Gosh, that is some scary code (only referring to the Page_Load part) !! Do you realize how many problems that code has on so many different levels ? I won't go into the problems here because it would constitute an essay in itself.
To answer your question(s) then: The pseudocode for a Login page/control should be as follows: Page_Load: ~ If the page is loading for the first time, check if user is logged in (A UserID is present in Session). If yes, redirect to Home page. If no, show Login controls (username, password, submit button, Forgot password link). Login Submit Click: ~ Retrieve values of username and password textboxes. ~ Create an SqlCommand pointing to a Stored Procedure (SP) (called IsLoggedIn, for example) that validates a username/password combination against user credentials present in the database. ~ Set the SP parameters to those values retrieved from the username and password textboxes and execute the SP. The SP should simply return a True/False value. If required, you can return the UserID instead. ~ Based on this result, store the UserID into Session or show appropriate feedback to the user (eg. wrong password) ~ Redirect to the welcome page. You could also implement the same thing via a Cookie. On Jan 30, 7:21 pm, HelloWorld <[email protected]> wrote: > @Cerebrus > This is the Login page I created. but it does not involve any session > or cookies. > > namespace Login > { > public partial class _Default : System.Web.UI.Page > { > SqlConnection conn = new SqlConnection(@"Data Source=SWATY > \SQLEXPRESS;Initial Catalog=Project_mydb;Integrated Security=True"); > SqlCommand cmd = new SqlCommand(); > SqlDataAdapter da = new SqlDataAdapter(); > DataSet ds = new DataSet(); > > protected void Page_Load(object sender, EventArgs e) > { > cmd.CommandText = "select * from Login"; > cmd.Connection = conn; > da.SelectCommand = cmd; > da.Fill(ds, "Login"); > int totaluser = ds.Tables["Login"].Rows.Count; > for (int i = 0; i < totaluser; i++) > { > if (txtUserName.Text == ds.Tables["Login"].Rows[i] > ["Username"].ToString() && txtPassword.Text == ds.Tables["Login"].Rows > [i]["Password"].ToString()) > { > Response.Redirect("Home.aspx"); > } > else > { > Label3.Visible = true; > } > } > } > } > > } >
