using System; using System.Collections; using System.Configuration; using System.Data; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.HtmlControls; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Data.SqlClient; public partial class _Default : System.Web.UI.Page { SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["CMSConnectionString"].ToString()); protected void Page_Load(object sender, EventArgs e) { } protected void btnlogin_Click(object sender, EventArgs e) { if (txtuser.Text == "") { lblerror.Text = "من فضلك أدخل إسـم المستخدم"; return; } if (txtpass.Text == "") { lblerror.Text = "من فضلك أدخل كلمة المرور"; return; } SqlCommand cmd = new SqlCommand("SELECT Users.Code, Permit.Admin, Permit.Report, Permit.dawa,Users.NameD,Permit.Edit,Permit.AddNew,Permit.P_Delete,Permit.P_Order FROM Users INNER JOIN Permit ON Users.Code = Permit.Code WHERE (Users.User_name = N'" + txtuser.Text + "') AND (Users.PassWord = N'" + txtpass.Text + "')", con); if (con.State == ConnectionState.Closed) con.Open(); SqlDataReader dr = cmd.ExecuteReader(); dr.Read(); if (dr.HasRows) { Session["admin"] = dr[1].ToString(); Session["User"] = dr[0].ToString(); Session["dawa"] = dr[3].ToString(); Session["Rep"] = dr[2].ToString(); Session["Edit"] = dr[5].ToString(); Session["AddNew"] = dr[6].ToString(); Session["P_Delete"] = dr[7].ToString(); Session["P_Order"] = dr[8].ToString(); Session["NameD"] = dr[4].ToString(); Response.Redirect("Home.aspx"); } else lblerror.Text = "كلمة المرور أو اسم المستخدم خطأ"; //if ((txtuser.Text == "admin") && (txtpass.Text == "m123")) //{ // Session["login"] = "Login"; // Response.Redirect("Excel2Sql.aspx"); //} //else // lblerror.Text = "كلمة المرور أو اسم المستخدم خطأ"; } }