Creating a Sign In Page

Creating a Sign In Page

This page is a simple sign in page. Admin and user users will use the same page to Sign in.

Please note that I did not create a column named Role. Instead I use the UserName to differentiate user and admin. If you wish you can also add a new column as "Role" and extend your table. So you can provide different roles to users depending on your project. Here are my table data for your understanding.

Table Data

Now we will come to the design. I have inserted a Login from Login Tool Box. You can create your own or you can use this available Tool.

Login

This is how it looks.

Login

Now I am manually going to write the code for "Log In" Button. So go to "convert to Template" and double click on the "Log In" Button. It will create the event for that button. "LoginButton_Click" event in the Code behind.

Convert to Template

So now we need check the users exist, user password is correct and status is "Enable". Here we go with the "RegisterUser" class with comments. This has all the codes related to the 3 pages.

Code Snippet - RegisterUser.cs

1. using System;
2. using System.Data;
3. using System.Configuration;
4. using System.Linq;
5. using System.Web;
6. using System.Web.Security;
7. using System.Web.UI;
8. using System.Web.UI.HtmlControls;
9. using System.Web.UI.WebControls;
10. using System.Web.UI.WebControls.WebParts;
11. using System.Xml.Linq;
12.  
13. using System.Data.SqlClient;
14.  
15. public class RegisterUser
16. {
17.  
18.     //----------------------METHODS USED IN REGISTER PAGE--------------------------
19.  
20.     // This is for inserting the user using Register Page
21.  
22.     public static int InsertUserData(string Name, string UserName, string Password, stringEmail)
23.     {
24.         int rowsAffected = 0;
25.  
26.         using (SqlConnection connection = ConnectionManager.GetDatabaseConnection())
27.         {
28.             SqlCommand command = new SqlCommand("insertUserData", connection);
29.             command.CommandType = CommandType.StoredProcedure;
30.  
31.             command.Parameters.Add("@FName", SqlDbType.VarChar).Value = Name;
32.             command.Parameters.Add("@UserName", SqlDbType.VarChar).Value = UserName;
33.             command.Parameters.Add("@Password", SqlDbType.VarChar).Value = Password;
34.             command.Parameters.Add("@Email", SqlDbType.VarChar).Value = Email;
35.  
36.  
37.             rowsAffected = command.ExecuteNonQuery();
38.         }
39.         return rowsAffected;
40.     }
41.  
42.     //This is used to check the UserNamve Availability in the RegisterPage
43.  
44.     public static DataSet IsUserNameExist(string UserName)
45.     {
46.         DataSet dataSet = new DataSet();
47.  
48.         using (SqlConnection connection = ConnectionManager.GetDatabaseConnection())
49.         {
50.  
51.             string sql = "SELECT UserName FROM UserData WHERE UserName = @UserName";
52.             SqlCommand command = new SqlCommand(sql, connection);
53.             command.Parameters.Add("@UserName", SqlDbType.VarChar).Value = UserName;
54.             command.CommandType = CommandType.Text;
55.  
56.             SqlDataAdapter dataAdapter = new SqlDataAdapter(command);
57.             dataAdapter.Fill(dataSet, "UserName");
58.  
59.         }
60.  
61.         return dataSet;
62.     }
63.  
64.     //----------------------METHODS USED IN ADMINISTRATOR PAGE--------------------------
65.     
66.     //This is used to update the status from Administrator Page
67.  
68.  
69.     public static DataSet UpdateStatus(string UserName,string Status)
70.     {
71.         DataSet dataSet = new DataSet();
72.  
73.         using (SqlConnection connection = ConnectionManager.GetDatabaseConnection())
74.         {
75.  
76.             string sql = "UPDATE UserData SET Status=@Status WHERE UserName=@UserName";
77.             SqlCommand command = new SqlCommand(sql, connection);
78.             command.Parameters.Add("@UserName", SqlDbType.VarChar).Value = UserName;
79.             command.Parameters.Add("@Status", SqlDbType.VarChar).Value = Status;
80.             command.CommandType = CommandType.Text;
81.  
82.             SqlDataAdapter dataAdapter = new SqlDataAdapter(command);
83.  
84.             dataAdapter.Fill(dataSet, "UserName");
85.         }
86.  
87.         return dataSet;
88.     }
89.  
90.  
91.     //----------------------METHODS USED IN LOGIN PAGE--------------------------
92.  
93.     //This is used to validate in the LoginPage to check whether user is Enable or Disable
94.  
95.     public static DataSet GetUserStatus(string UserName)
96.     {
97.         DataSet dataSet = new DataSet();
98.  
99.         using (SqlConnection connection = ConnectionManager.GetDatabaseConnection())
100.         {
101.  
102.             string sql = "SELECT Status FROM UserData WHERE UserName=@UserName";
103.             SqlCommand command = new SqlCommand(sql, connection);
104.             command.Parameters.Add("@UserName", SqlDbType.VarChar).Value = UserName;
105.             command.CommandType = CommandType.Text;
106.  
107.             SqlDataAdapter dataAdapter = new SqlDataAdapter(command);
108.             dataAdapter.Fill(dataSet, "Status");
109.         }
110.  
111.         return dataSet;
112.     }
113.  
114.     //This is used to validate in the LoginPage to get the User password
115.  
116.     public static DataSet GetUserID(string UserName)
117.     {
118.         DataSet dataSet = new DataSet();
119.  
120.         using (SqlConnection connection = ConnectionManager.GetDatabaseConnection())
121.         {
122.  
123.             string sql = "SELECT Password FROM UserData WHERE UserName=@UserName";
124.             SqlCommand command = new SqlCommand(sql, connection);
125.             command.Parameters.Add("@UserName", SqlDbType.VarChar).Value = UserName;
126.             command.CommandType = CommandType.Text;
127.  
128.             SqlDataAdapter dataAdapter = new SqlDataAdapter(command);
129.             dataAdapter.Fill(dataSet, "Password");
130.         }
131.  
132.         return dataSet;
133.     }
134. }

