protected void btnLogin_Click(object sender, EventArgs e)
{
string username = txtUserName.Text.Trim();
string password = EncryptionHelper.Encrypt(txtPassword.Text.Trim());
//string password = EncryptionHelper.Encrypt("$january8");
Session[Constant.SESSION_PASSWORD] = password;
if (GetClientId(username).ToString() != "0")
{
Session["clientid"] = GetClientId(username).ToString();
Session["client"] = ClientConfig.ConfigurationsId(HttpContext.Current.Session["clientid"].ToString(), "slug");
Session["configTheme"] = ClientConfig.ConfigurationsId(HttpContext.Current.Session["clientid"].ToString(), "configTheme");
Session["configCompanyName"] = ClientConfig.ConfigurationsId(HttpContext.Current.Session["clientid"].ToString(), "configCompanyName");
Session["ConnectionString"] = Client.ConnectionString(HttpContext.Current.Session["clientid"].ToString());
connstring = Client.ConnectionString(HttpContext.Current.Session["clientid"].ToString());
//Response.Write(Session["ConnectionString"]);
//SqlDataReader oReader;
////string connstring = ConfigurationManager.ConnectionStrings["EBidConnectionString"].ConnectionString;
//string query;
//SqlCommand cmd;
//SqlConnection conn;
//query = "SELECT UserId FROM tblUsers WHERE UserName=@UserName AND UserPassword=@UserPassword"; //##storedProcedure
//using (conn = new SqlConnection(Session["ConnectionString"].ToString()))
//{
// using (cmd = new SqlCommand(query, conn))
// {
// //cmd.CommandType = CommandType.StoredProcedure; //##storedProcedure
// cmd.Parameters.AddWithValue("@UserName", username.Replace("'", "''"));
// cmd.Parameters.AddWithValue("@UserPassword", password.Replace("'", "''"));
// conn.Open();
// //Process results
// oReader = cmd.ExecuteReader();
// if (oReader.HasRows)
// {
// while (oReader.Read())
// {
// Response.Write(oReader["UserId"].ToString());
// }
// }
// }
//}
//Response.Write(CheckUserCredentials(username, password, Session["ConnectionString"].ToString()));
// check user credentials
if (CheckUserCredentials(username, password, Session["ConnectionString"].ToString()))
// if ok, proceed
{
Session[Constant.SESSION_PASSWORD] = password;
// check if already authenticated
if (Session[Constant.SESSION_ISUSERAUTHENTICATED].ToString() == "YES")
{
if (GetSessionId() == "")
{
UpdateUserLoginStatus(Session[Constant.SESSION_USERID].ToString(), 1, Session.SessionID.ToString());
Session["SesId"] = GetSessionId();
RedirectUser(Session[Constant.SESSION_USERNAME].ToString(), int.Parse(Session[Constant.SESSION_USERTYPE].ToString()));
}
else
{
txtNote.Text = "<div style='padding:5px; background-color:#f60; color:#fff; font-size:10px; margin-top:10px; width:166px;'>This user is currently logged-in. <br>Do you want to force login?</div>";
lnkForceLogout.Visible = true;
lnkForceLogoutNo.Visible = true;
lnkForceSeparator.Text = " | ";
btnLogin.Visible = false;
btnClear.Visible = false;
//UpdateUserLoginStatus(Session[Constant.SESSION_USERID].ToString(), 1, Session.SessionID.ToString());
//Session["SesId"] = GetSessionId();
//RedirectUser(Session[Constant.SESSION_USERNAME].ToString(), int.Parse(Session[Constant.SESSION_USERTYPE].ToString()));
}
}
// if not yet authenticated
else
{
mView.ActiveViewIndex = 2;
}
}
// if not, prompt incorrect username/password
else
{
//txtUserName.Text = "";
txtNote.Text = "Invalid username or password.";
}
}
else
{
//txtUserName.Text = "";
txtNote.Text = "Invalid username or password..";
}
}
protected void Page_Load(object sender, EventArgs e)
{
