string strConnection
= ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
string strSelect
= "SELECT COUNT(*) FROM Users WHERE Username = @Username AND Password
= @Password";
SqlConnection
con = new SqlConnection(strConnection);
SqlCommand
cmd = new SqlCommand();
cmd.Connection
= con;
cmd.CommandType
= CommandType.Text;
cmd.CommandText
= strSelect;
SqlParameter
username = new SqlParameter("@Username", SqlDbType.VarChar,
50);
username.Value
= txtUserName.Text.Trim().ToString();
cmd.Parameters.Add(username);
SqlParameter
password = new SqlParameter("@Password", SqlDbType.VarChar,
50);
password.Value
= txtPassword.Text.Trim().ToString();
cmd.Parameters.Add(password);
con.Open();
int
result = (Int32)cmd.ExecuteScalar();
con.Close();
if (result
>= 1)
Response.Redirect("Default.aspx");
else
lblMsg.Text
= "Incorrect Username or Password";
0 comments:
Post a Comment