locked
login based on 2 conditions RRS feed

  • Question

  • User-1029010542 posted

    I need to let the user access the secired page if 2 conditions are met , if the passwordis correct and if he already confirmed his email , the code i wrote is still making the user access the secured page even if the user didnt confirmed his mail . any help ????

     

    below is the code :

     

     conlog.Open();
            cmdlogin = new SqlCommand("SELECT password_ ,FirstName,UserName,userid,email,confirmed from users where UserName = '" + loginname.Text + "'", conlog);
            reader = cmdlogin.ExecuteReader();
    
            if (!reader.Read())
            {
    
                Response.Redirect("LoginPage.aspx");
    
            }
            else
            {
                if (reader[0].ToString() == password.Text)
                {
                    if (reader[5].ToString() == "True")
                    {
    
    
    
                        Session["naf"] = (int)reader["userid"];
                        Session["FN"] = (string)reader["FirstName"];
                        Session["Password"] = (string)reader["password_"];
                        Session["UserName"] = (string)reader["UserName"];
                        Session["email"] = (string)reader["email"];
    
                        Session["IsAuthenticated"] = true;
    
                        Response.Redirect("DefaultR.aspx", true);
    
                    }
                    else
    
                        Response.Redirect("LoginPage.aspx");
                    LabelnoConfirmation.Text = "you have'nt confirmed your Email Yet";
                }
                conlog.Close();
            }
    

    Wednesday, December 12, 2012 5:40 AM

Answers

  • User1999579388 posted

    Hi,

    Your code looks fine, please check the confirmed column default value when the user didnt confirmed his mail. If your default value is "True", it will go to encured page no metter the user has confirmed his mail or not. You could add "Response.Write(reader[5].ToString());" to check its value.

    Best Wishes,

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, December 13, 2012 11:40 PM

All replies

  • User-1413002454 posted
     conlog.Open();
            cmdlogin = new SqlCommand("SELECT password_ ,FirstName,UserName,userid,email,confirmed from users where UserName = '" + loginname.Text + "'", conlog);
            reader = cmdlogin.ExecuteReader();
     
            int isValidUser = 0;
            int isMailConfirmed = 0;
    
    
            if (reader.Read())
           // {
     
            //    Response.Redirect("LoginPage.aspx");
     
            //}
            //else
            {
                if (reader[0].ToString() == password.Text)
                {
                    if (reader[5].ToString() == "True")
                    {
     
     
     
                        Session["naf"] = (int)reader["userid"];
                        Session["FN"] = (string)reader["FirstName"];
                        Session["Password"] = (string)reader["password_"];
                        Session["UserName"] = (string)reader["UserName"];
                        Session["email"] = (string)reader["email"];
     
                        Session["IsAuthenticated"] = true;
     
                        // Response.Redirect("DefaultR.aspx", true);
    
                        isValidUser = 1;
                        isMailConfirmed = 1;
                    }
                    //else
     
                    //    Response.Redirect("LoginPage.aspx");
                        LabelnoConfirmation.Text = "you have'nt confirmed your Email Yet";
                }
                conlog.Close();
            }
    
    
    if isValidUser=1
    {
        Response.Redirect("DefaultR.aspx", true);
    }else
    {
        if isMailConfirmed
            LabelnoConfirmation.Text = "you have'nt confirmed your Email Yet";
        else
            Response.Redirect("LoginPage.aspx");
    }
    


     

     

    I actually can't find a value of displaying a label after redirecting the page, it will never be displayed!

    Wednesday, December 12, 2012 6:16 AM
  • User1999579388 posted

    Hi,

    Your code looks fine, please check the confirmed column default value when the user didnt confirmed his mail. If your default value is "True", it will go to encured page no metter the user has confirmed his mail or not. You could add "Response.Write(reader[5].ToString());" to check its value.

    Best Wishes,

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, December 13, 2012 11:40 PM
  • User-126879547 posted

    Hai

    Your code is looking good but Just change  this  line

    if (reader["password_"].ToString() == password.Text)
               
    {
    if (reader["confirmed "].ToString() == "True")
    
    {
    //code here
    }
    Thursday, December 13, 2012 11:53 PM