private void btnLogin_Click(object sender, EventArgs e)
{
BPUsers bpUsers = new BPUsers();
int memberID;
string returnURL;
returnURL = Request.QueryString["returnUrl"];
if (returnURL == null)
{
returnURL = "Index.aspx";
}
memberID = bpUsers.Login(txtLoginID.Text, txtPassword.Text);
if (memberID > 0)
{
FormsAuthenticationTicket ticket;
string hash;
HttpCookie cookie;
ticket = new FormsAuthenticationTicket(1, txtLoginID.Text, DateTime.Now, DateTime.Now.AddMinutes(30), true, memberID + ";" + bpUsers.GetUserGroupPermissions(memberID), FormsAuthentication.FormsCookiePath);
hash = FormsAuthentication.Encrypt(ticket);
//new way
cookie = System.Web.Security.FormsAuthentication.GetAuthCookie(txtLoginID.Text, false, FormsAuthentication.FormsCookiePath);
cookie.Name = FormsAuthentication.FormsCookieName;
//cookie.Domain = "." + Request.ServerVariables["HTTP_HOST"];
cookie.Value = hash;
Response.AppendCookie(cookie);
Response.Redirect(returnURL);
}
else
{
lblErr.Visible = true;
}
}
private void btnSubmit_Click(object sender, System.EventArgs e)
{
BPUsers bp = new BPUsers();
DSUsers = bp.SelectByID(UserID);
BEUsers.tbl_UsersRow user = DSUsers.tbl_Users.FindByUserID(UserID);
user.LoginID = txtLoginName.Text;
user.Password = txtPassword.Text;
int testUserID = bp.Login(txtLoginName.Text, txtPassword.Text);
if (testUserID == 0 || testUserID == UserID)
{
bp.Update(DSUsers);
lblErr.Text = "";
Response.Redirect(HttpUtility.UrlDecode( Request.QueryString["ReturnUrl"]));
}
else
{
lblErr.Text = "Sorry username and password taken.";
}
}