Member Avatar for nanba

Hi guys

I need help in creating login page for my web application.
There are two users who will login to the system: Admin and User

in my database I have UserID, Password and Type

for column Type i have 'Administrator' and 'Users'

This is what i'm doing, but it keep redirect to the User.aspx regardless i.m entering id and password for Administrator or Users..
i don't know how to do it.. anyone can help??

protected void Button1_Click(object sender, EventArgs e)
 {
        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["UserConnectionString"].ConnectionString);
        con.Open();
        string cmdStr = "Select count(*) from [User] where UserID = '" + TextBox1.Text + "'";
        SqlCommand CheckUser = new SqlCommand(cmdStr, con);
        int temp = Convert.ToInt32(CheckUser.ExecuteScalar().ToString());

        if (temp == 1)
        {

    string cmdStr2 = "select Type from [User] where UserID='"+TextBox1.Text+"' AND Password = '"+TextBox2.Text+"'";
    SqlCommand cmd = new SqlCommand(cmdStr2, con);

    Object TypeUser = cmd.ExecuteScalar();
    con.Close();
    if(TypeUser != null)
    {
    Label1.Visible = false;
    Label1.Text = "";
    if(TypeUser.ToString() == "Administrator")
    Response.Redirect("Admin.aspx");
    else
    Response.Redirect("User.aspx");
    }
    else
    {
    Label1.Visible = true;
    Label1.Text = "Invalid Credentials Entered, Try again";
    }
  • 3 Contributors
  • 6 Replies
  • 175 Views
  • 3 Days Discussion Span
  • Latest Post Latest Post by hirenpatel53
Member Avatar for Momerath

In line 15 you create an object of type Object to hold the returned value from your sql statement. In Line 21 you call ToString(). Since it is of type Object, the value of ToString() will always be "System.Object". This doesn't match "Administrator" so you get the default User.aspx.

If your SQL statement is returning a string, store it in a String, not an Object.

Member Avatar for nanba

thanks for your reply..
i changed my code

string TypeUser = cmd.ExecuteScalar().ToString();

but i still get the same result..

Member Avatar for Momerath

Again, ExecuteScalar returns an System.Object. If you call ToString() on it, you'll get "System.Object" as the result. You need to cast the result into a string
String typeUser = (String)cmd.ExecuteScalar();

Edited by Momerath
Member Avatar for nanba

still got the same result
did i miss something..
sorry i'm really bad in coding

Member Avatar for Momerath

Have your run the code using the debugger? Highlight the line if(TypeUser != null) and press the F9 key. This will place a breakpoint on this line. Now press F5. Your code will run until it hits the breakpoint, then it will stop. On the bottom of the IDE you'll see a tab labeled 'locals'. Click on it and look for 'TypeUser' in the list. Expand it and see what the value you are getting. If you don't understand the issue then, come back here and post what you found.

Member Avatar for hirenpatel53

you need to debug the code and you will easily got what u did wrong

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.