public string CheckAccess(User User) { string userName = User.UserName; string password = User.Password; string access = "0"; string encPassword; string key = "AmitLalJoshi"; encPassword = ConnectionDbInfo.Encrypt(password, key); using (SqlConnection cnMain = new SqlConnection(ConnectionDbInfo.ConnectionString)) { cnMain.Open(); //dt = new DataTable(); try { var dt = cnMain.ExecuteScalar <string>("SELECT AUTHORIZE FROM USERPROFILES WHERE UNAME='" + userName + "' AND PASSWORD='******'", cnMain); if (dt == null) { dt = "Incorrect username or password "; } return(dt); } catch (Exception e) { return(e.Message); } } }
public string postuserVerification(User User) { string USERNAME = User.UserName; string PASSWORD = User.Password; string UNIQUEID = User.UniqueID; string encPassword; string key = "AmitLalJoshi"; encPassword = ConnectionDbInfo.Encrypt(PASSWORD, key); using (SqlConnection cnMain = new SqlConnection(ConnectionDbInfo.ConnectionString)) { cnMain.Open(); try { registerDevice(UNIQUEID, cnMain); int i = cnMain.ExecuteScalar <int>("SELECT COUNT(*) FROM USERPROFILES WHERE UNAME='" + USERNAME + "' AND PASSWORD='******'", cnMain); if (i > 0) { i = cnMain.ExecuteScalar <int>("SELECT COUNT(*) FROM RMD_DEVICEVALIDATION WHERE UNIQUEID='" + UNIQUEID + "'", cnMain); if (i > 0) { return("1"); } } return("0"); } catch (Exception e) { return(e.Message); } } }