be sent back to the caller.
System.Diagnostics.Trace.WriteLine("[ValidateUser] Exception " + ex.Message);
}
// If no password found, return false.
if (null == lookupPassword)
{
// You could write failed login attempts here to event log for additional security.
return false;
}
// Compare lookupPassword and input passWord, using a case-sensitive comparison.
return (0 == string.Compare(lookupPassword, txt_Pwd.Text.ToString(), false));
}
}
No comments:
Post a Comment