This Way
Login Page:
<form id="form1" runat="server">
<div>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
User Name
</td>
<td>
<asp:TextBox ID="txtUserName" runat="server" />
</td>
</tr>
<tr>
<td>
Password
</td>
<td>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" />
</td>
</tr>
<tr>
<td colspan="1">
<asp:Button Text="Login" runat="server" OnClick="Login" />
</td>
</tr>
</table>
</div>
</form>
Login.aspx.cs: Code file
protected void Login(object sender, EventArgs e)
{
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
string sqlStatment = "SELECT * FROM [Authentication] WHERE UserName = @UserName and Password = @Password";
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand(sqlStatment, con))
{
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
cmd.Parameters.AddWithValue("@UserName", txtUserName.Text.Trim());
cmd.Parameters.AddWithValue("@Password", txtPassword.Text.Trim());
DataSet ds = new DataSet();
da.Fill(ds);
if (ds.Tables[0].Rows.Count > 0)
{
Session["IsAdmin"] = ds.Tables[0].Rows[0]["IsAdmin"];
Response.Redirect("Home.aspx");
}
else
{
string message = "Wrong UserName or Password";
System.Text.StringBuilder sb = new System.Text.StringBuilder();
sb.Append("<script type = 'text/javascript'>");
sb.Append("window.onload=function(){");
sb.Append("alert('");
sb.Append(message);
sb.Append("')};");
sb.Append("</script>");
ClientScript.RegisterClientScriptBlock(this.GetType(), "alert", sb.ToString());
}
}
}
}
}
Home Page : Here i am having two links admin and user. If user login then he will be able to see onlu user link:
HTML:
<form id="form1" runat="server">
<div>
<asp:HyperLink ID="lnkAddminOnly" runat="server" NavigateUrl="~/AdminOnly.aspx" Text="Admin" />
<asp:HyperLink ID="lnkUser" runat="server" NavigateUrl="#" Text="User" />
</div>
</form>
Home.aspx.cs Code file:
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
if (Session["IsAdmin"] != null)
{
// check if person is admin or user
if (Session["IsAdmin"].ToString().ToUpper() == "FALSE")
{
this.lnkAddminOnly.Visible = false;
}
}
}
}
If user directly put the OnlyAddmin.aspx in Url the he will be redirected to Home.aspx
C#:
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
if (Session["IsAdmin"] != null)
{
if (Session["IsAdmin"].ToString().ToUpper() == "FALSE")
{
Response.Redirect("Home.aspx");
}
}
}
}
Sql: I am having a column with IsAdmin which is a bit dataType
CREATE TABLE [dbo].[Authentication](
[UserName] [varchar](50) NULL,
[Password] [nvarchar](50) NULL,
[IsAdmin] [bit] NULL
) ON [PRIMARY]
GO
Please check the below code in VB.
Login.aspx:
<form id="form1" runat="server">
<div>
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
User Name
</td>
<td>
<asp:TextBox ID="txtUserName" runat="server" />
</td>
</tr>
<tr>
<td>
Password
</td>
<td>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" />
</td>
</tr>
<tr>
<td colspan="1">
<asp:Button ID="Button1" Text="Login" runat="server" OnClick="Login" />
</td>
</tr>
</table>
</div>
</form>
Login.aspx.vb
Protected Sub Login(ByVal sender As Object, ByVal e As EventArgs) Handles Button1.Click
Dim constr As String = ConfigurationManager.ConnectionStrings("ConString2").ConnectionString
Dim sqlStatment As String = "SELECT * FROM [Authentication] WHERE UserName = @UserName and Password = @Password"
Using con As New SqlConnection(constr)
Using cmd As New SqlCommand(sqlStatment, con)
Using da As New SqlDataAdapter(cmd)
cmd.Parameters.AddWithValue("@UserName", txtUserName.Text.Trim())
cmd.Parameters.AddWithValue("@Password", txtPassword.Text.Trim())
Dim ds As New DataSet()
da.Fill(ds)
If ds.Tables(0).Rows.Count > 0 Then
Session("IsAdmin") = ds.Tables(0).Rows(0)("IsAdmin")
Response.Redirect("Home.aspx")
Else
Dim message As String = "Wrong UserName or Password"
Dim sb As New System.Text.StringBuilder()
sb.Append("<script type = 'text/javascript'>")
sb.Append("window.onload=function(){")
sb.Append("alert('")
sb.Append(message)
sb.Append("')};")
sb.Append("</script>")
ClientScript.RegisterClientScriptBlock(Me.[GetType](), "alert", sb.ToString())
End If
End Using
End Using
End Using
End Sub
Home.aspx:
<form id="form1" runat="server">
<div>
<asp:HyperLink ID="lnkAddminOnly" runat="server" NavigateUrl="~/AdminOnly.aspx" Text="Admin" />
<asp:HyperLink ID="lnkUser" runat="server" NavigateUrl="#" Text="User" />
</div>
</form>
Home.aspx.vb:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles MyBase.Load
If Not Me.IsPostBack Then
If Session("IsAdmin") IsNot Nothing Then
' check if person is admin or user
If Session("IsAdmin").ToString().ToUpper() = "FALSE" Then
Me.lnkAddminOnly.Visible = False
End If
End If
End If
End Sub
OnlyAdmin.aspx.cs
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles MyBase.Load
If Not Me.IsPostBack Then
If Session("IsAdmin") IsNot Nothing Then
' check if person is admin or user
If Session("IsAdmin").ToString().ToUpper() = "FALSE" Then
Me.lnkAddminOnly.Visible = False
End If
End If
End If
End Sub
Thank You.