Samsam Samsam - 21 days ago 6
SQL Question

Login control to redirect to different pages depending on the query executed

I have two queries.. what I want to do is if the login control finds the username and password in 1st query table redirect it to seller page.. If it finds the un and pw in 2nd query table then redirect it to the dealer page. How can I do that? Coz it only checks the first query.

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
var conString = ConfigurationManager.ConnectionStrings["CONSTRING"].ConnectionString;
SqlConnection con = new SqlConnection(conString);
string user = Login1.UserName;
string pass = Login1.Password;
con.Open();
SqlCommand cmd1 = new SqlCommand("select username, password, status from login where username = '" + user + "' and password = '" + pass + "' and status = 1", con);
string CurrentName;
CurrentName = (string)cmd1.ExecuteScalar();
if (CurrentName != null)
{

Session.Timeout = 1;
Session["un"] = Login1.UserName;
Response.Redirect("sellerlogin.aspx?un=" + Login1.UserName);

}
SqlCommand cmd2 = new SqlCommand("select username, password, status from dealer where username = '" + user + "' and password = '" + pass + "' ", con);

string CurrentNam;
CurrentNam = (string)cmd2.ExecuteScalar();
if (CurrentNam != null)
{
Session.Timeout = 1;
Response.Redirect("dealerlogin.aspx?un="+ Login1.UserName);
}

Answer

Try using:

Response.End();
return;

With your code:

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
    var conString = ConfigurationManager.ConnectionStrings["CONSTRING"].ConnectionString;
    SqlConnection con = new SqlConnection(conString);
    string user = Login1.UserName;
    string pass = Login1.Password;
    con.Open();
    SqlCommand cmd1 = new SqlCommand("select username, password, status from login where username = '" + user + "' and password = '" + pass + "' and status = 1", con);
    string CurrentName;
    CurrentName = (string)cmd1.ExecuteScalar();
    if (CurrentName != null)
    {

        Session.Timeout = 1;
        Session["un"] = Login1.UserName;
        Response.Redirect("sellerlogin.aspx?un=" + Login1.UserName);
        Response.End();
        return;
    }
    SqlCommand cmd2 = new SqlCommand("select username, password, status from dealer where username = '" + user + "' and password = '" + pass + "' ", con);

    string CurrentNam;
    CurrentNam = (string)cmd2.ExecuteScalar();
    if (CurrentNam != null)
    {
        Session.Timeout = 1;
        Response.Redirect("dealerlogin.aspx?un="+ Login1.UserName);
        Response.End();
        return;
    }