如果未登录，则重定向用户登录 ASP.NET C#

Question

I'm trying to develop web app in ASP.NET web forms using C# and i want to Redirect user to login if not logged but when i try to login i'm not able to redirect to the dashboard.aspx page i just found my self in login page please any one can help me:)

 protected void Page_Load(object sender, EventArgs e)
{
    if (Session["username"] == null)
    {
        Response.Redirect("login.aspx", true);
        return;
    }
    //else
    //{
    //    Response.Redirect("dashbord.aspx", true);
    //}
}

login.aspx

string user = Request["login1"];
string code = Request["pass"];
SqlCommand cmd = conn.CreateCommand();
cmd.CommandType = CommandType.Text;
cmd.CommandText = "select * from admin where username  = '"+user+"' and password = '"+ code + "'";
cmd.ExecuteNonQuery();
Session["username"] = user;
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("dashbord.aspx");

Answer 1

You should try and use a built in security provider. (even the simple FBA and role providers is better then this). If a user hits a page that is secured or requires a logon, then IIS will jump to logon page, and then automatic re-direct to where you were going in the first place. So, you really don't want to handle this on your own, since then simple efforts to set a web page is in a secured folder becomes easy.

See this recent post of mine - as to how this works, or at least should work. If you don't adopt a built in security system, then you will be for ever more trying to write code on near every web page to deal with the near "unlimited" ways that users can type in any old URL, and that's a challenge.

Authorization issues in asp page VB.NET