protected void btnLogin_Click(object sender, EventArgs e) { userprop objProp = new userprop(); BrugerFac objLogin = new BrugerFac(); objProp._Password = objLogin.GetSH1(txtPassword.Text); objProp._UserName = txtUsername.Text; objProp = objLogin.login(objProp); if (objProp._Userid > 0) { Session["Userlevel"] = objProp._Levelid; Session.Timeout = 60; if (Session["Userlevel"] != null) { // int lvl = Convert.ToInt32(Session["Brugerlvl"]); string lvl = Session["Userlevel"].ToString(); Session["UserID"] = objProp._Userid; int userlvl = Convert.ToInt32(lvl); if (userlvl == 3) { Response.Redirect("Default.aspx"); } else if (userlvl == 2 || userlvl == 1) { Response.Redirect("Admin/OpretEvent.aspx"); } } } else { ScriptManager.RegisterStartupScript(this, this.GetType(), "alert", "alert('Wrong username or password.');", true); } }
//Add Bruger public string addUser(userprop props) { CMD = new SqlCommand(@"BEGIN IF NOT EXISTS (SELECT * FROM tblBruger WHERE fldUsernavn = @username) BEGIN INSERT INTO tblBruger (fldUsernavn, fldPassword, fldUserLevel, fldNavn, fldAdresse, fldTelefon, fldPostnr, fldEmail) VALUES (@username, @password, @level, @Name, @Adresse, @Telfon, @post, @email) END END"); CMD.Parameters.AddWithValue("@password", props._Password); CMD.Parameters.AddWithValue("@username", props._UserName); CMD.Parameters.AddWithValue("@level", props._Levelid); CMD.Parameters.AddWithValue("@Name", props._Navn); CMD.Parameters.AddWithValue("@Adresse", props._Adresse); CMD.Parameters.AddWithValue("@Telfon", props._Telfon); CMD.Parameters.AddWithValue("@post", props._Postnr); CMD.Parameters.AddWithValue("@email", props._Email); int i = DA.InsertDataGetNewID(CMD); strSQL = "INSERT INTO tblDog (fldNavn, fldBirthday, fldVaccine, fldOwner_FK, fldSex_FK) VALUES (@Name, @Birth, @Vaccine, @Owner, @Gender)"; CMD = new SqlCommand(strSQL); CMD.Parameters.AddWithValue("@Name", _DogName); CMD.Parameters.AddWithValue("@Birth", _DogBirth); CMD.Parameters.AddWithValue("@Vaccine", _Vaccine); CMD.Parameters.AddWithValue("@Owner", i); CMD.Parameters.AddWithValue("@Gender", _DogGender); DA.ModifyData(CMD); string Msg = ""; if (i > 0) { Msg = "User created!!"; } else { Msg = "There is already an User with this name!"; } return(Msg); }
protected void btnSubmit_Click(object sender, EventArgs e) { userprop objUser = new userprop(); objUser._Password = objLogin.GetSH1(txtPassword.Text); //Encrypt password objUser._UserName = txtNavn.Text.Replace(" ", string.Empty); objUser._Email = txtEmail.Text; objUser._Adresse = txtAdresse.Text; objUser._Telfon = Convert.ToInt32(txtMobil.Text); objUser._Postnr = Convert.ToInt32(txtPost.Text); objUser._Navn = txtNavn.Text; objUser._Levelid = 3; objLogin._DogName = txtDogName.Text; objLogin._DogBirth = Convert.ToDateTime(txtBirthday.Text); objLogin._DogGender = Convert.ToInt32(ddlSex.SelectedValue); if (txtDogName.Text == "") { ScriptManager.RegisterStartupScript(this, this.GetType(), "alert", "alert('udfyld alle felter.');", true); } else if (txtDogName.Text != "" && txtBirthday.Text != "" && ddlSex.SelectedIndex > 0) { if (chbVaccine.Checked) { objLogin._Vaccine = 1; } else { objLogin._Vaccine = 0; } if (txtNavn.Text != "" && txtPassword.Text != "") { ScriptManager.RegisterStartupScript(this, this.GetType(), "alert", "alert('New user created.');", true); txtNavn.Text = ""; txtPassword.Text = ""; objLogin.addUser(objUser); } else { ScriptManager.RegisterStartupScript(this, this.GetType(), "alert", "alert('udfyld alle felter.');", true); } } }
//Login public userprop login(userprop props) { DataAccess objdata = new DataAccess(); SqlCommand CMD = new SqlCommand(); CMD = new SqlCommand("SELECT fldUsernavn, fldLoginID, fldUserLevel FROM tblBruger WHERE fldPassword = @password AND fldUsernavn = @username"); CMD.Parameters.AddWithValue("@password", props._Password); CMD.Parameters.AddWithValue("@username", props._UserName); DataTable DtUser = objdata.GetData(CMD); userprop _user = new userprop(); if (DtUser.Rows.Count > 0) { _user._Userid = Convert.ToInt32(DtUser.Rows[0]["fldLoginID"]); _user._UserName = DtUser.Rows[0]["fldUsernavn"].ToString(); _user._Levelid = Convert.ToInt32(DtUser.Rows[0]["fldUserLevel"]); } return(_user); }