if ((Request.QueryString["clientid"] != null && Request.QueryString["clientid"] != "") || (Request.QueryString["client"] != null && Request.QueryString["client"] != ""))
{
if (Request.QueryString["clientid"] != null && Request.QueryString["clientid"] != "")
{
Response.Cookies["clientidCookie"].Value = System.Web.HttpContext.Current.Request.QueryString["clientid"].ToString();
Response.Cookies["clientidCookie"].Expires = DateTime.Now.AddDays(30);
Session["client"] = ClientConfig.ConfigurationsId(HttpContext.Current.Request.QueryString["clientid"].ToString(), "slug");
Session["clientid"] = System.Web.HttpContext.Current.Request.QueryString["clientid"].ToString();
Session["configTheme"] = ClientConfig.ConfigurationsId(HttpContext.Current.Request.QueryString["clientid"].ToString(), "configTheme");
Session["configCompanyName"] = ClientConfig.ConfigurationsId(HttpContext.Current.Request.QueryString["clientid"].ToString(), "configCompanyName");
Session["ConnectionString"] = Client.ConnectionString(HttpContext.Current.Session["clientid"].ToString());
Response.Cookies["clientid"].Value = System.Web.HttpContext.Current.Session["clientid"].ToString();
Response.Cookies["clientid"].Expires = DateTime.Now.AddDays(30);
}
else if (Request.QueryString["client"] != null && Request.QueryString["client"] != "")
{
Response.Cookies["clientCookie"].Value = System.Web.HttpContext.Current.Request.QueryString["client"].ToString();
Response.Cookies["clientCookie"].Expires = DateTime.Now.AddDays(30);
Session["client"] = System.Web.HttpContext.Current.Request.QueryString["client"].ToString();
Session["clientid"] = ClientConfig.ConfigurationsSlug(HttpContext.Current.Request.QueryString["client"].ToString(), "clientid");
Session["configTheme"] = ClientConfig.ConfigurationsSlug(HttpContext.Current.Session["client"].ToString(), "configTheme");
Session["configCompanyName"] = ClientConfig.ConfigurationsSlug(HttpContext.Current.Session["client"].ToString(), "configCompanyName");
Session["ConnectionString"] = Client.ConnectionString(HttpContext.Current.Session["clientid"].ToString());
Response.Cookies["clientidCookie"].Value = System.Web.HttpContext.Current.Session["clientid"].ToString();
Response.Cookies["clientidCookie"].Expires = DateTime.Now.AddDays(30);
}
}
else
{
if (Request.Cookies["clientidCookie"] != null)
{
Response.Redirect("login.aspx?clientid=" + Request.Cookies["clientidCookie"].Value.ToString());
}
else if (Session["clientid"] == null || Session["clientid"].ToString() == "")
{
Response.Redirect("err_default.htm");
}
}
connstring = Client.ConnectionString(HttpContext.Current.Session["clientid"].ToString());
//connstring = ConfigurationManager.ConnectionStrings["EBidConnectionString"].ConnectionString;
//Response.Write(connstring + ":" + ConfigurationManager.ConnectionStrings["EBidConnectionString"].ConnectionString);
if (connstring == "Data Source=COMPSERVER;Initial Catalog=ebid;User ID=sa;Password=Sqldbo@2012")
{
Response.Redirect("err_default.htm");
}
if (!IsPostBack)
{
if (!String.IsNullOrEmpty(User.Identity.Name))
{
FormsAuthenticationHelper.SignOut();
}
}
if (Request.QueryString["t"] != null)
{
if (Request.QueryString["t"] != "")
{
int i = int.Parse(Request.QueryString["t"]);
mView.ActiveViewIndex = i < mView.Views.Count ? i : 0;
if ((IsPostBack) && (i == 1))
{
btnSend_Click(null, null);
}
}
else
{
mView.ActiveViewIndex = 0;
}
}
else
{
mView.ActiveViewIndex = 0;
}
if (!IsPostBack)
{
if (Session["msg"] != null)
{
txtNote2.Text = Session["msg"].ToString();
Session["msg"] = null;
}
}
}
