protected void btnRegister_Click(object sender, EventArgs e)
{
DataSet ds = new DataSet();
DataSetTableAdapters.UsersTableAdapter taUser
= new DataSetTableAdapters.UsersTableAdapter();
taUser.Fill(ds.Users);//Get the latest and put into ds.Users table
DataRow[] dr = ds.Users.Select("Username = '******'");
if (dr.Length == 1)
{
lblCreateStatus.Visible = true;
lblCreateStatus.Text = "Account is already existed. Please choose another username!";
}
else
{
DataSet.UsersRow fRow = ds.Users.NewUsersRow();
fRow.Username = tbUsername.Text;
fRow.Password = tbPass.Text;
fRow.Full_Name = tbName.Text;
fRow.Email = tbEmail.Text;
fRow.Country = drdCountry.SelectedItem.ToString();
fRow.IsAdmin = false;
//In the offline database
ds.Users.Rows.Add(fRow);
//Get it back to the real database
taUser.Update(ds.Users);
Response.Write("<script LANGUAGE='JavaScript' >alert('Successfully Registrated!!!')</script>");
Server.Transfer("Login.aspx");
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
DataSet ds = new DataSet();
DataSetTableAdapters.UsersTableAdapter taUser
= new DataSetTableAdapters.UsersTableAdapter();
taUser.Fill(ds.Users);//Get the latest and put into ds.Users table
DataRow[] dr = ds.Users.Select("Username = '******'");
if (dr.Length == 1 && dr[0]["password"].ToString() == tbPassword.Text)
{
Session["Discount"] = 20.0;
if ((bool)dr[0]["IsAdmin"] == true)
{
Session["AdminStatus"] = true;
Server.Transfer("AdminPage.aspx");
}
}
else
{
lblLoginStatus.Visible = true;
lblLoginStatus.Text = "Login failed. Username/Password is not correct";
}
taUser.Update(ds.Users);
}
protected void SignIn_Click(object sender, EventArgs e)
{
string username = TextBoxUserName.Value;
string password = TextBoxPassword.Value;
if (Auth.VerifyUsernamePassword(username, password))
{
//VERIFICATION TRUE CASE
//Update session data, redirect
DataSetTableAdapters.UsersTableAdapter usertableadapter = new DataSetTableAdapters.UsersTableAdapter();
Session["LoggedIn"] = true;
Session["UserInfo"] = usertableadapter.GetUserByUsernameIgnoreActive(username)[0];
//screenTableadApter.GetScreensByCinemaId(1, true);
System.Diagnostics.Debug.WriteLine("Login passed");
if (Request["redirect"] != null)
{
Response.Redirect(Request["redirect"].ToString());
}
else
{
Response.Redirect("/");
}
}
else
{
//VERIFICATION FALSE CASE
System.Diagnostics.Debug.WriteLine("Login failed");
if (Request["redirect"] != null)
{
Response.Redirect("/LogIn.aspx?alert=2&redirect=" + Request["redirect"].ToString());
}
Response.Redirect("/LogIn.aspx?alert=2");
}
}
protected void btnUpdateUser_Click(object sender, EventArgs e)
{
DataSetTableAdapters.UsersTableAdapter taUser
= new DataSetTableAdapters.UsersTableAdapter();
taUser.Fill(ds.Users);//Get the latest and put into ds.Users table
int selected = Convert.ToInt32(drdUserID.SelectedValue);
DataRow[] dr = ds.Users.Select("UserID=" + selected);//Inside is where clause
if (dr.Length == 1)
{
if (tbUsername.Text != "")
{
dr[0]["Username"] = tbUsername.Text;
}
if (tbPass.Text != "")
{
dr[0]["Password"] = tbPass.Text;
}
if (tbEmail.Text != "")
{
dr[0]["Email"] = tbEmail.Text;
}
if (tbName.Text != "")
{
dr[0]["Full Name"] = tbName.Text;
}
if (drdCountry.SelectedValue != "-1")
{
dr[0]["Country"] = drdCountry.SelectedItem.Text;
}
if (rbtnAdmin.Checked)
{
dr[0]["IsAdmin"] = true;
}
else
{
dr[0]["IsAdmin"] = false;
}
taUser.Update(ds.Users); //Update to real db
taUser.Fill(ds.Users); //Get the latest and put into ds.Users table
gvUsers.DataSourceID = "SqlDataSource1"; //Update Grid View
lblStatusUser.Text = "Successfully updated";
lblStatusUser.ForeColor = System.Drawing.Color.Green;
lblStatusUser.Visible = true;
}
else
{
lblStatusUser.Text = "Unsuccessfully updated";
lblStatusUser.ForeColor = System.Drawing.Color.Red;
lblStatusUser.Visible = true;
}
}
protected void btnAddUser_Click(object sender, EventArgs e)
{
DataSetTableAdapters.UsersTableAdapter taUser
= new DataSetTableAdapters.UsersTableAdapter();
taUser.Fill(ds.Users);//Get the latest and put into ds.Users table
DataRow[] dr = ds.Users.Select("Username = '******'");
if (dr.Length == 1)
{
lblStatusUser.Visible = true;
lblStatusUser.Text = "Account is already existed. Please choose another username!";
lblStatusUser.ForeColor = System.Drawing.Color.Red;
lblStatusUser.Visible = true;
}
else
{
DataSet.UsersRow fRow = ds.Users.NewUsersRow();
fRow.Username = tbUsername.Text;
fRow.Password = tbPass.Text;
fRow.Full_Name = tbName.Text;
fRow.Email = tbEmail.Text;
fRow.Country = drdCountry.SelectedItem.ToString();
if (rbtnAdmin.Checked)
{
fRow.IsAdmin = true;
}
else
{
fRow.IsAdmin = false;
}
//In the offline database
ds.Users.Rows.Add(fRow);
//Get it back to the real database
taUser.Update(ds.Users);
//Get the latest database
taUser.Fill(ds.Users);
gvUsers.DataSourceID = "SqlDataSource1";//Update Grid View
lblStatusUser.Text = "Successfully Added New Account";
lblStatusUser.ForeColor = System.Drawing.Color.Green;
lblStatusUser.Visible = true;
}
}
/// <summary>
/// Verifies if a username and password are valid users
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns>boolean result</returns>
public static Boolean VerifyUsernamePassword(string username, string password)
{
DataSetTableAdapters.UsersTableAdapter usertableadapter = new DataSetTableAdapters.UsersTableAdapter();
DataSet.UsersDataTable data = usertableadapter.GetUserByUsername(username, true); //Get user with matching username
if (data != null && data.Count != 0) //check if user exists
{
DataSet.UsersRow user = data[0]; //get the userrow from the dataset
string input_hash = HashSaltPassword(password, user.PasswordSalt.ToString()); //input password gets hashed using the known salt
if (input_hash == user.PasswordHash.ToString().Trim())
{
return(true); //if existing hash and generated hash match, user is verified!
