public int ChangeUserPassword(Property objProp, string user) { int flag = 0; SqlConnection sqlCon = new SqlConnection(conStr); EncryptPassword objEncPwd = new EncryptPassword(); try { SqlCommand sqlCmd = new SqlCommand(); sqlCmd.Connection = sqlCon; sqlCmd.CommandText = "sp_ChangePassword"; sqlCmd.CommandType = CommandType.StoredProcedure; SqlParameter pUserID = sqlCmd.Parameters.Add("@UserID", SqlDbType.VarChar, 20); pUserID.Value = objProp.UserID; SqlParameter pOldPwd = sqlCmd.Parameters.Add("@OldPwd", SqlDbType.VarChar, 32); string encOldPwd = objEncPwd.EncryptText(objProp.OldPassword, "helloworld"); pOldPwd.Value = encOldPwd; SqlParameter pNewPwd = sqlCmd.Parameters.Add("@NewPwd", SqlDbType.VarChar, 32); string encNewPwd = objEncPwd.EncryptText(objProp.Password, "helloworld"); pNewPwd.Value = encNewPwd; SqlParameter pUser = sqlCmd.Parameters.Add("@User", SqlDbType.VarChar, 20); pUser.Value = user; SqlParameter pFlag = sqlCmd.Parameters.Add("@Flag", SqlDbType.Int); pFlag.Direction = ParameterDirection.Output; sqlCon.Open(); sqlCmd.ExecuteNonQuery(); flag = (int)pFlag.Value; } catch (SqlException SqlEx) { objNLog.Error("SQLException : " + SqlEx.Message); throw new Exception("Exception re-Raised from DL with SQLError# " + SqlEx.Number + " while Changing Password.", SqlEx); } catch (Exception ex) { objNLog.Error("Exception : " + ex.Message); throw new Exception("**Error occured while Changing Password.", ex); } finally { sqlCon.Close(); } return flag; }
protected void btnLogin_Click(object sender, EventArgs e) { try { Property objProp = new Property(); UserLoginBLL userLog = new UserLoginBLL(); EncryptPassword encPwd = new EncryptPassword(); TextBox txtUserID = (TextBox)phLogin.FindControl("txtUserID"); TextBox txtPwd = (TextBox)phLogin.FindControl("txtPassword"); string encPassword = encPwd.EncryptText(txtPwd.Text, "helloworld"); objProp.UserID = txtUserID.Text.Trim(); objProp.Password = encPassword.Trim(); if (userLog.LoginUser(objProp)) { Session["User"] = objProp.UserID; if ((string)Session["Role"] == "D") Response.Redirect("Home/DoctorHome.aspx"); else if ((string)Session["Role"] == "N") Response.Redirect("Home/NurseHome.aspx"); else if ((string)Session["Role"] == "P" || (string)Session["Role"] == "T") Response.Redirect("Home/PharmacistHome.aspx"); else if ((string)Session["Role"] == "C") Response.Redirect("Home/CSRHome.aspx"); else Response.Redirect("Patient/AllPatientProfile.aspx"); } else { Session["User"] = null; Label lblStatus = (Label)phLogin.FindControl("lblStatus"); lblStatus.Visible = true; lblStatus.Text = "Invalid UserID/Password..!"; objNLog.Error("Login failed for the user - " + txtUserID.Text); } } catch (Exception ex) { objNLog.Error("Error : " + ex.Message); } }
public int CreateUser(Property objUser, string user) { EncryptPassword encPwd = new EncryptPassword(); SqlConnection sqlCon = new SqlConnection(conStr); SqlCommand sqlCmd = new SqlCommand("sp_set_Users", sqlCon); sqlCmd.CommandType = CommandType.StoredProcedure; SqlParameter userid = sqlCmd.Parameters.Add("@User_ID", SqlDbType.VarChar, 50); userid.Value = objUser.UserID; SqlParameter passWord = sqlCmd.Parameters.Add("@Password", SqlDbType.VarChar, 32); string encP = encPwd.EncryptText(objUser.Password, "helloworld"); passWord.Value = encP.Trim(); SqlParameter comments = sqlCmd.Parameters.Add("@Comments", SqlDbType.VarChar, 50); comments.Value = objUser.Comments; SqlParameter stampsLoc = sqlCmd.Parameters.Add("@StampLoc", SqlDbType.VarChar, 50); stampsLoc.Value = objUser.StampLoc; if (objUser.EMPID > 0) { SqlParameter empID = sqlCmd.Parameters.Add("@Emp_ID", SqlDbType.Int); empID.Value = objUser.EMPID; SqlParameter DocID = sqlCmd.Parameters.Add("@Doc_ID", SqlDbType.Int); DocID.Value = int.Parse(objUser.DocID); SqlParameter empFName = sqlCmd.Parameters.Add("@Emp_FName", SqlDbType.VarChar,50); empFName.Value = objUser.EMPFName; SqlParameter empLName = sqlCmd.Parameters.Add("@Emp_LName", SqlDbType.VarChar, 50); empLName.Value = objUser.EMPLName; } SqlParameter Userrole = sqlCmd.Parameters.Add("@User_Role", SqlDbType.Char, 1); Userrole.Value = objUser.UserRole; SqlParameter User_type = sqlCmd.Parameters.Add("@User_Type", SqlDbType.Char, 1); User_type.Value = "N"; SqlParameter pUser = sqlCmd.Parameters.Add("@User", SqlDbType.VarChar, 20); pUser.Value = user; try { sqlCon.Open(); sqlCmd.ExecuteNonQuery(); resultFlag = 1; } catch (SqlException SqlEx) { objNLog.Error("SQLException : " + SqlEx.Message); throw new Exception("Exception re-Raised from DL with SQLError# " + SqlEx.Number + " while Registering User Profile.", SqlEx); } catch (Exception ex) { objNLog.Error("Exception : " + ex.Message); throw new Exception("**Error occured while Registering User Profile.", ex); } finally { sqlCon.Close(); } return resultFlag; }