How to Send user to two different web pages when login

protected static Boolean Authentication(string username, string password)
{
    string sqlstring;
    sqlstring = "Select Username, Password, UserType from Userprofile WHERE Username='" + username + "' and Password ='" + password + "'";

    // create a connection with sqldatabase 
    System.Data.SqlClient.SqlConnection con = new System.Data.SqlClient.SqlConnection(
                 "Data Source=PRADEEP-LAPTOP\\SQLEXPRESS;Initial Catalog=BookStore;Integrated Security=True");

    // create a sql command which will user connection string and your select statement string
    System.Data.SqlClient.SqlCommand comm = new System.Data.SqlClient.SqlCommand(sqlstring, con);

    // create a sqldatabase reader which will execute the above command to get the values from sqldatabase
    System.Data.SqlClient.SqlDataReader reader;

    // open a connection with sqldatabase
    con.Open();

    // execute sql command and store a return values in reade
    reader = comm.ExecuteReader();

    // check if reader hase any value then return true otherwise return false
    if (reader.Read())
        return true;
    else
        return false;
}

Boolean blnresult;

blnresult = Authentication(Login2.UserName, Login2.Password);

if (blnresult == true)
{
    Session["User_ID"] = getIDFromName(Login2.UserName);
    Session["Check"] = true;
    Session["Username"] = Login2.UserName;

    Response.Redirect("Index.aspx");
}

so a user like Staff or even Administrators loging to same Index.aspx. i want to change it to different web pages.

how to change sites for each user typ开发者_如何学JAVAes. i have seperate user types. and i have taken UserType in the Authentication function.

Why don't you make your authentication method return a string? It can return the user type when a user is authenticated, and it can return empty or null when authentication fails. Then you can just say

string userType = Authentication(Login2.UserName, Login2.Password);
if(userType != string.IsNullOrEmpty)
{
  if(userType.Equals("yourType")
    Response.Redirect("firstSite.aspx");
  elseif //...etc
}

Please use ASP.Net Forms Authentication. A lot of this work as already been done for you in a much safer way.

Using Forms Authentication in ASP.NET

15 Seconds : Using Forms Authentication in ASP.NET - Part 1

Finally, check out the builtin in ASP.Net Login Controls that can be used for logging in your users, displaying content based on user, password recovery, etc.

if (Session["UserType"] == "admin")
    Response.Redirect("Admin.aspx");
else
    Response.Redirect("Index.aspx");

Refactor Authentication into something else that returns user group or null for missing user for the provided credentials, then add switch or if-statements in the caller.