VERAG_Homepage/login/login_FLEX.aspx.vb

Imports System.Data.SqlClient
Imports System.Data

Partial Class login_login_TEST
    Inherits System.Web.UI.Page
    Dim CustomerIDTextBox As TextBox
    Protected Sub ValidateUser(sender As Object, e As EventArgs)
        Dim userId As Integer = 0
        ' cDBFunctions.GetNewOpenConnection()
        Dim ConnectionString = ""
        If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
            'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956"
            ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
        Else
            ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
            'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
        End If

        ' Dim constr As String = ConfigurationManager.ConnectionStrings("constr").ConnectionString
        Using con As New SqlConnection(ConnectionString)
            ' Using cmd As New SqlCommand("Validate_User")
            Using cmd As New SqlCommand("SELECT COUNT(*) FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username AND Password=@Password")
                ' cmd.CommandType = CommandType.StoredProcedure
                cmd.Parameters.AddWithValue("@Username", Login1.UserName)
                cmd.Parameters.AddWithValue("@Password", Login1.Password)
                cmd.Connection = con
                con.Open()
                ' userId = Convert.ToInt32(cmd.ExecuteScalar())
                Dim dr As SqlDataReader = cmd.ExecuteReader()
                If dr.HasRows Then
                    dr.Read()
                    'MsgBox(dr.Item(0).ToString())
                    Select Case dr.Item(0)
                        Case 0
                            Login1.FailureText = "Username and/or password is incorrect."
                            Exit Select
                        Case -2
                            Login1.FailureText = "Account has not been activated."
                            Exit Select
                        Case Else

                            Session.Add("test", Login1.UserName)
                            CustomerIDTextBox = Login1.FindControl("CustomerID")
                            Session.Add("CustomerID", CustomerIDTextBox.Text)

                            Session.Add("PW", Login1.Password)
                            FormsAuthentication.RedirectFromLoginPage(Login1.UserName, Login1.RememberMeSet)

                            'FormsAuthentication.SetAuthCookie(Login1.UserName, True)
                            'Response.Redirect("mypage.aspx")
                            Exit Select
                    End Select
                End If
                dr.Close()
                con.Close()
            End Using
        End Using
    End Sub
End Class