protected void Button1_Click(object sender, EventArgs e) { SqlConnection con = new SqlConnection("Data Source=jayraj-pc\\sqlexpress;Initial Catalog=Internship;Integrated Security=True;Pooling=False"); con.Open(); SqlCommand cmd = new SqlCommand("select * from Users where Username=@username and Password=@password", con); cmd.Parameters.AddWithValue("@username", uname.Text); cmd.Parameters.AddWithValue("@password", pwd.Text); SqlDataAdapter da = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); da.Fill(dt); if (dt.Rows.Count > 0) { Session["UserID"] = dt.Rows[0]["UserID"].ToString(); Session["FirstName"] = dt.Rows[0]["FirstName"].ToString(); Session["Username"] = uname.Text; Response.Redirect("StudentDashboard.aspx"); } else { ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username and Password')</script>"); } }
select * from Users where (Username=@username or Email=@email) and Password=@password
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)