c# - page load on validate user -
i want ask how load page using validate user using request string. have code below:
protected void page_load(object sender, eventargs e) { string validateuser = request.querystring["inisial"]; if (validateuser != null) { response.redirect("home.aspx"); } string x = request.querystring["ind"]; if (validateuser != null) { response.redirect("home.aspx"); } } protected void validateuser(object sender, eventargs e) { int userid = 0; string constr = configurationmanager.connectionstrings["dbconn"].connectionstring; using (sqlconnection con = new sqlconnection(constr)) { using (sqlcommand cmd = new sqlcommand("validate_user")) { cmd.commandtype = commandtype.storedprocedure; cmd.parameters.addwithvalue("@username", request.querystring["inisial"]); cmd.parameters.addwithvalue("@password", request.querystring["ind"]); cmd.connection = con; con.open(); userid = convert.toint32(cmd.executescalar()); con.close(); } switch (userid) { case -1: login1.failuretext = "username and/or password incorrect."; break; case -2: login1.failuretext = "account has not been activated."; break; default: formsauthentication.redirectfromloginpage(login1.username, login1.remembermeset); break; } } } i tried login system using request string change username , password url:
http://default.aspx?id_sistem=24&inisial=gdm&ind=7/17/2004 4:50:40 pm example : username = (gdm), password = (7/17/2004 4:50:40)
please correct me if i'm wrong thanks
i don't think should use query string in url username , password, suggest creating method user authenticated , set session variable stores bool whether user authenticated or not.
protected void page_load(object sender, eventargs e) { if (session["authenticated"] != null) { bool authenticated = convert.toboolean(session["authenticated"]); if (!authenticated) { response.redirect("~/home.aspx"); } } }
Comments
Post a Comment