protected void btnSubmit_Click(object sender, EventArgs e) { SqlDataReader sdrDatanew = null; //Read rows one by one. string strnew; string connectionString = WebConfigurationManager.ConnectionStrings["Gen_LicConnectionString"].ConnectionString; //Define new connectionstring SqlConnection connew = new SqlConnection(connectionString); //establishes a new sql connection connew.Open(); //Opens Connection strnew = "select User_Type from User_Details where User_Type='" + ddlUserSel.SelectedItem.Value + "' AND LoginID = '" + txtUserName.Text + "' AND Password = '" + txtPassword.Text + "'"; SqlCommand sqlCommnew = new SqlCommand(strnew, connew); //passes the command and connection sdrDatanew = sqlCommnew.ExecuteReader(); //For select command int userType = 0; if (sdrDatanew.HasRows) { if (sdrDatanew.Read()) { userType = Convert.ToInt32(sdrDatanew["User_Type"].ToString()); } } switch (userType) { case 0: Response.Redirect("Lic_Gen.aspx"); break; case 1: Response.Redirect("Cust_Page.aspx"); break; default: lblDisp.Text= "Invalid User/Password"; break; } connew.Close(); }
select User_Type from User_Details where LoginID = '" + txtUserName.Text + "' AND Password = '" + txtPassword.Text + "'"
userType=0
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)