using System.Web.UI.HtmlControls; using System.Data.SqlClient; public partial class dangnhap : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { Session["IL"]=0; } protected void btndangnhap_Click(object sender, EventArgs e) { SqlConnection conn = new SqlConnection(); conn.ConnectionString = ConfigurationManager.ConnectionStrings["BookStore"].ConnectionString; SqlCommand cmd = new SqlCommand(); cmd.CommandText = "select count(*) from tuser where UserName=@User and Pass=@Pass"; cmd.Parameters.AddWithValue("@User", txtuser.Text); cmd.Parameters.AddWithValue("@Pass", txtpass.Text); cmd.Connection = conn; conn.Open(); int usercount = (int)cmd.ExecuteScalar(); conn.Close(); conn.Dispose(); if (usercount >= 1) { Session["IL"] = 1; Response.Redirect("ThemSach.aspx"); } else { lblmsg.Text=("Sai Tên đăng nhập hoặc mật khẩu"); } } } using System.Web.UI.HtmlControls; using System.Data.SqlClient; public partial class ThemSach : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { if (Convert.ToInt16(Session["IL"]) == 0) { Response.Redirect("Dangnhap.aspx"); } } protected void BtnThem_Click(object sender, EventArgs e) { SqlConnection conn=new SqlConnection(); conn.ConnectionString = ConfigurationManager.ConnectionStrings["BookStore"].ConnectionString; SqlCommand cmd = new SqlCommand(); cmd.CommandText = "Insert into tSach (TenSach,MaCD,MoTa,Hinh) values (@TenSach,@MaCD,@Mota,@Hinh)"; cmd.Parameters.AddWithValue("@TenSach", txttensach.Text); cmd.Parameters.AddWithValue("@MaCD", dlcd.SelectedValue); cmd.Parameters.AddWithValue("@Mota", txtnoidung.Text); cmd.Parameters.AddWithValue("@Hinh", FlHinh.FileName); FlHinh.SaveAs(Server.MapPath("~")+"/" + "AnhSach/"+ FlHinh.FileName); cmd.Connection = conn; conn.Open(); cmd.ExecuteNonQuery(); nhaplai(); Label1.Text = "Them SAch thanh cong"; conn.Close(); conn.Dispose(); } protected void btnnhaplai_Click(object sender, EventArgs e) { nhaplai(); } void nhaplai() { txttensach.Text = ""; txtnoidung.Text = ""; dlcd.SelectedValue = "1"; FlHinh.Dispose(); } } . (int)cmd.ExecuteScalar(); conn.Close(); conn.Dispose(); if (usercount >= 1) { Session["IL"] = 1; Response.Redirect("ThemSach.aspx"); } else { . { if (Convert.ToInt16(Session["IL"]) == 0) { Response.Redirect("Dangnhap.aspx"); } } protected void BtnThem_Click(object sender,