SqlCommand yetki = new SqlCommand("select * from musteri", connection);
string sorgu = "SELECT * FROM musteri where mail=@user AND sifre=@pass";
cmd = new SqlCommand(sorgu, connection);
cmd.Parameters.AddWithValue("@user", TextBox1.Text);
cmd.Parameters.AddWithValue("@pass", TextBox2.Text);
connection.Open();
dr = cmd.ExecuteReader();
if (dr.Read())
{
dr.Close();
dr = yetki.ExecuteReader();
if (dr[5].ToString() == 1)
{
Response.Redirect("anasayfa.aspx");
}
else
{
Response.Redirect("master.master");
}
}
else
{
Label1.Text = "Giriş Başarısız ";
}
connection.Close();