maybe this can help.?
tihis page login.aspx
protected void btnlogin_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["cs"].ConnectionString);
con.Open();
SqlCommand cmd = new SqlCommand("select COUNT(*)FROM tbluser WHERE username='" + txtusername.Text + "' and passwd='" + txtpasswd.Text + "'");
cmd.Connection = con;
int OBJ = Convert.ToInt32(cmd.ExecuteScalar());
if (OBJ > 0)
{
Session["name"] = txtusername.Text;
Response.Redirect("Cek_user.aspx");
}
else
{
ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username and Password')</script>");
// this.Label1.ForeColor = Color.Red;
}
}
and this page cekuser.aspx
protected void Page_Load(object sender, EventArgs e)
{
lbluser.Text = Session["name"].ToString();
if (lbluser.Text == "myname")
Response.Redirect("admin.aspx");
else
{
Response.Redirect("user.aspx");
}
}
thanks