protected void RegisterUser(object sender, EventArgs e)
{
UserNameValidation.Text = "";
EmailValidator.Text = "";
int userId = 0;
string constr = ConfigurationManager.ConnectionStrings["connection"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Insert_User"))
{
using (SqlDataAdapter sda = new SqlDataAdapter())
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", txtUsername.Text.Trim());
cmd.Parameters.AddWithValue("@Name", txtName.Text.Trim());
cmd.Parameters.AddWithValue("@Password", HashStrings.GetHashedString(txtPassword.Text.Trim()));
cmd.Parameters.AddWithValue("@Email", txtEmail.Text.Trim());
cmd.Parameters.AddWithValue("@Hash", HashStrings.GetHashedString(txtEmail.Text.Trim()));
cmd.Parameters.AddWithValue("@Verified", 1);
cmd.Connection = con;
con.Open();
userId = Convert.ToInt32(cmd.ExecuteScalar());
con.Close();
Session["userId"] = userId;
Response.Redirect("/folder/index");
}
}
string message = string.Empty;
switch (userId)
{
case -1:
UserNameValidation.Text = "El nombre de usuario ya existe.";
break;
case -2:
EmailValidator.Text = "El eMail introducido ya existe";
break;
default:
break;
}
}
if (Page.IsValid)
{
}
}
public void Logon_Click(object sender, EventArgs e)
{
var userPass = HashStrings.GetHashedString(UserPass.Text);
cmd.CommandText = "SELECT * FROM users WHERE email = '" + UserEmail.Text + "'AND password='******'";
cmd.Connection = con;
sda.SelectCommand = cmd;
sda.Fill(ds, "reg");
if (ds.Tables[0].Rows.Count > 0)
{
Msg.Text = "Data ok";
object hol = ds.Tables[0].Rows[0].ItemArray;
string userId = ds.Tables[0].Rows[0].ItemArray[0].ToString();
Session["userId"] = userId;
Response.Redirect("/folder/index");
}
else
{
Msg.Text = "Incorrect email or password.";
}
}
public string hash(string value)
{
value = value + DateTime.Now.ToString("yyyyMMddHHmmssfff");
return(HashStrings.GetHashedString(value));
}