Ejemplo n.º 1
0
        private LoginDetails ValidateUser(string username, string password)
        {
            LoginDetails obj = new LoginDetails();

            obj.IsAuthUser = false;
            try
            {
                SqlConnection  con = new SqlConnection(ConfigurationManager.ConnectionStrings["bs"].ConnectionString);
                SqlDataAdapter da;
                DataSet        ds    = new DataSet();
                string         query = "select * from users_table where username='******' and pwd='" + password.Trim() + "'";
                da = new SqlDataAdapter(query, con);
                con.Open();
                da.Fill(ds);
                if (ds.Tables[0].Rows.Count > 0)
                {
                    obj.IsAuthUser = true;
                    obj.UserName   = ds.Tables[0].Rows[0]["UserName"].ToString();
                    obj.UserId     = int.Parse(ds.Tables[0].Rows[0]["UserId"].ToString());
                    obj.Role       = ds.Tables[0].Rows[0]["Role"].ToString();
                }
            }
            catch (Exception ex)
            {
                obj.IsAuthUser = false;
            }
            return(obj);
        }
Ejemplo n.º 2
0
        protected void btnLogin_Click(object sender, EventArgs e)
        {
            SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["bs"].ConnectionString);

            conn.Open();
            String        checkuser = "******" + inputEmail.Value + "' and UserPassword='******'";
            SqlCommand    com       = new SqlCommand(checkuser, conn);
            SqlDataReader reader    = com.ExecuteReader();


            //conn.Close();
            if (reader.Read())
            {
                //conn.Open();

                Response.Write("password is correct");
                Response.Redirect("Home.aspx");
            }

            //reader.Close();
            //conn.Close();

            else if (inputEmail.Value.ToUpper() == "ADMIN" && inputPassword.Value.ToUpper() == "ADMIN@123")
            {
                Session["userid"]   = "1";
                Session["role"]     = "Admin";
                Session["username"] = "******";
                Session["IsAuth"]   = "true";
                Response.Redirect("Home.aspx");
            }

            else
            {
                LoginDetails log = ValidateUser(inputEmail.Value, inputPassword.Value);
                if (log.IsAuthUser)
                {
                    Session["userid"]   = log.UserId;
                    Session["username"] = log.UserName;
                    Session["IsAuth"]   = log.IsAuthUser;
                    Session["role"]     = log.Role;
                    Response.Redirect("Home.aspx");
                }

                else
                {
                    Response.Redirect("Login.aspx");
                }
            }
        }