public static bool UserRegister(User _user)
{
string CS = ConnectSQL.GetConnectionString();
// SqlConnection is in System.Data.SqlClient namespace
using (SqlConnection con = new SqlConnection(CS))
{
SqlCommand cmd = new SqlCommand("spRegisterUser", con);
cmd.CommandType = CommandType.StoredProcedure;
SqlParameter username = new SqlParameter("@UserName", _user.Username);
// FormsAuthentication calss is in System.Web.Security namespace
string encryptedPassword = FormsAuthentication.
HashPasswordForStoringInConfigFile(_user.Password, "SHA1");
SqlParameter password = new SqlParameter("@Password", encryptedPassword);
SqlParameter email = new SqlParameter("@Email", _user.EmailID);
cmd.Parameters.Add(username);
cmd.Parameters.Add(password);
cmd.Parameters.Add(email);
con.Open();
int ReturnCode = (int)cmd.ExecuteScalar();
return(ReturnCode == 1);
}
}
public static bool AuthenticateUser(string username, string password)
{
// ConfigurationManager class is in System.Configuration namespace
string CS = ConnectSQL.GetConnectionString();
// SqlConnection is in System.Data.SqlClient namespace
using (SqlConnection con = new SqlConnection(CS))
{
SqlCommand cmd = new SqlCommand("spAuthenticateUser", con);
cmd.CommandType = CommandType.StoredProcedure;
// FormsAuthentication is in System.Web.Security
string EncryptedPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "SHA1");
// SqlParameter is in System.Data namespace
SqlParameter paramUsername = new SqlParameter("@UserName", username);
SqlParameter paramPassword = new SqlParameter("@Password", EncryptedPassword);//we are not using authentiacated password ,use EncryptedPassword to use authenticated password
cmd.Parameters.Add(paramUsername);
cmd.Parameters.Add(paramPassword);
con.Open();
int ReturnCode = (int)cmd.ExecuteScalar();
return(ReturnCode == 1);
}
}
public static List <User> GetAllusers()
{
List <User> userlist = new List <User>();
using (SqlConnection con = new SqlConnection(ConnectSQL.GetConnectionString()))
{
try
{
con.Open();
SqlCommand cmd = new SqlCommand("select UserID,Username,Rowstatus from inz_USERS", con);
SqlDataReader rdr = cmd.ExecuteReader();
if (rdr.HasRows)
{
while (rdr.Read())
{
User user = new User();
user.UserID = (int)rdr["UserID"];
user.Username = rdr["Username"].ToString();
user.Rowstatus = Convert.ToChar(rdr["Rowstatus"]);
userlist.Add(user);
}
}
}
catch (Exception)
{
throw;
}
finally
{
con.Close();
}
}
return(userlist);
}
public IEnumerable <FileEntity> GetFileDetails(int UserId)
{
List <FileEntity> FilesCollection = new List <FileEntity>();
SqlCommand cmd;
using (SqlConnection con = new SqlConnection(ConnectSQL.GetConnectionString()))
{
con.Open();
if (UserId == 0)//is admin
{
cmd = new SqlCommand("select * from inz_file order by 1 desc", con);
}
else
{
cmd = new SqlCommand("select * from inz_file order by 1 desc", con);
cmd.Parameters.AddWithValue("@UserID", UserId);
}
cmd.CommandType = CommandType.Text;
SqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
FileEntity _File = new FileEntity();
_File.FileId = (int)rdr["FileID"];
_File.Name = rdr["FileName"].ToString();
_File.Description = rdr["Description"].ToString();
_File.FileType = rdr["FileType"].ToString();
_File.Document = rdr["DocumentName"].ToString();
FilesCollection.Add(_File);
}
}
return(FilesCollection);
}
public static bool SaveFileToDatabase(FileEntity file)
{
using (SqlConnection con = new SqlConnection(ConnectSQL.GetConnectionString()))
{
try
{
con.Open();
int FileId = 0;
SqlCommand cmd = new SqlCommand("spInsertFileDetails", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@FileName", file.Name);
cmd.Parameters.AddWithValue("@description", file.Description);
cmd.Parameters.AddWithValue("@Key", file.Key);
cmd.Parameters.AddWithValue("@UserId", file.UserId);
cmd.Parameters.AddWithValue("@IsEncrypted", 1);
cmd.Parameters.AddWithValue("@FileType", file.FileType);
cmd.Parameters.AddWithValue("@Document", file.Document);
//FileId = (int)cmd.ExecuteScalar();
return(InsertInitalApproveForCurrentUser(FileId));
}
catch (Exception)
{
throw;
}
finally
{
con.Close();
}
}
}
public IEnumerable <FileEntity> GetAllFiles()
{
List <FileEntity> FilesCollection = new List <FileEntity>();
using (SqlConnection con = new SqlConnection(ConnectSQL.GetConnectionString()))
{
con.Open();
SqlCommand cmd = new SqlCommand("select * from inz_file", con);
cmd.CommandType = CommandType.Text;
SqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
FileEntity _File = new FileEntity();
_File.FileId = (int)rdr["FileID"];
_File.Name = rdr["FileName"].ToString();
_File.Description = rdr["Description"].ToString();
_File.FileType = rdr["FileType"].ToString();
_File.Document = rdr["DocumentName"].ToString();
FilesCollection.Add(_File);
}
}
return(FilesCollection);
}