protected void lgnbtn_Click(object sender, EventArgs e)
{
// Connects to the database
using (ArcEncaseEntities dbc = new ArcEncaseEntities())
{
// Saves the entered username into a string (for later use)
string usrnmFld = usrnme.Text.Trim();
// Gets the two salt-values (for the user) from the database
var getSlt = (from user in dbc.arcencase_usrs
where user.aenc_usrs_usrsnme == usrnme.Text.Trim()
select new
{
firstsalt = user.aenc_usrs_usrssaltfrst,
lastsalt = user.aenc_usrs_usrssaltlst
});
// Checks if the above query gives any users (from the database)
if (getSlt.Count() > 0)
{
// Connect the salt to the salthandler-variable
var saltHndlr = getSlt.SingleOrDefault();
// Instantiate the class with methods
// for generating salt and hashed passwords
HashPswdGeneratorHandler hpg = new HashPswdGeneratorHandler();
// Combines the first salt with the entered password and the last salt into a hash
string hshdPswd = hpg.GetHashedPassword(saltHndlr.firstsalt, paswds.Text.Trim(), saltHndlr.lastsalt);
// Gets the usergroup for the entered username (from the database)
var getUsrGRP = from user in dbc.arcencase_usrs
where user.aenc_usrs_usrsnme == usrnme.Text.Trim()
select user.arcencase_usrsgrps.aenc_grps_grpsname;
// Saves the usergroup (for the user) into a string (for later use)
string usrnGRP = getUsrGRP.SingleOrDefault();
// Gets the userid for the entered username (from the database)
var getUsrID = from user in dbc.arcencase_usrs
where user.aenc_usrs_usrsnme == usrnme.Text.Trim()
select user.aenc_usrs_usrsid;
// Saves the userid (for the user) into a variable (for later use)
int usrnID = getUsrID.SingleOrDefault();
// Compares the entered username and password against the database
var queryCnt = from user in dbc.arcencase_usrs
where user.aenc_usrs_usrsnme == usrnme.Text.Trim()
&& user.aenc_usrs_usrspswd == hshdPswd
select user;
// If the above query (against the database) holds a user with
// the right given credentials ...
if (queryCnt.Count() > 0)
{
// ... set up some sessions and
// redirect the user to the
// "music"-page
usrnme.Text = null;
paswds.Text = null;
Session["usrnme"] = usrnmFld;
Session["usrnid"] = usrnID;
Session["usrngrp"] = usrnGRP;
Response.Redirect("~/Category/Music.aspx", false);
}
}
usrnme.Text = null;
paswds.Text = null;
usrnme.Focus();
}
}
// Method that inserts a new user into the database
protected void EntityDataSourceGeneral_Inserting(object sender, EntityDataSourceChangingEventArgs e)
{
// Hides the error-layer
msgDv.Visible = false;
int errCnter = 0;
// Checks if the username exists before in the database. If it does - then save the
// number of 1 to the errCnter variable above
TextBox usern = dbListView.InsertItem.FindControl("usrs_usrsnmeTextBox") as TextBox;
using (ArcEncaseEntities db = new ArcEncaseEntities())
{
var query = from user in db.arcencase_usrs
where user.aenc_usrs_usrsnme == usern.Text.Trim()
select user.aenc_usrs_usrsnme;
if (query.Count() > 0)
{
errCnter = 1;
}
}
// If the username not exists in the database - add it ...
if (errCnter == 0)
{
HashPswdGeneratorHandler hpg = new HashPswdGeneratorHandler();
string nwSalt1 = hpg.GenerateSalt();
string nwSalt2 = hpg.GenerateSalt();
arcencase_usrs dbUsrs = e.Entity as arcencase_usrs;
dbUsrs.aenc_usrs_usrssaltfrst = nwSalt1.ToString();
dbUsrs.aenc_usrs_usrssaltlst = nwSalt2.ToString();
TextBox pswrdet = dbListView.InsertItem.FindControl("usrs_usrspswdTextBox") as TextBox;
dbUsrs.aenc_usrs_usrspswd = hpg.GetHashedPassword(nwSalt1, pswrdet.Text.Trim(), nwSalt2);
}
// ... or show an error message if it does
else
{
e.Cancel = true;
msgDv.Visible = true;
msgDv.Attributes.Add("class", "errorMsg");
msgs.Attributes.Add("class", "errorMsg");
msgs.Attributes.Add("class", "whiteText");
string errTxt = "User could not be added because the username is already taken!";
msgs.Text = errTxt;
ScriptManager.RegisterStartupScript(this, this.GetType(), "key", "alert('" + errTxt + "');", true);
}
}