protected void
btnlogin_Click(object sender, EventArgs e)
{
if (txtid.Text == "" || txtpswd.Text
== "")
{
Response.Write("<script>alert('Enter Id &
Password')</script>");
}
else
{
string strname = txtid.Text;
string strpswd = txtpswd.Text;
OdbcConnection con = new
OdbcConnection("DRIVER={MySQL ODBC 3.51
Driver};SERVER=localhost;DATABASE=hdesk;uid=root;password=pssone;");
con.Open();
OdbcCommand cmd = new OdbcCommand("select
count(e_uid) from emp_mast where e_uid = '" + strname
+ "' and e_pswd =
'" + strpswd + "' and e_accept = 'Y'", con);
OdbcCommand cmd1 = new OdbcCommand("select
e_uid from emp_mast where e_uid = '" + strname +
"'", con);
if (Convert.ToInt32(cmd.ExecuteScalar().ToString()) > 0)
{
string uid =
cmd1.ExecuteScalar().ToString();
if (uid == "admin")
{
Session.Add("muser", txtid.Text);
Response.Redirect("AdminApproval.aspx");
}
else
{
Session.Add("muser", txtid.Text);
Response.Redirect("UserHome.aspx");
clearlist();
}
}
else
{
Response.Write("<script>alert('Invalid user Id &
Password')</script>");
clearlist();
}
}
}
|