login.aspx.cs

this is the file to chat in web

using System;
using System.Data;
using System.Data.SqlClient; 
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class login : System.Web.UI.Page
{
    //define the local variables
    private string myConnectionString = ConfigurationManager.ConnectionStrings["msn_Data_ConnStr"].ConnectionString;
    protected System.Data.SqlClient.SqlConnection sqlConnection;
    protected System.Data.SqlClient.SqlCommand sqlCommand;
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    
    protected override void OnInit(EventArgs e)
    {
        InitializeComponent();
        base.OnInit(e);
    }
    private void InitializeComponent()
    {
        this.sqlConnection = new SqlConnection(myConnectionString);
        this.sqlCommand = new System.Data.SqlClient.SqlCommand();
        // 
        // sqlCommand
        // 
        this.sqlCommand.CommandText = "dbo.[UserLogin]";
        this.sqlCommand.CommandType = System.Data.CommandType.StoredProcedure;
        this.sqlCommand.Connection = this.sqlConnection;

        //
        this.sqlCommand.Parameters.Add(new System.Data.SqlClient.SqlParameter("@RETURN_VALUE", 
            System.Data.SqlDbType.Int, 
            4, 
            System.Data.ParameterDirection.ReturnValue, 
            false, 
            ((System.Byte)(0)), 
            ((System.Byte)(0)), 
            "", 
            System.Data.DataRowVersion.Current, 
            null)
            );

        this.sqlCommand.Parameters.Add(new System.Data.SqlClient.SqlParameter("@username", System.Data.SqlDbType.VarChar, 50));
        this.sqlCommand.Parameters.Add(new System.Data.SqlClient.SqlParameter("@password", System.Data.SqlDbType.VarChar, 50));
        this.sqlCommand.Parameters.Add(new System.Data.SqlClient.SqlParameter("@status", System.Data.SqlDbType.Int, 4));
    }

    protected void btnLogin_Click(object sender, EventArgs e)
    {
        //return value
        int iRet = -1;

        // the user name
        sqlCommand.Parameters["@username"].Value = tbUsername.Text;

        //password
        sqlCommand.Parameters["@password"].Value = tbPassword.Text;

        //the login status
        sqlCommand.Parameters["@status"].Value = Convert.ToInt32(ddlStatus.SelectedValue);

        try
        {
            //open the database connection
            sqlConnection.Open();

            // execute the stored procedure UserLogin
            sqlCommand.ExecuteNonQuery();

            //return the value
            iRet = Convert.ToInt32(sqlCommand.Parameters["@RETURN_VALUE"].Value);
        }
        catch (SqlException)
        {
            Response.Write("<script>alert('Here,in SqlException');</script>");//merely for debugging aim
        }
        finally
        {
            sqlConnection.Close();
        }

        if (iRet == 0) //login sucessfully
        {
            FormsAuthentication.RedirectFromLoginPage(tbUsername.Text, false);
            Response.Redirect("Main.aspx");
        }
        if (iRet == 2) //if a new user, then we also see the login sucessful
        {
            FormsAuthentication.RedirectFromLoginPage(tbUsername.Text, false);
            Response.Redirect("Main.aspx");
        }
        else // fail in logining
        {
            lblMessage.Text = "iRet =" + iRet.ToString()+"The login failed, please check out your password!";
        }
    }
}