protected void RegisterUser(object sender, EventArgs e)
    {
        UserNameValidation.Text = "";
        EmailValidator.Text     = "";

        int    userId = 0;
        string constr = ConfigurationManager.ConnectionStrings["connection"].ConnectionString;

        using (SqlConnection con = new SqlConnection(constr))
        {
            using (SqlCommand cmd = new SqlCommand("Insert_User"))
            {
                using (SqlDataAdapter sda = new SqlDataAdapter())
                {
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.Parameters.AddWithValue("@Username", txtUsername.Text.Trim());
                    cmd.Parameters.AddWithValue("@Name", txtName.Text.Trim());
                    cmd.Parameters.AddWithValue("@Password", HashStrings.GetHashedString(txtPassword.Text.Trim()));
                    cmd.Parameters.AddWithValue("@Email", txtEmail.Text.Trim());
                    cmd.Parameters.AddWithValue("@Hash", HashStrings.GetHashedString(txtEmail.Text.Trim()));
                    cmd.Parameters.AddWithValue("@Verified", 1);
                    cmd.Connection = con;
                    con.Open();
                    userId = Convert.ToInt32(cmd.ExecuteScalar());
                    con.Close();

                    Session["userId"] = userId;
                    Response.Redirect("/folder/index");
                }
            }
            string message = string.Empty;
            switch (userId)
            {
            case -1:
                UserNameValidation.Text = "El nombre de usuario ya existe.";
                break;

            case -2:
                EmailValidator.Text = "El eMail introducido ya existe";
                break;

            default:
                break;
            }
        }
        if (Page.IsValid)
        {
        }
    }
Exemple #2
0
    public void Logon_Click(object sender, EventArgs e)
    {
        var userPass = HashStrings.GetHashedString(UserPass.Text);

        cmd.CommandText   = "SELECT * FROM users WHERE email = '" + UserEmail.Text + "'AND password='******'";
        cmd.Connection    = con;
        sda.SelectCommand = cmd;
        sda.Fill(ds, "reg");

        if (ds.Tables[0].Rows.Count > 0)
        {
            Msg.Text = "Data ok";
            object hol    = ds.Tables[0].Rows[0].ItemArray;
            string userId = ds.Tables[0].Rows[0].ItemArray[0].ToString();

            Session["userId"] = userId;

            Response.Redirect("/folder/index");
        }
        else
        {
            Msg.Text = "Incorrect email or password.";
        }
    }
Exemple #3
0
 public string hash(string value)
 {
     value = value + DateTime.Now.ToString("yyyyMMddHHmmssfff");
     return(HashStrings.GetHashedString(value));
 }