public ActionResult Login(LoginModel logObj)
        {
            var       user     = logObj.userName;
            var       password = logObj.password;
            DataTable res      = new DataTable();;
            LoginDAL  logDAL   = new LoginDAL();

            res = logDAL.Check(user, password);
            string userName   = string.Empty;
            string pass       = string.Empty;
            string LoginID    = null;
            string permission = null;

            foreach (DataRow dR in res.Rows)
            {
                userName   = Convert.ToString(dR["userName"]);
                pass       = Convert.ToString(dR["password"]);
                LoginID    = Convert.ToString(dR["LOGINID"]);
                permission = Convert.ToString(dR["Permissionid"]);
            }
            if (userName == user && pass == password)
            {
                Session["userName"] = user;
                Session["LOGINID"]  = LoginID;
                Session["userType"] = permission;
                return(RedirectToAction("Index", "Dashboard"));
            }
            else
            {
                Session["userName"] = null;
                Session["LOGINID"]  = null;
                return(RedirectToAction("Login", "Login"));
            }
            //if (res[0]=="1")
            //{
            //    Session["Username"] = user;
            //    ViewBag.UserName = user;
            //    return RedirectToAction("Index","Dashboard");
            //}
            //else {
            //    Session["Username"] = null;
            //    return RedirectToAction("Login","Login");
            //}
        }
Beispiel #2
0
        public ActionResult Login(LoginModel logObj)
        {
            var       user     = logObj.userName;
            var       password = logObj.password;
            DataTable res      = new DataTable();;
            LoginDAL  logDAL   = new LoginDAL();

            res = logDAL.Check(user, password);
            string userName    = string.Empty;
            string pass        = string.Empty;
            string LoginID     = null;
            string permission  = null;
            string returnUrl   = "~/Account/Login";
            string ApartmentID = null;

            if (ModelState.IsValid)
            {
                foreach (DataRow dR in res.Rows)
                {
                    userName    = Convert.ToString(dR["userName"]);
                    pass        = Convert.ToString(dR["password"]);
                    LoginID     = Convert.ToString(dR["LOGINID"]);
                    permission  = Convert.ToString(dR["Permissionid"]);
                    ApartmentID = Convert.ToString(dR["H_Apartment_ID"]);
                    if (userName != user && pass != password)
                    {
                        Session["userName"]    = null;
                        Session["LOGINID"]     = null;
                        Session["userType"]    = null;
                        Session["ApartmentID"] = null;
                        ModelState.AddModelError("ErrorMessage", "The user name or password provided is incorrect.");
                    }
                    else
                    {
                        //if (/*Url.IsLocalUrl(returnUrl) && */returnUrl.Length > 1 && returnUrl.StartsWith("/")
                        //                 && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                        //{
                        Session["userName"]    = user;
                        Session["LOGINID"]     = LoginID;
                        Session["userType"]    = permission;
                        Session["ApartmentID"] = ApartmentID;

                        FormsAuthentication.SetAuthCookie(userName, false);

                        var    authTicket      = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddMinutes(20), false, LoginID);
                        string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
                        var    authCookie      = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
                        HttpContext.Response.Cookies.Add(authCookie);


                        return(RedirectToAction("Index", "Dashboard"));
                        ////}
                    }
                }

                if (res.Rows.Count == 0)
                {
                    ModelState.AddModelError("ErrorMessage", "The user name or password provided is incorrect.");
                }
            }
            else
            {
                ModelState.AddModelError("ErrorMessage", "The user name or password provided is incorrect.");
            }


            return(View(logObj));
        }