Localhost redirected you too many times

Donald Symmons 2,856 Reputation points
2023-03-01T11:23:23.8533333+00:00

I have a login code that redirects users upon login - admin is redirected to admin pages inside Admin folder after login, while other users are redirected to pages in the root directory. This has been working well for quite some time; today it gave me an error when I tired to login as an Admin. login as user is okay, it redirects me to user pages in the root directory, except when I try to login as Admin then I get this error as shown belowERR

Here is my Login code

 protected void ValidateUser(object sender, EventArgs e)
        {
            if (!string.IsNullOrEmpty(txtUsername.Text) & !string.IsNullOrEmpty(txtPassword.Text))
            {
                string connectionString = ConfigurationManager.ConnectionStrings["ConString"].ConnectionString;
                using (SqlConnection con = new SqlConnection(connectionString))
                {
                    using (SqlCommand cmd = new SqlCommand("SELECT Uid, RoleId FROM Users WHERE email = @email AND pass = @pass", con))
                    {
                        con.Open();
                        cmd.Parameters.AddWithValue("@email", txtUsername.Text.Trim());
                        cmd.Parameters.AddWithValue("@pass", Encrypt(txtPassword.Text.Trim()));
                        //string Id = Convert.ToString(cmd.ExecuteScalar());
                        SqlDataReader sdr = cmd.ExecuteReader();
                        string Id = string.Empty, RoleId = string.Empty;
                        if (sdr.Read())
                        {
                            Id = Convert.ToString(sdr["Uid"]);
                            RoleId = Convert.ToString(sdr["RoleId"]);
                        }
                        con.Close();

                        if (!string.IsNullOrEmpty(Id))
                        {
                            string users = "";
                            using (SqlCommand cmd1 = new SqlCommand("SELECT Uid FROM UserActivation WHERE Uid = @Uid"))
                            {
                                cmd1.CommandType = CommandType.Text;
                                cmd1.Parameters.AddWithValue("@Uid", Id);
                                cmd1.Connection = con;
                                con.Open();
                                users = Convert.ToString(cmd1.ExecuteScalar());
                                con.Close();
                            }
                            if (string.IsNullOrEmpty(users))
                            {
                                int user = 0;
                                using (SqlCommand cmd2 = new SqlCommand("SELECT Uid FROM Users WHERE pass = @pass COLLATE SQL_Latin1_General_CP1_CS_AS AND email = @email AND pass = @pass"))
                                {
                                    cmd2.CommandType = CommandType.Text;
                                    cmd2.Parameters.AddWithValue("@email", txtUsername.Text.Trim());
                                    cmd2.Parameters.AddWithValue("@pass", Encrypt(txtPassword.Text.Trim()));
                                    cmd2.Connection = con;
                                    con.Open();
                                    user = Convert.ToInt32(cmd2.ExecuteScalar());
                                    con.Close();
                                }
                                if (user > 0)
                                {
                                    Session["user"] = Id;
                                    con.Open();
                                    string query = "SELECT Suspend from Users WHERE Uid = @Uid";
                                    using (SqlCommand cmd3 = new SqlCommand(query, con))
                                    {
                                        cmd3.Parameters.AddWithValue("@Uid", Session["user"]);
                                        DataTable dtb = new DataTable();
                                        SqlDataAdapter da = new SqlDataAdapter(cmd3);
                                        da.Fill(dtb);
                                        string suspend = dtb.Rows[0]["Suspend"].ToString().Trim().ToLower();
                                        if (suspend == "0")
                                        {
                                            string UpdateLog = @"UPDATE Users SET LastLogin=@dateandtime, IsActive=@IsActive WHERE Uid = @Uid";
                                            using (SqlCommand cmd4 = new SqlCommand(UpdateLog, con))
                                            {
                                                cmd4.Parameters.AddWithValue("@dateandtime", DateTime.UtcNow);
                                                cmd4.Parameters.AddWithValue("@IsActive", "1");
                                                cmd4.Parameters.AddWithValue("@Uid", Session["user"]);
                                                cmd4.ExecuteNonQuery();
                                                con.Close();
                                            }
                                            SqlCommand cmd5 = new SqlCommand("SELECT RoleName From [RoleTable] WHERE RoleId = @RoleId", con);
                                            con.Open();
                                            cmd5.Parameters.AddWithValue("@RoleId", RoleId);
                                            DataTable dt = new DataTable();
                                            SqlDataAdapter sda = new SqlDataAdapter(cmd5);
                                            sda.Fill(dt);
                                            if (dt.Rows.Count > 0)
                                            {
                                                string roles = dt.Rows[0]["RoleName"].ToString().Trim().ToLower();
                                                if (roles == "superadmin")
                                                {
                                                    Session["user"] = Id;
                                                    FormsAuthentication.RedirectFromLoginPage(Id, true);
                                                    Response.Redirect("~/Admin/admindashboard.aspx");
                                                }
                                                else if (roles == "admin")
                                                {
                                                    Session["user"] = Id;
                                                    FormsAuthentication.RedirectFromLoginPage(Id, true);
                                                    Response.Redirect("~/Admin/admindashboard.aspx");
                                                }
                                                else if (roles == "superuser")
                                                {
                                                    Session["user"] = Id;
                                                    FormsAuthentication.RedirectFromLoginPage(Id, true);
                                                    Response.Redirect("Overview.aspx");
                                                }
                                                else if (roles == "user")
                                                {
                                                    Session["user"] = Id;
                                                    FormsAuthentication.RedirectFromLoginPage(Id, true);
                                                    Response.Redirect("Overview.aspx");
                                                }
                                                else
                                                {
                                                    Response.Redirect("Login.aspx");
                                                }
                                            }
                                        }
                                        else
                                        {
                                            dvMessage.Visible = true;
                                            lblMessage.Visible = true;
                                            lblMessage.ForeColor = System.Drawing.Color.Red;
                                            lblMessage.Text = "Account has been Temporary Suspended";
                                        }
                                    }

                                }
                            }
                            else
                            {
                                dvMessage.Visible = true;
                                lblMessage.Visible = true;
                                lblMessage.ForeColor = System.Drawing.Color.Red;
                                lblMessage.Text = "Account has not been activated";
                                txtPassword.Text = "";
                                txtPassword.Focus();
                            }
                        }
                        else
                        {
                            dvMessage.Visible = true;
                            lblMessage.Visible = true;
                            lblMessage.ForeColor = System.Drawing.Color.Red;
                            lblMessage.Text = "Invalid Login Details";
                            txtPassword.Text = "";
                            txtPassword.Focus();
                        }
                    }
                }
            }
            else
            {
                dvMessage.Visible = true;
                lblMessage.Visible = true;
                lblMessage.ForeColor = System.Drawing.Color.Red;
                lblMessage.Text = "All Fields are Required";
            }
        }
.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,346 questions
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,246 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,208 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Donald Symmons 2,856 Reputation points
    2023-03-01T11:51:42.6533333+00:00

    I found what the issue was. I did not add a connection string to the web config file in the Admin folder.

    0 comments No comments