The previous page did the checking on the OnLoggedInEvent which means the member has already logged in before the check is done, requiring a redirect back to the logout page.
A better alternative is to use the OnLogginIn Event:
<asp:login id="login1" runat="server" TitleText="" OnLoggingIn="login1_onLogginIn" />
protected void login1_onLogginIn(object sender, System.Web.UI.WebControls.LoginCancelEventArgs e)
{
Member m = Member.GetMemberFromLoginNameAndPassword(login1.UserName, login1.Password);
if (m.getProperty("memberPaid").Value.ToString() != "1")
{
e.Cancel = true;
// instead of redirect you could also do this:
// Login1.InstructionText = "Oi! Pay-up or no access :)";
Response.Redirect("/membershipExpired.aspx");
}
}
PS. probably shouldn't hard-code your redirect path here. Use NiceURL() instead...