protected void btnRemarks_Click(object sender, System.EventArgs e)
{
try
{
if (string.IsNullOrEmpty(txtRemarks.Text.Trim()))
{
this.ErrorMessage += "Remarks is Required <br />";
}
else
{
//Save Remarks
string strSql = string.Format("Update doctorpatient set doctorremarks='{0}' where " +
"doctorid = {1} and patientid = {2} ",
BaseDA.Escape(txtRemarks.Text.Trim()),
this.UserId, this.SelectedPId);
BaseDA.ExecuteNonQuery(strSql);
phRemarks.Visible = false;
this.SelectedPId = 0;
}
}
catch (Exception ex)
{
this.ErrorMessage = ex.Message;
}
}
protected void btnlogin_Click(object sender, EventArgs e)
{
try
{
// Checking for Required Fields
if (string.IsNullOrEmpty(txtuser.Text.Trim()))
{
this.ErrorMessage += "User Name is Required <br />";
}
if (string.IsNullOrEmpty(txtpassword.Text.Trim()))
{
this.ErrorMessage += "Password is Required<br />";
}
//Checking for Errors
if (string.IsNullOrEmpty(this.ErrorMessage))
{
DataSet ds = BaseDA.ExecuteDataSet(string.Format("select * from login where username = '******' and password ='******'",
BaseDA.Escape(txtuser.Text), BaseDA.Escape(txtpassword.Text)));
if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0)
{
DataRow dr = ds.Tables[0].Rows[0];
if (dr != null)
{
if (dr["Id"] != null)
{
this.UserId = Convert.ToInt32(dr["Id"]);
this.UserName = dr["lastname"].ToString() + " " + dr["firstname"].ToString();
this.IsAdmin = Convert.ToBoolean(dr["isadmin"]);
this.IsDoctor = Convert.ToBoolean(dr["isdoctor"]);
}
}
}
if (this.UserId > 0)
{
if (IsDoctor)
{
Response.Redirect("DoctorsPage.aspx", false);
}
else if (IsAdmin)
{
Response.Redirect("ClerksPage.aspx", false);
}
else
{
Response.Redirect("PatientEntry.aspx", false);
}
}
else
{
this.ErrorMessage += "Invalid Username or Password";
}
}
}
catch (Exception ex)
{
this.ErrorMessage = "Exception " + ex;
}
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
ErrorMessage = string.Empty;
try
{
StrErros = string.Empty;
if (string.IsNullOrEmpty(username))
{
ErrorMessage += "You donot have access to this page";
Response.Redirect("Default.aspx");
}
if (string.IsNullOrEmpty(txtPassword.Text.Trim()))
{
StrErros += "Password is required <br/>";
}
if (string.IsNullOrEmpty(txtRetypePassword.Text.Trim()))
{
StrErros += "Retype Password is required <br/>";
}
if (!string.IsNullOrEmpty(txtPassword.Text.Trim()) &&
!string.IsNullOrEmpty(txtRetypePassword.Text.Trim()))
{
if (txtPassword.Text.Trim() != txtRetypePassword.Text.Trim())
{
StrErros += "Password and Retyped Password must be the same <br/>";
}
}
if (string.IsNullOrEmpty(StrErros))
{
//update new password
string strSql = string.Format("Update login set password='******' where " +
"username = '******'",
BaseDA.Escape(txtPassword.Text.Trim()),
username);
BaseDA.ExecuteNonQuery(strSql);
Response.Redirect("PasswordChanged.aspx");
}
}
catch (Exception ex)
{
StrErros = "Exception " + ex;
}
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
ErrorMessage = string.Empty;
lblErrors.Text = string.Empty;
try
{
//check for required field validation
if (string.IsNullOrEmpty(txtUserId.Text.Trim()))
{
ErrorMessage += "User name is required <br/>";
}
/* if (Int16.Parse(listSecQuestion.SelectedValue.Trim())== -1)
* {
* ErrorMessage += "Security question is required <br/>";
* }*/
if (string.IsNullOrEmpty(txtAnswer.Text.Trim()))
{
ErrorMessage += "Answer is required <br/>";
}
if (string.IsNullOrEmpty(listMonth.SelectedValue.Trim()) || string.IsNullOrEmpty(txtDay.Text.Trim()) || string.IsNullOrEmpty(txtYear.Text.Trim()))
{
ErrorMessage += "Birthdate is required <br/>";
}
DateTime birthDate = DateTime.MinValue;
//Build birth date from the values entered and validate it
if (!string.IsNullOrEmpty(listMonth.SelectedValue.Trim()) && !string.IsNullOrEmpty(txtDay.Text.Trim()) && !string.IsNullOrEmpty(txtYear.Text.Trim()))
{
double Num;
bool isValidDay, isValidYear;
isValidDay = double.TryParse(txtDay.Text, out Num);
if (!isValidDay)
{
ErrorMessage = "Enter a valid date<br/>";
}
isValidYear = double.TryParse(txtYear.Text, out Num);
if (!isValidYear)
{
ErrorMessage = "Enter a valid date<br/>";
}
if (!IsValidDate(listMonth.SelectedValue, txtDay.Text.Trim(), txtYear.Text.Trim()))
{
ErrorMessage = "Enter a valid date<br/>";
}
}
if (!string.IsNullOrEmpty(ErrorMessage))
{
lblErrors.Text = ErrorMessage;
}
//Valid entry
if (string.IsNullOrEmpty(ErrorMessage))
{
int month = Int16.Parse(listMonth.SelectedValue);
int day = Int16.Parse(txtDay.Text.Trim());
