Beispiel #1
0
		private void btnLogin_Click(object sender, EventArgs e)
		{
			BPCompanyUsers bpCompanyUsers = new BPCompanyUsers();
			int memberID;
			string returnURL;

			returnURL = Request.QueryString["returnUrl"];

			if (returnURL == null)
			{
				returnURL = "Main.aspx";
			}
			memberID = bpCompanyUsers.Login(txtUserID.Text, txtPass.Text);

			if (memberID > 0)
			{
				FormsAuthenticationTicket ticket;
				string hash;
				HttpCookie cookie;

				ticket = new FormsAuthenticationTicket(1, txtUserID.Text, DateTime.Now, DateTime.Now.AddMinutes(30), true, memberID + ";" + bpCompanyUsers.GetCompanyUserGroupPermissions(memberID), FormsAuthentication.FormsCookiePath);

				hash = FormsAuthentication.Encrypt(ticket);
				cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
				Response.Cookies.Add(cookie);
				Response.Redirect(returnURL);
			}
			else
			{
				pError.InnerText = "Your Username or password is incorrect.";
			}
		}
		private void btnSubmit_Click(object sender, EventArgs e)
		{
			BPCompanyUsers bp = new BPCompanyUsers();
			DSCompanyUsers = bp.SelectCompanyUsersByID(CompanyUserID);

			BECompanyUsers.tbl_CompanyUsersRow user = DSCompanyUsers.tbl_CompanyUsers.FindByCompanyUserID(CompanyUserID);
			user.CompanyUserLoginID = txtLoginName.Text;
			user.CompanyUserPassword = txtPassword.Text;

			int testCompanyUserID = bp.Login(txtLoginName.Text, txtPassword.Text);

			if (testCompanyUserID == 0 || testCompanyUserID == CompanyUserID)
			{
				bp.Update(DSCompanyUsers);
				lblErr.Text = "";
				Response.Redirect(HttpUtility.UrlDecode( Request.QueryString["ReturnUrl"]));
			}
			else
			{
				lblErr.Text = "Sorry username and password taken.";
			}
		}