อันนี้เป็นโค้ด VB นะค่ะ ลองเอาไปแปลงเป็น ASP.NET ดูนะค่ะ Code (VB.NET)
Public Sub Login()
Me.ConnectDB() 'คอนเนคไปที่ฐานข้อมูล
Try
Dim sb As New StringBuilder
sb.Append("SELECT * From Login WHERE UserName ='" & TextBox1.Text & "'")
sb.Append("AND Password ='" & TextBox2.Text & "'")
Dim sqlCheck As String
sqlCheck = sb.ToString()
With com
.CommandText = sqlCheck
.CommandType = CommandType.Text
.Connection = Conn
dr = .ExecuteReader()
If dr.HasRows Then
With dr.Read
With Payroll 'หน้า Form ที่จะเข้า
Select Case strUserLoginAuth
Case "Admin" 'สิทการใช้งาน
Payroll.tsmUser.Enabled = True
.Top = 50
.Left = 0
.Show()
Case "User"
Payroll.tsmUser.Enabled = False
.Top = 50
.Left = 0
.Show()
End Select
End With
Me.Hide()
Exit Try
Exit Sub
End With
Else
MsgBox("ไม่มีข้อมูลพนักงานท่านนี้อยู่ในระบบ กรุณาตรวจสอบข้อมูลอีกรอบ", MsgBoxStyle.OkOnly + MsgBoxStyle.Exclamation, "ระบบ")
End If
End With
dr.Close()
Catch ex As Exception
MsgBox(ex.Message, MsgBoxStyle.Critical, "Error โชว์ข้อมูล")
Exit Try
Exit Sub
End Try
End Sub
Dim strConn As String
strConn = WebConfigurationManager.ConnectionStrings("con").ConnectionString()
conn.ConnectionString = strConn
conn.Open()
Dim dataset1 As New DataSet
Dim sql As String
sql = "SELECT * FROM DataUser WHERE Username = '" & txtUsername.Text & "' AND Password = '" & txtPassword.Text & "'"
da = New SqlDataAdapter(sql, conn)
da.Fill(dataset1)
For Each Row As DataRow In dataset1.Tables(0).Rows
Dim per As Integer = Row.Item(6)
If per = "01" Then
Response.Redirect("TestForm.aspx")
End If
If per = "02" Then
Response.Redirect("testInsert.aspx")
End If
Next