Next is the Code Behind.

Code Snippet - "LoginPage.aspx.cs"

1. using System;
2. using System.Collections;
3. using System.Configuration;
4. using System.Data;
5. using System.Linq;
6. using System.Web;
7. using System.Web.Security;
8. using System.Web.UI;
9. using System.Web.UI.HtmlControls;
10. using System.Web.UI.WebControls;
11. using System.Web.UI.WebControls.WebParts;
12. using System.Xml.Linq;
13.  
14. using System.Data.SqlClient;
15.  
16. public partial class LoginPage : System.Web.UI.Page
17. {
18.     protected void LoginButton_Click(object sender, EventArgs e)
19.     {
20.         string UserName = Login1.UserName;
21.         string Password = Login1.Password;
22.  
23.         string UserPw = null;
24.         string UserStatus = null;
25.  
26.  
27.         DataSet dataSet1 = RegisterUser.GetUserID(UserName);
28.         DataSet dataSet2 = RegisterUser.GetUserStatus(UserName);
29.  
30.  
31.         foreach (DataRow row in dataSet1.Tables["password"].Rows)
32.         {
33.             UserPw = string.Format("{0}", row["password"]);
34.         }
35.  
36.  
37.         foreach (DataRow row in dataSet2.Tables["Status"].Rows)
38.         {
39.             UserStatus = string.Format("{0}", row["Status"]);
40.         }
41.  
42.  
43.         if (UserName == "admin" && UserPw == Password && UserStatus == "Enable")
44.         {
45.             Session["user"] = UserName;
46.             Response.Redirect("AdministratorPage.aspx");
47.         }
48.  
49.         if (UserName != "admin" && UserPw == Password && UserStatus == "Enable")
50.         {
51.             Session["user"] = UserName;
52.             Response.Redirect("UserLoginPage.aspx");
53.  
54.         }
55.  
56.         else
57.         {
58.             Login1.FailureText = "Authentication Failed";
59.         }
60.  
61.     }
62. }

I have redirected the page to "Administrator.aspx" if he is an administrator.

For user I created a dummy page which will say "hi" to the user - "UserLoginPage.aspx".

Code Snippet - "UserLoginPage.aspx"

1. <%@ Page Language="C#" AutoEventWireup="true" CodeFile="UserLoginPage.aspx.cs"Inherits="UserLoginPage" %>
2.  
3. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
4.  
5. <html xmlns="http://www.w3.org/1999/xhtml">
6. <head runat="server">
7.     <title></title>
8. </head>
9. <body>
10.     <form id="form1" runat="server">
11.     <asp:Label ID="Label1" runat="server"></asp:Label>
12.     </form>
13. </body>
14. </html>

Code behind

Code Snippet - "UserLoginPage.aspx.cs"

1. using System;
2. using System.Collections.Generic;
3. using System.Linq;
4. using System.Web;
5. using System.Web.UI;
6. using System.Web.UI.WebControls;
7.  
8. public partial class UserLoginPage : System.Web.UI.Page
9. {
10.     protected void Page_Load(object sender, EventArgs e)
11.     {
12.  
13.         if (Session["user"] != null)
14.         {
15.  
16.             Label1.Text = "Welcome "+ Session["user"].ToString();
17.  
18.         }
19.         else
20.         {
21.             Response.Redirect("Login.aspx");
22.         }
23.  
24.     }
25. }

You can have a sign out button as I have explained in the "Administrator Control and Features" at the end of the tutorial.

Demonstration

Download Full Source Code including Database  (instructions for configuring).