}
}
return(false); //for all other cases verification fails
}
protected void btnDeleteUser_Click(object sender, EventArgs e)
{
DataSetTableAdapters.UsersTableAdapter taUser
= new DataSetTableAdapters.UsersTableAdapter();
taUser.Fill(ds.Users);
int selected = Convert.ToInt32(drdUserID.SelectedValue);
DataRow[] dr = ds.Users.Select("UserID=" + selected);
if (dr.Length == 1)
{
dr[0].Delete();
lblStatusUser.Text = "Successfully deleted";
lblStatusUser.ForeColor = System.Drawing.Color.Green;
lblStatusUser.Visible = true;
taUser.Update(ds.Users); //Update to real db
taUser.Fill(ds.Users); //Get the latest and put into ds.Users table
gvUsers.DataSourceID = "SqlDataSource1"; //Update Grid View
drdUserID.DataSourceID = "SqlDataSource1"; //Update Dropdownlist
}
}
protected void textBoxRegister_Click(object sender, EventArgs e)
{
System.Diagnostics.Debug.WriteLine("REGISTER CLICKED");
string ADDR1 = textBoxALine1.Text;
string ADDR2 = textBoxALine2.Text;
string CITY = textBoxACity.Text;
string REGION = textBoxARegion.Text;
string COUNTRY = textBoxACountry.Text;
string POSTCODE = textBoxAPost.Text;
string USERNAME = textBoxUsername.Text;
string PASSWORD = textBoxPassword.Text;
string PASSWORD2 = inputPasswordConfirm.Text;
string EMAIL = textBoxEmail.Text;
string PHONENO = textBoxPhonNo.Text;
string FIRSTNAME = textBoxFirstN.Text;
string LASTNAME = textBoxLastN.Text;
//Validate
//is the username taken
int MINLENGTH_FIRSTNAME = 2;
int MINLENGTH_LASTNAME = 2;
int MINLENGTH_EMAIL = 6;
int MINLENGTH_USERNAME = 3;
int MINLENGTH_PASSWORD = 6;
int MINLENGTH_PHONE = 6;
int MINLENGTH_PCODE = 3;
int MINLENGTH_LINE1 = 2;
int MINLENGTH_LINE2 = 0;
int MINLENGTH_REGION = 3;
int MINLENGTH_COUNTRY = 4;
if (FIRSTNAME.Length < MINLENGTH_FIRSTNAME ||
LASTNAME.Length < MINLENGTH_LASTNAME ||
EMAIL.Length < MINLENGTH_EMAIL ||
USERNAME.Length < MINLENGTH_USERNAME ||
PASSWORD.Length < MINLENGTH_PASSWORD ||
PHONENO.Length < MINLENGTH_PHONE ||
POSTCODE.Length < MINLENGTH_PCODE ||
ADDR1.Length < MINLENGTH_LINE1 ||
ADDR2.Length < MINLENGTH_LINE2 ||
REGION.Length < MINLENGTH_REGION ||
COUNTRY.Length < MINLENGTH_COUNTRY)
{
validateError(6);
}
DataSetTableAdapters.UsersTableAdapter usertableadapter = new DataSetTableAdapters.UsersTableAdapter();
DataSet.UsersDataTable data = usertableadapter.GetUserByUsernameIgnoreActive(USERNAME);
if (data.Count != 0)
{
validateError(7);
}
else
{
checkMail(EMAIL);
checkPass(PASSWORD, PASSWORD2);
if (PHONENO.Length < 8 || PHONENO.Length > 15)
{
validateError(5);
}
//Register
Register_User(ADDR1, ADDR2, CITY, REGION, COUNTRY, POSTCODE, USERNAME, PASSWORD, EMAIL, PHONENO, FIRSTNAME, LASTNAME);
}
}
