protected void btnLogin_Click1(object sender, EventArgs e) { if (uname.Text == string.Empty) { unameError.Text = "*"; pswError.Text = ""; roleError.Text = ""; } else if (psw.Text == string.Empty) { pswError.Text = "*"; unameError.Text = ""; roleError.Text = ""; } else if (role.SelectedValue == "-select-") { roleError.Text = "*"; unameError.Text = ""; pswError.Text = ""; } else { user use = new user(); staffRecord str = new staffRecord(); string userName = uname.Text; string password = psw.Text; string urole = role.SelectedValue; // var login = ""; try { if ((userName.Equals("jonathan")) && (password.Equals("admin"))) { Session["fullName"] = "Jonathan Monye"; Session["uname"] = userName; Session["role"] = urole; Response.Redirect("PrivateWeb/superAdminDashboard.aspx"); } else if (urole == "staff") { // bool passResult = false; try { var ulogin = db.users.Where(log => log.username == userName && log.role == urole && log.status == "active").First(); string hashPassword = ulogin.password; if (ulogin != null) { if (ValidatePassword(password, hashPassword) == true) { var staffRec = db.staffRecords.Where(us => us.staffId == ulogin.staffId).First(); string fullName = staffRec.lName + ", " + staffRec.fName + " " + staffRec.middleName; Session["fullName"] = fullName; Session["uname"] = userName; Session["role"] = urole; Session["staffId"] = staffRec.staffId; Response.Redirect("PublicWeb/index.aspx"); //Server.Transfer("PublicWeb/index.aspx"); // Response.Redirect("PublicWeb/index.aspx?you=value&uname=" + userName + "&role=" + urole+"&fname="+fullName+"&contact=contactyours"); } else { msg.Text = "password incorrect!...pls try again"; uname.Text = ""; psw.Text = ""; role.Text = "-select-"; roleError.Text = ""; unameError.Text = ""; pswError.Text = ""; } } else { msg.Text = "wrong login detail!... pls try again"; uname.Text = ""; psw.Text = ""; role.Text = "-select-"; roleError.Text = ""; unameError.Text = ""; pswError.Text = ""; } } catch (Exception) { msg.Text = "staff does not exist"; uname.Text = ""; psw.Text = ""; role.Text = "-select-"; roleError.Text = ""; unameError.Text = ""; pswError.Text = ""; } } else { try { var alogin = db.adminUsers.Where(lo => lo.userName == userName && lo.role == urole && lo.status == "active").First(); string hashPassword = alogin.password; bool testPsw = ValidatePassword(password, hashPassword); if (alogin != null) { if (testPsw) { string fullName = alogin.userName; Session["fullName"] = fullName; Session["uname"] = alogin.userName; Session["role"] = alogin.role; //Session["staffId"] = staffRec.staffId; if (alogin.role == "admin") { Response.Redirect("PrivateWeb/superAdminDashboard.aspx"); } if (alogin.role == "hr") { Response.Redirect("PrivateWeb/index.aspx"); } if (alogin.role == "inventory") { Response.Redirect("~/PrivateWeb/regAsset.aspx"); } if (alogin.role == "secret'l") { Response.Redirect("PublicWeb/postNews.aspx"); } } else { msg.Text = "password incorrect... please re-enter"; uname.Text = ""; psw.Text = ""; role.Text = "-select-"; roleError.Text = ""; unameError.Text = ""; pswError.Text = ""; } } else { msg.Text = "wrong login detail!... pls try again"; uname.Text = ""; psw.Text = ""; role.Text = "-select-"; roleError.Text = ""; unameError.Text = ""; pswError.Text = ""; } } catch (Exception) { msg.Text = "Admin does not exist"; uname.Text = ""; psw.Text = ""; role.Text = "-select-"; roleError.Text = ""; unameError.Text = ""; pswError.Text = ""; } } } catch (Exception) { //msg.Text = ex.Message; msg.Text = "invalid login"; uname.Text = ""; psw.Text = ""; role.Text = "-select-"; roleError.Text = ""; unameError.Text = ""; pswError.Text = ""; } } }
