Hi,
I am trying to create a user login that will allow three different types of users to login...basically an admin, a student and a co-ordiantor.
At the moment i have any registered user logging in and being sent to the admin.aspx page, i am not entirely how to differentiate between the 3 different user types so as to send them to their own.
Here is the code as it stands in the login page c# page....
protected void ValidateUserInfo(string user, string pass)
{
//to establish data base connection
//put your your values for data source,initial_catalog,user_id etc
SqlConnection connection = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\StudentMonitor.mdf;Integrated Security=True;User Instance=True");
string sql = "SELECT * FROM tblUserType, tblUser, tblUserRoll WHERE username = @username AND password = @password";
SqlCommand cmd = new SqlCommand(sql, connection);
cmd.Parameters.AddWithValue("@username", user);
cmd.Parameters.AddWithValue("@password", pass);
connection.Open();
SqlDataAdapter ad = new SqlDataAdapter(cmd);
DataSet dt = new DataSet();
ad.Fill(dt);
if (dt.Tables[0].Rows.Count > 0)
{ //check if the query returns any data
//Valid Username and Password
Response.Redirect("Admin.aspx");
}
else
{
Response.Write("INVALID Username and Password, Try Again!");
}
connection.Close();
}
any advice, help or pointers would be greatly appreciated as I am only learning much of this as I encounter it....