how to authenticate web form in asp.net using C#

Dec 18 2009 3:59 AM

 

protected void btnlogin_Click(object sender, EventArgs e)
{
if (txtid.Text == "" || txtpswd.Text == "")
{
Response.Write(
"<script>alert('Enter Id & Password')</script>");
}
else
{
string strname = txtid.Text;
string strpswd = txtpswd.Text;
OdbcConnection con = new OdbcConnection("DRIVER={MySQL ODBC 3.51 Driver};SERVER=localhost;DATABASE=hdesk;uid=root;password=pssone;");
con.Open();
OdbcCommand cmd = new OdbcCommand("select count(e_uid) from emp_mast where e_uid = '" + strname + "' and e_pswd = '" + strpswd + "' and e_accept = 'Y'", con);
OdbcCommand cmd1 = new OdbcCommand("select e_uid from emp_mast where e_uid = '" + strname + "'", con);
if (Convert.ToInt32(cmd.ExecuteScalar().ToString()) > 0)
{
string uid = cmd1.ExecuteScalar().ToString();
if (uid == "admin")
{
Session.Add(
"muser", txtid.Text);
Response.Redirect(
"AdminApproval.aspx");
}
else
{
Session.Add(
"muser", txtid.Text);
Response.Redirect(
"UserHome.aspx");
clearlist();
}
}
else
{
Response.Write(
"<script>alert('Invalid user Id & Password')</script>");
clearlist();
}
}
}

i written above code for login to userhome.aspx page.
when it is redirected  userhome.aspx page i written below code for logout
 

protected void btnsout_Click(object sender, EventArgs e)
{
Session.Clear();
Response.Redirect(
"Default.aspx");
}
when i click signout from userhome.aspx it will redirected to loginpage. if i copy the the address box string like
http://localhost:1446/t%20work/hdesk/UserHome.aspx
it will again redirects to userhome.aspx without propting username and password even thouigh i cleared sesssion.
please help me to overcome from this problem.
 

Answers (2)