----------------------------------------------------------
Web.config settings
----------------------------------------------------------


<configuration>
  <appSettings>
    <add key="DatabaseName" value="Cottages"/>
    <add key="userID" value="ISC361"/>
    <add key="pwd" value="123"/>
    <add key="servername" value="HAROLDPARDUE-PC\SQLEXPRESS"/>
    <add key="emailFROM" value=""></add>
    <add key="SmtpServer" value=""></add>
    <add key="FigureURL" value="~/UploadedVideos/"></add>
    <add key="FigurePath" value=""></add>
  </appSettings>
	<connectionStrings>
  <add name="CottagesConnectionStringisc361" connectionString="Data Source=HAROLDPARDUE-PC\SQLEXPRESS;Initial Catalog=Cottages;User ID=ISC361;Password=123"
   providerName="System.Data.SqlClient" />
 </connectionStrings>
	<system.web>
		<!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.

            Visual Basic options:
            Set strict="true" to disallow all data type conversions 
            where data loss can occur. 
            Set explicit="true" to force declaration of all variables.
        -->
		<compilation debug="true" strict="false" explicit="true"/>
		<pages>
			<namespaces>
				<clear/>
				<add namespace="System"/>
				<add namespace="System.Collections"/>
				<add namespace="System.Collections.Specialized"/>
				<add namespace="System.Configuration"/>
				<add namespace="System.Text"/>
				<add namespace="System.Text.RegularExpressions"/>
				<add namespace="System.Web"/>
				<add namespace="System.Web.Caching"/>
				<add namespace="System.Web.SessionState"/>
				<add namespace="System.Web.Security"/>
				<add namespace="System.Web.Profile"/>
				<add namespace="System.Web.UI"/>
				<add namespace="System.Web.UI.WebControls"/>
				<add namespace="System.Web.UI.WebControls.WebParts"/>
				<add namespace="System.Web.UI.HtmlControls"/>
			</namespaces>
		</pages>
		<!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
		<authentication mode="Windows"/>
		<!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.

        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm" />
            <error statusCode="404" redirect="FileNotFound.htm" />
        </customErrors>
        -->
	</system.web>
</configuration>

----------------------------------------------------------
Index.aspx code-behind
----------------------------------------------------------

Imports System.Data
Imports DataAccess
Imports System.Configuration.ConfigurationManager
Partial Class Index
    Inherits System.Web.UI.Page

    Public ConnectionString As String = "database=" & AppSettings("DatabaseName") _
      & ";server=" & AppSettings("ServerName") & ";User ID=" & AppSettings("UserID") & ";pwd=" & AppSettings("Pwd")

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

        If Not IsPostBack Then
            SetFormMode()
        End If
    End Sub
    Protected Sub SetFormMode()
        Me.txtLastName.Focus()

    End Sub

    Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click

        If Page.IsValid Then

        End If
        'Check for empty textbox
        If Me.txtLastName.Text <> "" Then
            'do something
        Else
            'send error message
        End If
    End Sub



    Protected Sub LoginUser_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles LoginUser.Authenticate
        'Build a table for user profile
        CreateUserProfile()

    End Sub

    Private Sub CreateUserProfile()

        ''The DataTable was created for testing purposes
        '' Create a new DataTable.
        'Dim dtUserProfile As DataTable = New DataTable("UserProfile")

        '' Declare variables for DataColumn and DataRow objects.
        'Dim column As DataColumn
        'Dim row As DataRow

        '' Create new DataColumn, set DataType, ColumnName 
        '' and add to DataTable.    
        'column = New DataColumn()
        'column.DataType = System.Type.GetType("System.Int32")
        'column.ColumnName = "Userid"
        ''column.ReadOnly = True
        ''column.Unique = True

        '' Add the Column to the DataColumnCollection.
        'dtUserProfile.Columns.Add(column)

        '' Create second column.
        'column = New DataColumn()
        'column.DataType = System.Type.GetType("System.String")
        'column.ColumnName = "Email"

        '' Add the column to the table.
        'dtUserProfile.Columns.Add(column)

        'column = New DataColumn()
        'column.DataType = System.Type.GetType("System.Boolean")
        'column.ColumnName = "Admin"

        '' Add the column to the table.
        'dtUserProfile.Columns.Add(column)

        'row = dtUserProfile.NewRow()
        'row("UserId") = 343
        'row("Email") = "hpardue@usouthal.edu"
        'row("Admin") = True

        'dtUserProfile.Rows.Add(row)