int year = Int16.Parse(txtYear.Text.Trim());
birthDate = new DateTime(year, month, day);
string sql =
string.Format(
"SELECT * FROM LOGIN WHERE username= '******'and dob = '{1}' and securityQuestion= '{2}' and answer = '{3}'",
BaseDA.Escape(txtUserId.Text.Trim()), birthDate,
BaseDA.Escape(listSecQuestion.SelectedValue), BaseDA.Escape(txtAnswer.Text.Trim()));
DataSet ds = BaseDA.ExecuteDataSet(sql);
if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0)
{
DataRow dr = ds.Tables[0].Rows[0];
if (dr != null)
{
Response.Redirect("ChangePassword.aspx?username="******"User does not exist. Please check if you have entered valid information </BR>";
}
}
}
catch (Exception ex)
{
ErrorMessage = "Exception " + ex;
lblErrors.Text = ErrorMessage;
}
}
protected void btnRegister_Click(object sender, EventArgs e)
{
ErrorMessage = string.Empty;
lblErrors.Text = string.Empty;
try
{
//check for required field validation
if (string.IsNullOrEmpty(txtUserId.Text.Trim()))
{
ErrorMessage += "User name is required <br/>";
}
//check if the user name selected already exists in the database, if it exists its an invalid entry
if (!string.IsNullOrEmpty(txtUserId.Text.Trim()))
{
string userIdSql = string.Format("SELECT * FROM LOGIN WHERE username = '******'", BaseDA.Escape(txtUserId.Text.Trim()));
DataSet ds = BaseDA.ExecuteDataSet(userIdSql);
if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0)
{
DataRow dr = ds.Tables[0].Rows[0];
if (dr != null)
{
if (dr["Id"] != null)
{
ErrorMessage += "User name already exists. Please choose a different user name <br/>";
}
}
}
}
if (string.IsNullOrEmpty(txtPassword.Text.Trim()))
{
ErrorMessage += "Password is required <br/>";
}
if (string.IsNullOrEmpty(txtRetypePwd.Text.Trim()))
{
ErrorMessage += "Retype Password is required <br/>";
}
// check that password = retyped password
if (!string.IsNullOrEmpty(txtPassword.Text.Trim()) && !string.IsNullOrEmpty(txtRetypePwd.Text.Trim()))
{
if (txtPassword.Text.Trim() != txtRetypePwd.Text.Trim())
{
ErrorMessage += "Password and Retyped Password must be the same <br/>";
}
}
if (string.IsNullOrEmpty(txtFirstName.Text.Trim()))
{
ErrorMessage += "First name is required <br/>";
}
if (string.IsNullOrEmpty(txtLastName.Text.Trim()))
{
ErrorMessage += "Last name is required <br/>";
}
/* if (Int16.Parse(listSecQuestion.SelectedValue.Trim())== -1)
* {
* ErrorMessage += "Security question is required <br/>";
* }*/
if (string.IsNullOrEmpty(txtAnswer.Text.Trim()))
{
ErrorMessage += "Answer is required <br/>";
}
if (string.IsNullOrEmpty(listMonth.SelectedValue.Trim()) || string.IsNullOrEmpty(txtDay.Text.Trim()) || string.IsNullOrEmpty(txtYear.Text.Trim()))
{
ErrorMessage += "Birthdate is required <br/>";
}
DateTime birthDate = DateTime.MinValue;
//Build birth date from the values entered and validate it
if (!string.IsNullOrEmpty(listMonth.SelectedValue.Trim()) && !string.IsNullOrEmpty(txtDay.Text.Trim()) && !string.IsNullOrEmpty(txtYear.Text.Trim()))
{
double Num;
bool isValidDay, isValidYear;
isValidDay = double.TryParse(txtDay.Text, out Num);
if (!isValidDay)
{
ErrorMessage = "Enter a valid date<br/>";
}
isValidYear = double.TryParse(txtYear.Text, out Num);
if (!isValidYear)
{
ErrorMessage = "Enter a valid date<br/>";
}
if (!IsValidDate(listMonth.SelectedValue, txtDay.Text.Trim(), txtYear.Text.Trim()))
{
ErrorMessage = "Enter a valid date<br/>";
}
}
if (!string.IsNullOrEmpty(ErrorMessage))
{
lblErrors.Text = ErrorMessage;
}
//If there is no error message , Valid entry
if (string.IsNullOrEmpty(ErrorMessage))
{
int month = Int16.Parse(listMonth.SelectedValue);
int day = Int16.Parse(txtDay.Text.Trim());
int year = Int16.Parse(txtYear.Text.Trim());
birthDate = new DateTime(year, month, day);
//No validation errors, insert the entry
string sql = string.Format("INSERT INTO LOGIN (username ,password,firstname,lastname,gender,dob,address,securityQuestion,answer,isnewuser) VALUES ('{0}','{1}','{2}','{3}','{4}','{5}','{6}','{7}','{8}','{9}')",
BaseDA.Escape(txtUserId.Text), BaseDA.Escape(txtPassword.Text), BaseDA.Escape(txtFirstName.Text), BaseDA.Escape(txtLastName.Text), BaseDA.Escape(listGender.SelectedValue), birthDate, BaseDA.Escape(txtAddress.Text), BaseDA.Escape(listSecQuestion.SelectedValue), BaseDA.Escape(txtAnswer.Text), "TRUE");
BaseDA.ExecuteNonQuery(sql);
Response.Redirect("Default.aspx", true);
}
}
catch (Exception ex)
{
ErrorMessage = "Exception " + ex;
lblErrors.Text = ErrorMessage;
}
}