Hi,

I am trying to create a user login that will allow three different types of users to login...basically an admin, a student and a co-ordiantor.
At the moment i have any registered user logging in and being sent to the admin.aspx page, i am not entirely how to differentiate between the 3 different user types so as to send them to their own.
Here is the code as it stands in the login page c# page....

protected void ValidateUserInfo(string user, string pass)
{
//to establish data base connection
//put your your values for data source,initial_catalog,user_id etc
SqlConnection connection = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\StudentMonitor.mdf;Integrated Security=True;User Instance=True");
string sql = "SELECT * FROM tblUserType, tblUser, tblUserRoll WHERE username = @username AND password = @password";
SqlCommand cmd = new SqlCommand(sql, connection);
cmd.Parameters.AddWithValue("@username", user);
cmd.Parameters.AddWithValue("@password", pass);
connection.Open();

SqlDataAdapter ad = new SqlDataAdapter(cmd);
DataSet dt = new DataSet();
ad.Fill(dt);

if (dt.Tables[0].Rows.Count > 0)
{ //check if the query returns any data
//Valid Username and Password
Response.Redirect("Admin.aspx");
}
else
{
Response.Write("INVALID Username and Password, Try Again!");
}

connection.Close();
}

any advice, help or pointers would be greatly appreciated as I am only learning much of this as I encounter it....

The only issue you will have is ensuring you can update the tables in your database using the logged-in user's identity (which is GUID based)

Otherwise the memebrship/roles will do nearly everything you need.

Be advised that the Membership data resides in your App_Data folder unless you specifically point to an external database - A few people I know have overwritten this membership data in a production environment when they FTP a new release of their web application with the local membership data

Thanks very much for the help guys, hopefully this will do the trick.

Dave :)