        'Session("dtUserProfile") = dtUserProfile

        'Response.Cookies("UserProfile")("UserID") = dtUserProfile.Rows(0)("UserID")
        'Response.Cookies("UserProfile")("Email") = dtUserProfile.Rows(0)("Email")
        'Response.Cookies("UserProfile")("Admin") = dtUserProfile.Rows(0)("Admin")
        'Response.Cookies("UserProfile").Expires = DateTime.Now.AddDays(1)

        ''Instantiate an instance of the dataAccess tier (or BusinessLogic tier)
        Dim objDataAccess As New DataAccess.User
        Dim IsFound As Boolean

        objDataAccess.ValidateUser(LoginUser.UserName, LoginUser.Password, ConnectionString)

        IsFound = objDataAccess.IsFound

        'Commented this out because this is the datasource control technique. 
        'We are now using the n-tier with the helper class

        ''Set the parameters values for the sqldatasource
        'Me.SqlDataSourceGuest.SelectParameters("Email").DefaultValue = Me.LoginUser.UserName
        'Me.SqlDataSourceGuest.SelectParameters("Password").DefaultValue = Me.LoginUser.Password

        ''Dimension a dataview and then retrieve the IsFound property
        'Dim dvIsFound As DataView = CType(Me.SqlDataSourceGuest.Select(DataSourceSelectArguments.Empty), DataView)

        'IsFound = dvIsFound.Table.Rows(0)("IsFound")

        Me.SqlDataSourceUserProfile.SelectParameters("Email").DefaultValue = Me.LoginUser.UserName

        Dim dvUserProfile As DataView = CType(Me.SqlDataSourceUserProfile.Select(DataSourceSelectArguments.Empty), DataView)

        Session("UserProfile") = dvUserProfile

        If IsFound Then
            Session("PageRequested") = "Main.aspx"
            Response.Redirect("Main.aspx")
        Else

        End If

        'Button1.Visible = dtUserProfile.Rows(0)("Admin")

    End Sub



End Class



----------------------------------------------------------
Data Access tier
----------------------------------------------------------

using System;
using System.Collections.Generic;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using Microsoft.ApplicationBlocks.Data;

namespace DataAccess
{
    public class User
    {

        #region " Public properties "

        public static bool pTransactionSuccessful;
        public bool TransactionSuccessful()
        {
            return pTransactionSuccessful;
        }
        public static string pErrorMessage;
        public string ErrorMessage()
        {
            return pErrorMessage;
        }
        public static int pErrorNumber;
        public int ErrorNumber()
        {
            return pErrorNumber;
        }
        public static int pErrorClass;
        public int ErrorClass()
        {
            return pErrorClass;
        }
        public static int pErrorState;
        public int ErrorState()
        {
            return pErrorState;
        }
        public static int pErrorLineNumber;
        public int ErrorLineNumber()
        {
            return pErrorLineNumber;
        }
        public static bool pIsFound;
        public bool IsFound()
        {
            return pIsFound;
        }

        #endregion

        #region " Read methods "
        public void ValidateUser(string Email, string Password, string ConnectionString)
        {
            // Set up parameters in parameter array 
            SqlParameter[] arParms = new SqlParameter[2];

            arParms[0] = new SqlParameter("@Email", SqlDbType.NVarChar);
            arParms[0].Value = Email;
            arParms[1] = new SqlParameter("@Password", SqlDbType.NVarChar);
            arParms[1].Value = Password;
            //arParms[2] = new SqlParameter("@IsFound", SqlDbType.Int);
            //arParms[2].Direction = ParameterDirection.Output;

            pTransactionSuccessful = true;

            DataTable dtUserValidation = new DataTable("UserValidation");

            try
            {
                DataSet dsValidationInfo = SqlHelper.ExecuteDataset(ConnectionString, CommandType.StoredProcedure, "ValidateGuest", arParms);
                dtUserValidation = dsValidationInfo.Tables[0];
            }
            catch (SqlException ReadError)
            {
                pErrorMessage = ReadError.Message.ToString();
                pErrorNumber = ReadError.Number;
                pErrorClass = ReadError.Class;
                pErrorState = ReadError.State;
                pErrorLineNumber = ReadError.LineNumber;

                pTransactionSuccessful = false;
            }
            
            pIsFound = (bool)dtUserValidation.Rows[0]["IsFound"];

        }

        #endregion

        #region " Insert methods "

        #endregion

        #region " Update methods "

        #endregion

        #region " Delete methods "

        #endregion

    }
}