protected void Button1_Click(object sender, EventArgs e) { if (FileUpload1.HasFile) { string path = string.Concat((Server.MapPath("~/temp/" + FileUpload1.FileName))); FileUpload1.PostedFile.SaveAs(path); OleDbConnection OleDbcon = new OleDbConnection("Provider=Microsoft.Ace.OLEDB.12.0;Data Source=" + path + ";Extended Properties=Excel 12.0;"); OleDbCommand cmd = new OleDbCommand("select * from [Sheet1$]", OleDbcon); OleDbDataAdapter odr = new OleDbDataAdapter(cmd); OleDbcon.Open(); DataSet ds = new DataSet(); odr.Fill(ds); odr.Dispose(); OleDbcon.Close(); OleDbcon.Dispose(); using (niapsEntities1 db = new niapsEntities1()) { foreach (DataRow dr in ds.Tables[0].Rows) { try { staffRecord sr = new staffRecord(); sr.staffId = dr["staffIdNo"].ToString(); sr.fName = dr["FirstName"].ToString(); sr.lName = dr["LastName"].ToString(); sr.gender = dr["Gender"].ToString(); string dateString = dr["date_of_birth"].ToString(); DateTime result; result = DateTime.Parse(dateString); sr.dateOfBirth = result; string staffAge = ((DateTime.Now.Year) - (result.Year)).ToString(); sr.email = dr["email"].ToString(); sr.mobile = dr["mobile"].ToString(); sr.address = dr["address"].ToString(); sr.state = dr["state_of_origin"].ToString(); sr.Lga = dr["lga"].ToString(); sr.middleName = dr["MiddleName"].ToString(); sr.marritalStatus = dr["mStatus"].ToString(); sr.formOfIdentification = dr["form_of_identity"].ToString(); sr.passport = dr["passportLink"].ToString(); sr.age = Int32.Parse(staffAge); sr.idNumber = dr["id_number"].ToString(); sr.status = "active"; db.staffRecords.Add(sr); db.SaveChanges(); //populate user table with staff login parameters staffNextOfKin st = new staffNextOfKin(); st.staffId = dr["staffIdNo"].ToString(); st.fName = dr["nFirstName"].ToString(); st.lname = dr["last_name"].ToString(); st.gender = dr["gender"].ToString(); st.address = dr["address"].ToString(); st.contactMobile = dr["phone"].ToString(); st.relationship = dr["relationship"].ToString(); db.staffNextOfKins.Add(st); db.SaveChanges(); user use = new user(); use.email = dr["email"].ToString(); use.staffId = dr["staffIdNo"].ToString(); use.role = "staff"; use.username = dr["userName"].ToString(); string temPsw = randomPsw(); use.password = CreateHash(temPsw); use.status = "active"; db.users.Add(use); db.SaveChanges(); System.Net.Mail.MailMessage mail = new System.Net.Mail.MailMessage(); mail.To.Add(dr["email"].ToString()); mail.From = new MailAddress("*****@*****.**", "NIA Personnel System", System.Text.Encoding.UTF8); mail.Subject = "Your NIAPS Logon Detail"; mail.SubjectEncoding = System.Text.Encoding.UTF8; mail.Body = "Your account details on NIA Personnel System (NIAPS) are: <b />user name =" + dr["userName"].ToString() + " <b />password ="******"*****@*****.**", "niaps123"); client.Port = 587; client.Host = "smtp.gmail.com"; client.EnableSsl = true; client.Send(mail); } catch (Exception ex) { //continue; //Label1.ForeColor = Color.Red; Label1.Text = ex.Message; } } } Label1.ForeColor = Color.Green; Label1.Text = "Successfully inserted"; } else { Label1.ForeColor = Color.Red; Label1.Text = "Please select the file"; } }