protected void login_btn_Click(object sender, EventArgs e)
{
string query = "select count(*) from Users where Email = '" + text_userName.Text + "' AND Password = '******' ";
int rv = 0;
FUF_User execute = new FUF_User();
rv = execute.ExecuteQuery_ExecuteScalar(query);
if (rv > 0)
{
query = "Select * from Users where Email = '" + text_userName.Text + "' AND Password = '******' ";
DataSet ds = new DataSet();
ds = execute.ExecuteQuery_DataSet(query, "User_Data");
if (ds.Tables["User_Data"].Rows.Count > 0)
{
var cookieText = Encoding.UTF8.GetBytes(ds.Tables["User_Data"].Rows[0]["UserID"].ToString());
var encryptedValue = Convert.ToBase64String(MachineKey.Protect(cookieText, "ProtectedKey"));
Response.Cookies["UserID"].Value = encryptedValue;
Response.Cookies["UserID"].Expires = DateTime.Now.AddHours(2);
cookieText = Encoding.UTF8.GetBytes(ds.Tables["User_Data"].Rows[0]["UserName"].ToString());
encryptedValue = Convert.ToBase64String(MachineKey.Protect(cookieText, "ProtectedKey"));
Response.Cookies["UserName"].Value = encryptedValue;
Response.Cookies["UserName"].Expires = DateTime.Now.AddHours(2);
Response.Redirect("Home.aspx");
}
}
else
{
query = "select count(*) from Admin where AdminName = '" + text_userName.Text + "' AND Password = '******' ";
rv = execute.ExecuteQuery_ExecuteScalar(query);
if (rv > 0)
{
query = "Select * from Admin where AdminName = '" + text_userName.Text + "' AND Password = '******' ";
DataSet ds = new DataSet();
ds = execute.ExecuteQuery_DataSet(query, "AdminData");
if (ds.Tables["AdminData"].Rows.Count > 0)
{
var cookieText = Encoding.UTF8.GetBytes(ds.Tables["AdminData"].Rows[0]["UserID"].ToString());
var encryptedValue = Convert.ToBase64String(MachineKey.Protect(cookieText, "ProtectedKey"));
Response.Cookies["UserID"].Value = encryptedValue;
Response.Cookies["UserID"].Expires = DateTime.Now.AddHours(2);
cookieText = Encoding.UTF8.GetBytes(ds.Tables["AdminData"].Rows[0]["AdminName"].ToString());
encryptedValue = Convert.ToBase64String(MachineKey.Protect(cookieText, "ProtectedKey"));
Response.Cookies["AdminName"].Value = encryptedValue;
Response.Cookies["AdminName"].Expires = DateTime.Now.AddHours(2);
Response.Redirect("~/Admin/Dashboard.aspx");
}
else
{
ScriptManager.RegisterStartupScript(this, GetType(), "Script", "alert('Incorrect username or password');window.location='index.aspx'", true);
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
FUF_User execute = new FUF_User();
lbl_timer.Text = DateTime.Now.ToString("dddd dd MMMM yyyy hh:mm:ss tt");
var bytes = Convert.FromBase64String(Request.Cookies["UserID"].Value);
var output = MachineKey.Unprotect(bytes, "ProtectedKey");
string userID = Encoding.UTF8.GetString(output);
string query = "Select * from Admin where UserID = '" + userID + "' ";
DataSet ds = new DataSet();
ds = execute.ExecuteQuery_DataSet(query, "AdminData");
lbl_session.Text = "<span style='font-size:15px;color:#fff;'>Welcome..</span>" + ds.Tables["AdminData"].Rows[0]["AdminName"].ToString();
userImage.ImageUrl = ds.Tables["AdminData"].Rows[0]["ImagePath"].ToString();
}
string pageName = Path.GetFileName(Request.Path);
string[] Page = pageName.Split(new string[] { "." }, StringSplitOptions.None);
lbl_pageHeading.Text = Page[0].ToString();
page_icon.Attributes["class"] = "fa fa-" + Page[0].ToString().ToLower();
}
