//[ValidateAntiForgeryToken] public ActionResult Login(LoginPageViewModel viewModel) { if (!ModelState.IsValid) { viewModel.ErrorMessage = "Please type your username"; return(PartialView(viewModel)); } if (string.IsNullOrEmpty(viewModel.Username) || string.IsNullOrEmpty(viewModel.Password)) { viewModel.ErrorMessage = "Please type your password"; return(PartialView(viewModel)); } claseDBSqlServer oDB = new claseDBSqlServer(); oDB.Procedure = "gs_sp_login"; oDB.AddParameter("@username", viewModel.Username, ParameterDirection.Input); oDB.AddParameter("@password", viewModel.Password, ParameterDirection.Input); oDB.AddParameter("@idrol", 0, ParameterDirection.InputOutput); oDB.AddParameter("@iduser", 0, ParameterDirection.InputOutput); oDB.ExecuteProcedureNonQuery(); int idrol = Convert.ToInt16(oDB.GetParameter("@idrol")); int iduser = Convert.ToInt16(oDB.GetParameter("@iduser")); oDB.Dispose(); if (iduser != 0) { SessionVar.Username = viewModel.Username; SessionVar.idrol = idrol; SessionVar.iduser = iduser; FormsAuthentication.SetAuthCookie(SessionVar.Username, false); return(RedirectToAction("Index", "Home")); } viewModel.ErrorMessage = "Login o contraseƱa incorrecta"; return(PartialView(viewModel)); }
public JsonResult ObtenerMenu() { int _id_rol = Convert.ToInt16(SessionVar.idrol); ArrayList data = new ArrayList(); claseDBSqlServer oDB = new claseDBSqlServer(); JsonResult result = new JsonResult(); try { oDB.ClearDataListArray(); oDB.Procedure = "gs_sp_obt_menu"; oDB.AddParameter("@IDROL", _id_rol); oDB.AddDataListArray(oDB.ExecuteProcedureDataList(), "opciones_menu"); data.AddRange(oDB.DataListArray); result = Json(data); oDB.Dispose(); return(result); } catch (Exception ex) { return(Json("Error: " + ex)); } }