c# - How to access only for admin to login the page? -
i want staff role a (a=administrator) in staff table can access administrator module. want mary tan can access login while rest of staff cannot access.
here output:
database:
here's code:
sqlconnection conn = null; sqlcommand cmd = null; string connectionstring = null; string staffname = null; protected void page_load(object sender, eventargs e) { } public bool checkvaliduser(string username, string password) { bool valid = false; sqldatareader dr = null; connectionstring = configurationmanager.connectionstrings["leavemanagementcs"].connectionstring; string sql = "select * staff username=@username , password=@pwd"; try { conn = new sqlconnection(connectionstring); cmd = new sqlcommand(sql, conn); cmd.parameters.addwithvalue("@username", username); cmd.parameters.addwithvalue("@pwd", password); conn.open(); dr = cmd.executereader(); if (dr.read()) { staffname = dr["staffname"].tostring(); valid = true; } else { lbloutput.text = "there error logging in. please check username or password."; } dr.close(); } catch (exception ex) { lbloutput.text = "error message: " + ex.message; } { if (conn != null) conn.close(); } return valid; } protected void tblogin_click(object sender, eventargs e) { bool validuser = checkvaliduser(tbusername.text, tbpassword.text); if (validuser) { session["staffname"] = staffname; formsauthentication.setauthcookie(staffname, false); formsauthentication.redirectfromloginpage(staffname, false); } else { lbloutput.text = "invalid user. please try again."; } }
change sql query this:
string sql = "select * staff username=@username , password=@pwd , role=n'a';
Comments
Post a Comment