When I login with user credentials, it continue even I select admin login type.. it should only continue when I select user login type.
Also when I login with admin credentials, it only shows the shwmssg error not redirecting to the dashboard. Please help me.
web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<connectionStrings>
<add name="cs"
connectionString="Data Source= DESKTOP-F0L019J\SQLEXPRESS; Initial Catalog = EmploAid; Integrated Security= True; TrustServerCertificate=True"
providerName="System.Data.SqlClient"/>
</connectionStrings>
<appSettings>
<add key="username" value="Admin" />
<add key="password" value="123" />
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2" />
</system.web>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+" />
</compilers>
</system.codedom>
</configuration>
Login.aspx:
<%@ Page Title="" Language="C#" MasterPageFile="~/User/UserMaster.Master" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="EmploAid.User.Login" %>
<asp:Content ID="Content1" ContentPlaceHolderID="head" runat="server">
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" runat="server">
<section>
<div class="container pt-50 pb-40">
<div class="row">
<div class="col-12 pb-20">
<asp:Label ID="lblMsg" runat="server" visible ="false"> </asp:Label>
</div>
<div class="col-12">
<h2 class="contact-title text-center">Log in To EmploAid</h2>
</div>
<div class="col-lg-6 mx-auto ">
<div class="form-contact contact_form">
<div class="row">
<div class="col-12">
<h6>
Login Information
</h6>
</div>
<div class="col-12">
<div class="form-group">
<label>
Username
</label>
<asp:TextBox ID="txtUserName" runat="server" CssClass="form-control" placeholder="Enter Desired Username" required ></asp:TextBox>
</div>
</div>
<div class="col-sm-6">
<div class="form-group">
<label>
Password
</label>
<asp:TextBox ID="txtPassword" runat="server" CssClass="form-control" placeholder="Enter Desired Password"
TextMode="Password" required ></asp:TextBox>
</div>
</div>
<div class="col-12">
<div class="form-group">
<label>
Login Type
</label>
<asp:DropDownList ID="ddlLoginType" runat="server" CssClass="form-control w-100" OnSelectedIndexChanged="ddlLoginType_SelectedIndexChanged"> <asp:ListItem Value="0"> Select Login Type </asp:ListItem>
<asp:ListItem> Admin </asp:ListItem>
<asp:ListItem> User </asp:ListItem>
</asp:DropDownList>
<asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" ErrorMessage="UserType is Required"
ForeColor="Red" Display="Dynamic" SetFocusOnError="true" Font-Size="Small" InitialValue="0" ControlToValidate="ddlLoginType" ></asp:RequiredFieldValidator>
</div>
</div>
</div>
<div class="form-group mt-3">
<asp:Button ID="btnLogin" runat="server" Text="Login" CssClass="button button-contactform boxed-btn mr-4 " OnClick="btnLogin_Click" />
<span class="c1ickLink">
<a href="../User/Register.aspx">Want to Register? Click Here...</a>
</span>
</div>
</div>
</div>
</div>
</div>
</section>
</asp:Content>
login.aspx.cs:
using System;
using System.Configuration;
using System.Data.SqlClient;
using System.Web.UI;
namespace EmploAid.User
{
public partial class Login : System.Web.UI.Page
{
SqlConnection con;
SqlCommand cmd;
SqlDataReader sdr;
string str = ConfigurationManager.ConnectionStrings["cs"].ConnectionString;
string username, password = string.Empty;
protected void btnLogin_Click(object sender, EventArgs e)
{
try
{
if (ddlLoginType.SelectedValue == "Admin")
{
username = ConfigurationManager.AppSettings["username"];
password = ConfigurationManager.AppSettings["password"];
if (username == txtUserName.Text.Trim() && password == txtPassword.Text.Trim())
{
Session["admin"] = username;
Response.Redirect("../Admin/Dashboard.aspx", false);
}
else
{
showErrorMsg("Admin");
}
}
else
{
con = new SqlConnection(str);
string query = @"Select * from [User] where Username = @Username and Password = @Password";
cmd = new SqlCommand(query, con);
cmd.Parameters.AddWithValue("@Username", txtUserName.Text.Trim());
cmd.Parameters.AddWithValue("@Password", txtPassword.Text.Trim());
con.Open();
sdr = cmd.ExecuteReader();
if (sdr.Read())
{
Session["user"] = sdr["Username"].ToString();
Session["userID"] = sdr["userID"].ToString();
Response.Redirect("Default.aspx", false);
}
else
{
showErrorMsg("User");
}
con.Close();
}
}
catch (Exception ex)
{
Response.Write("<script>alert('" + ex.Message + "');</script>");
con.Close();
}
}
private void showErrorMsg(string userType)
{
lblMsg.Visible = true;
lblMsg.Text = "<b>" + userType + "</b> Credentials Are Incorrect. ";
lblMsg.CssClass = "alert alert-danger";
}
}
}
I tried typing Admin and 123 for username password because that's in my web.config, but nothing happens still
Change the line if if(ddlLoginType.SelectedValue == "Admin") with if if(ddlLoginType.SelectedValue.Trim() == "Admin"). Because ddlLoginType.SelectedValue is returning the value as " Admin " not "Admin".