2 Replies - 1084 Views - Last Post: 27 January 2015 - 03:59 AM Rate Topic: -----

#1 scropiogurl   User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 5
  • Joined: 21-November 13

login page not redirect to reports page in asp.net mysql

Posted 04 October 2014 - 01:58 AM

i try to login with usertype and redirect to their pages e.g admin redirect to reports page and public user redirect to gallery..

when i try to login from admin username and password then nothing happened.. when click on login button page redirect login page and not redirect to reports page where as i want when admin login then they redirect to reports page

whereas when i login with public user name and password it redirect to gallery pages ..

here is the code

 protected void Button1_Click1(object sender, EventArgs e)
 {
      name = TextBox1.Text.Trim();
      pwd = TextBox2.Text.Trim();
      conn.Open();
      MySqlCommand cmd = new MySqlCommand("select ln.UName, ln.UPasword, ut.UserType_ID from login ln, UserType ut where ln.UName = '" 
              + name + "' and ln.UPasword = '" + pwd 
              + "' and ln.UserType_ID = ut.UserType_ID");
      cmd.Connection = conn;
      MySqlDataReader dr = cmd.ExecuteReader();
      if ( dr.HasRows )
      {
         dr.Read( );
         Session[ " UName" ] = dr[ 0 ].ToString( );
         Session[ " UPasword" ] = dr[ 1 ].ToString( );
         Session[ "UserType_ID" ] = dr[ 2 ].ToString( );
      }    
      if (dr[2].ToString() == "1")
      {
           Response.Redirect( "View_Reports.aspx" );
      }
      else
      {
         Response.Redirect( "gallery.aspx" );
      }

      dr.Close();
      conn.Close();
  }


any help please?

Is This A Good Question/Topic? 0
  • +

Replies To: login page not redirect to reports page in asp.net mysql

#2 zeeshanef   User is offline

  • D.I.C Head

Reputation: 18
  • View blog
  • Posts: 77
  • Joined: 14-April 12

Re: login page not redirect to reports page in asp.net mysql

Posted 12 October 2014 - 05:14 AM

Put this following: in if (dr.HasRows)

if (dr.HasRows)
{
   
     while(dr.Read())
      {
        Session["UName"] = dr[0].ToString();
        Session["UPasword"] = dr[1].ToString();
        Session["UserType_ID"] = dr[2].ToString();
      }
     if (dr[2].ToString() == "1")
     {
          Response.Redirect("View_Reports.aspx");
     }
     else
     {
        Response.Redirect( "gallery.aspx" );
     }
}

This post has been edited by zeeshanef: 12 October 2014 - 05:37 AM

Was This Post Helpful? 0
  • +
  • -

#3 November-06   User is offline

  • D.I.C Regular

Reputation: 53
  • View blog
  • Posts: 482
  • Joined: 04-January 11

Re: login page not redirect to reports page in asp.net mysql

Posted 27 January 2015 - 03:59 AM

Try zeeshanef's suggestion to use while (dr.Read()) { }.

Also, a few things to take note...

* The way you are passing username and password in the SqlCommand is very vulnerable to SQL Injection. Your site is vulnerable to attacks from hackers.

* Why would you need to store the password in a Session?

* In your code, dr.Close() and conn.Close() will never get executed because it will redirect to another page before you can close the connection.

You should consider refactoring this code.

This post has been edited by November-06: 27 January 2015 - 04:01 AM

Was This Post Helpful? 0
  • +
  • -

Page 1 of 1