public string UserAuthentication_App(UserLogin_ML ml)
{
try
{
return new userLogin().authenticate_app(ml);
}
catch (Exception ex)
{
throw ex;
}
}
public bool UserAuthentication(UserLogin_ML ml)
{
try
{
return new userLogin().authenticate(ml);
}
catch(Exception ex)
{
throw ex;
}
}
public string authenticate_app(UserLogin_ML ml)
{
con = new SqlConnection(connectionString);
try
{
con.Open();
//cmd = new SqlCommand("select * from userAccounts where username =@username and password=@password", con);
cmd = new SqlCommand("sp_authenticate", con) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("@username", ml.username);
cmd.Parameters.AddWithValue("@password", ml.password);
adp = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
cmd.ExecuteNonQuery();
adp.Fill(dt);
if (dt.Rows.Count > 0)
{
foreach (DataRow row in dt.Rows)
{
var id = row["employee_id"].ToString();
var type = row["type"].ToString();
var name = row["EmpName"].ToString();
return id + "," + type + "," + name;
}
return "";
}
else
{
return "";
}
}
catch (Exception ex)
{
throw ex;
}
finally
{
con.Close();
}
}
/// <summary>
/// Method responsible to to the user authentication
/// </summary>
/// <param name="tblUser"></param>
/// <returns></returns>
public bool authenticate(UserLogin_ML ml)
{
con = new SqlConnection(connectionString);
try
{
con.Open();
//cmd = new SqlCommand("select * from userAccounts where username =@username and password=@password", con);
cmd = new SqlCommand("sp_authenticate", con) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("@username", ml.username);
cmd.Parameters.AddWithValue("@password", ml.password);
adp = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
cmd.ExecuteNonQuery();
adp.Fill(dt);
if (dt.Rows.Count == 1)
{
Session["Username"] = ml.username;
Session["EmpId"] = dt.Rows[0]["EmpId"].ToString();
Session["EmpName"] = dt.Rows[0]["EmpName"].ToString();
Session["type"] = dt.Rows[0]["type"].ToString();
return true;
}
else
{
return false;
}
}
catch (Exception ex)
{
throw ex;
}
finally
{
con.Close();
}
}
private void UserAuthenticate()
{
var User = new UserLogin_ML();
{
User.username = txtUsername.Value;
User.password = txtPassword.Value;
};
_state = new UserLogin_BL().UserAuthentication(User);
if (_state)
{
switch (Session["type"].ToString())
{
case "staff":
erroralert.Visible = false;
Response.Redirect("Views/Home.aspx");
break;
case "admin":
erroralert.Visible = false;
Response.Redirect("Views/Home.aspx");
break;
case "agent":
errorMsg.InnerText = "You do not have permission to access the system. Please contact system administrator";
erroralert.Visible = true;
break;
default:
errorMsg.InnerText = "Error occured.Please contact system administrator";
erroralert.Visible = true;
break;
}
}
else
{
errorMsg.InnerText = "Username or password you have entered is incorrect";
erroralert.Visible = true;
}
}