<script runat="server">
void Login_Click(Object sender, EventArgs E)
{
// authenticate user
if ( (username.Value == DS_managerLogin.FieldValue("username",null)) &&
(password.Value == DS_managerLogin.FieldValue("password",null)))
{
// The user has been authenticated as the website manager.
// Create and use the forms authentication ticket.
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
Request.Form["username"], // get the username from the form
DateTime.Now, // issue time
DateTime.Now.AddMinutes(30), // expires in 30 minutes
false, // not persistent
"manager"); // role assignments gets stored in the UserData
// Create the (encrypted) cookie.
HttpCookie cookie = new HttpCookie( FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket) );
// Add the cookie to the list for outbound response.
Response.Cookies.Add(cookie);
// Don't call the FormsAuthentication.RedirectFromLoginPage since it would
// replace the authentication ticket we just added.
String returnUrl;
if (Request.QueryString["ReturnURL"] == null)
{
returnUrl = "/manager/index.aspx";
}
else
{
returnUrl = Request.QueryString["ReturnURL"];
}
Response.Redirect(returnUrl);
}
else
{
Msg.Text = "Invalid Username or Password: Please try again";
}
}
</script> |