Using session for login, after redirect, the masterpage code doesn't work out. if user role is Customer, i want admin linkbutton visible = false, but it still show up
this my login code
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.Sql;
using System.Data.SqlClient;
using System.Configuration;
using System.Drawing;
namespace incup
{
public partial class Login : System.Web.UI.Page
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["inCupConnectionString"].ConnectionString);
DataSet DS = new DataSet();
DataTable DT = new DataTable();
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string hakAkses;
string sql;
sql = "SELECT * FROM RegisterLog WHERE [E-mail] = '" + txtLEmail.Text + "' AND " + "Password = '" + txtLPass.Text + "'";
SqlCommand CMD = new SqlCommand(sql, conn);
SqlDataAdapter DA = new SqlDataAdapter(CMD);
DS.Clear();
DA.Fill(DS);
DT = DS.Tables[0];
if (DT.Rows.Count > 0)
{
hakAkses = DT.Rows[0]["UserRole"].ToString();
Session["MyUser"] = txtLEmail.Text;
Session["HakAkses"] = hakAkses;
UpdateLogin();
Response.Redirect("Home.aspx");
}
else
{
txtLEmail.Text = "";
string message = "E-mail or Password is incorrect!";
System.Text.StringBuilder sb = new System.Text.StringBuilder();
sb.Append("<script type = 'text/javascript'>");
sb.Append("window.onload=function(){");
sb.Append("alert('");
sb.Append(message);
sb.Append("')};");
sb.Append("</script>");
ClientScript.RegisterClientScriptBlock(this.GetType(), "alert", sb.ToString());
}
}
void UpdateLogin()
{
string sql;
sql = "UPDATE RegisterLog SET status = 'TRUE' WHERE [E-mail] = '" + txtLEmail.Text + "'";
SqlCommand cmdSTATUS = new SqlCommand(sql, conn);
conn.Open();
cmdSTATUS.ExecuteNonQuery();
conn.Close();
}
}
}and this is home.aspx 's masterpage code
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.Sql;
using System.Data.SqlClient;
using System.Configuration;
namespace incup
{
public partial class SiteALogin : System.Web.UI.MasterPage
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["inCupConnectionString"].ConnectionString);
protected void Page_Load(object sender, EventArgs e)
{
if (Session["MyUser"] != null)
{
lblEmail.Text = Session["MyUser"].ToString();
lblLevel.Text = Session["HakAkses"].ToString();
if (lblLevel.Text == "Admin")
{
lbAdminArea.Visible = true;
lbMyAcc.Visible = false;
lbOUT.Visible = false;
}
else if (lblLevel.Text == "Customer")
{
lbAdminArea.Visible = false;
lbMyAcc.Visible = true;
lbOUT.Visible = false;
}
}
else
{
Response.Redirect("SignIn.aspx");
}
}
protected void lbOUT_Click(object sender, EventArgs e)
{
Session.RemoveAll();
UpdateLogout();
Response.Redirect("SignIn.aspx");
}
private void UpdateLogout()
{
string sqlLogout;
sqlLogout = "UPDATE RegisterLog SET status = 'FALSE' WHERE [E-mail] = '" + lblEmail.Text + "'";
SqlCommand cmdLogout = new SqlCommand(sqlLogout, conn);
conn.Open();
cmdLogout.ExecuteNonQuery();
conn.Close();
}
}
}Please help. why lbAdminArea still show up when i login using customer account. thanks masters :D