private void GetPagePrivilege() { try { IDbConnection connection = DataAccessLayer.DBManagerFactory.GetConnection(DataProvider.Oracle); connection.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString; string screenName = Path.GetFileName(Request.Url.AbsolutePath); connection.Open(); IDbCommand cmdPrivilege = DataAccessLayer.DBManagerFactory.GetCommand(DataProvider.Oracle); cmdPrivilege.CommandText = string.Format("SELECT PRIVILEGEID FROM SCREENPRIVILEGE WHERE SCREENNAME='{0}'", screenName.ToUpper()); cmdPrivilege.Connection = connection; int privilegeId = cmdPrivilege.ExecuteScalar() == null ? 0 : Convert.ToInt32(cmdPrivilege.ExecuteScalar()); CUSERDetails objUserDetails = new CUSERDetails(); objUserDetails = (CUSERDetails)Session["sesuUserDetails"]; IDbCommand cmdGroup = DataAccessLayer.DBManagerFactory.GetCommand(DataProvider.Oracle); cmdGroup.CommandText = string.Format("SELECT * FROM GROUPPRIVILEGE WHERE GROUPID={0} AND PRIVILEGEID={1}", objUserDetails.iGroupID, privilegeId); cmdGroup.Connection = connection; //int privilegeId = (int)cmdInsert.ExecuteScalar(); int Id = cmdGroup.ExecuteScalar() == null ? 0 : Convert.ToInt32(cmdGroup.ExecuteScalar()); connection.Close(); if (Id <= 0) { Response.Redirect("Error.aspx"); } } catch (Exception ex) { throw ex; } }
protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { if (Session["sesuUserDetails"] == null) { Response.Redirect("Login.aspx"); } CUSERDetails objUserDetails = new CUSERDetails(); objUserDetails = (CUSERDetails)Session["sesuUserDetails"]; groupId = objUserDetails.iGroupID; BindGroupDropdown(); BindUserTypeDropdown(); } }
// CHtmlFolder m_CHtmlFolder; protected void Page_Load(object sender, System.EventArgs e) { CUSERDetails objUserDetails = new CUSERDetails(); objUserDetails = (CUSERDetails)Session["sesuUserDetails"]; if (!IsPostBack) { } string strFolderSelection = null; //CDatabase m_db = default(CDatabase); object objConnection = null; //PrivilegeStack m_UserPrivilegeStack = default(PrivilegeStack); //nodePrivilegeStack m_nodePrivilegeStack = default(nodePrivilegeStack); int i = 0; ///'''''''''''' Step 1 Check for User Session if (objUserDetails == null) { return; } }
protected void btnlogin_Click(object sender, EventArgs e) { int iRecordsFetched = 0; int iTempGroupID = 0; m_db = new DBManager(DataProvider.Oracle); if (m_db == null) { Response.Redirect("Error_page.aspx?ERROR=UNABLE_CREATE_DBOBJ"); } ///''''''''''''If user clicked on login button check for username,password and selecttype are filled or not if they are not empty then proceed if (txtuser.Value.Length != 0 & txtpwd.Value.Length != 0) { m_db.ConnectionString = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString; m_db.Open(); if (m_db.Connection == null) { ///''''''' If Failed to Eastablish database Connection Show Error Page to the User // strstacktrace = HttpUtility.UrlEncode(m_db.Exception_str) strstacktrace = ""; Response.Redirect("Error_page.aspx?ERROR=DATABASE_CONNECTION_FAILED&MESSAGE=" + strstacktrace); } ///''''''''''' Form the query to get the login userdetails from tbl_usermaster // strQry = "select tbl_usermaster.userid,tbl_usermaster.usertypeflag,tbl_usermaster.webaccountflag,usersmemberslink.memberid,upper(username) as username,grp.groupid,grp.groupname from tbl_usermaster inner join groupe as grp on tbl_usermaster.groupid=grp.groupid inner join usersmemberslink on tbl_usermaster.userid=usersmemberslink.userid where username='******' and password='******' and tbl_usermaster.activated=1 and tbl_usermaster.webaccountflag=1" //strQry = "select usermaster.userid,usermaster.usertypeflag,usermaster.webaccountflag,upper(username) as username,grp.groupid,grp.groupname from usermaster inner join groupe as grp on usermaster.groupid=grp.groupid where username='******' and password='******' and usermaster.activated=1 and usermaster.webaccountflag=1"; //strQry = "select usermaster.userid,upper(username) as username from usermaster ";// where username='******' and password='******'"; strQry = string.Format("select users.userid,upper(username) as username,groupid from users where username='******' and userpassword='******'", txtuser.Value, txtpwd.Value); objDataset = m_db.ExecuteDataSet(CommandType.Text, strQry); if (objDataset == null) { m_db.Close(); m_db.Dispose(); // strstacktrace = HttpUtility.UrlEncode(m_db.Exception_str) Response.Redirect("Error_page.aspx?ERROR=RECORDSET_FETCH_FAILED&MESSAGE=" + strstacktrace); } ///'''''''''''''' get the no of records that exsist for the framed query iRecordsFetched = int.Parse(objDataset.Tables[0].Rows.Count.ToString()); ///''''''''''''' if no records present give msg to the user alerting him that he is invalid user if (iRecordsFetched == 0) { txtuser.Focus(); } else { ///'''''''''''' if records present get all the userdetails and store them inside a session CUSERDetails objUserDetails = new CUSERDetails(); objUserDetails.iUserID = Convert.ToInt32(objDataset.Tables[0].Rows[0]["userid"].ToString()); objUserDetails.strUserName = objDataset.Tables[0].Rows[0]["username"].ToString(); objUserDetails.iGroupID = Convert.ToInt32(objDataset.Tables[0].Rows[0]["groupid"]); //objUserDetails.strGroupName = objDataset.Tables[0].Rows[0]["groupname"].ToString(); objUserDetails.iMemberID = "1"; //objDataset.Tables(0).Rows(0)("memberid").ToString() //objUserDetails.iRooterFlag = Convert.ToInt32(objDataset.Tables[0].Rows[0]["usertypeflag"]); //objUserDetails.iWebAccountFlag = Convert.ToInt32(objDataset.Tables[0].Rows[0]["webaccountflag"]); //objUserDetails.iUserID = CType(objDataset.Tables(0).Rows(0)("userid").ToString(), Integer) //objUserDetails.strUserName = objDataset.Tables(0).Rows(0)("username").ToString() //objUserDetails.iGroupID = 4 ' CType(objDataset.Tables(0).Rows(0)("groupid"), Integer) //objUserDetails.strGroupName = objDataset.Tables(0).Rows(0)("groupname").ToString() //objUserDetails.iMemberID = 1 'objDataset.Tables(0).Rows(0)("memberid").ToString() //objUserDetails.iRooterFlag = 1 'CType(objDataset.Tables(0).Rows(0)("usertypeflag"), Integer) //objUserDetails.iWebAccountFlag = 1 'CType(objDataset.Tables(0).Rows(0)("webaccountflag"), Integer) Session["sesuUserDetails"] = objUserDetails; objDataset.Dispose(); // Free dataset m_db.Close(); // Free SQL Connection iTempGroupID = objUserDetails.iGroupID; objUserDetails = null; m_db = null; //Response.Redirect("~/frmNewConnection.aspx"); Response.Redirect("SBMUpload.aspx"); } } }