Login !!

using rangtarang.Connection;


public partial class adminindex : System.Web.UI.Page
{
GetConnection objCon = new GetConnection();
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
txtuser.Focus();
}

}
protected void imgbtn_Click(object sender, ImageClickEventArgs e)
{
Login();
}

private void Login()
{
try
{
if (objCon.sqlConn.State == ConnectionState.Closed)
{
objCon.OpenConnection();
}

SqlCommand sqlquery = new SqlCommand("select * from tblAdmin where login_id='" + txtuser.Text + "' And login_pwd='" + txtpwd.Text + "' And login_active=1", objCon.sqlConn);
SqlDataReader loginReader = sqlquery.ExecuteReader();
if (loginReader.HasRows)
{
loginReader.Read();
if (loginReader["login_id"].ToString() == txtuser.Text && loginReader["login_pwd"].ToString() == txtpwd.Text)
{
lblerror.Visible = false;
Session["LoginId"] = loginReader["login_id"].ToString();
Session["AdminId"] = loginReader["login_pwd"].ToString();
Session["adminVALIDUSER"] = "true";
Session["AdminName"] = loginReader["admin_name"].ToString();
Session.Timeout = 30;
Response.Redirect("adminHome.aspx");
}
}
else
{
lblerror.Visible = true;
lblerror.ForeColor = System.Drawing.Color.Red;
lblerror.Text = "Invalid login-id or password !";
}
}
catch (Exception ex)
{
lblerror.Visible = true;
lblerror.ForeColor = System.Drawing.Color.Red;
lblerror.Text = "Error:" + ex.Message;
}
}
}