Hi,
you are authenticating the user in the below code. then why you are authenticating one more in the web.config.
need more details.
protected void btnLogin_Click(object sender, EventArgs e)
{
string constr = ConfigurationManager.ConnectionStrings["ConStr"].ToString();
SqlConnection con = new SqlConnection(constr);
con.Open();
SqlCommand cmd = new SqlCommand("Usp_CheckLogin", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@userid", txtUserID.Text);
cmd.Parameters.AddWithValue("@password", txtPassword.Text);
cmd.Parameters.AddWithValue("@role", DDRole12.SelectedValue);
SqlDataReader sdr = cmd.ExecuteReader();
if (sdr.Read())
{
if (DDRole12==User)
{
Response.Redirect("EmployeeProfile.aspx?empid=" + txtUserID.Text);
}
else if (DDRole12!=User)
{
Response.Redirect("EmployeeView.aspx?empid=" + txtUserID.Text);
}
else
{
Response.Write("Your Login Unsuccessful");
}
sdr.Close();
con.Close();
}
}
|