protected void btnlogin_Click(object sender, EventArgs e)
    {
        string username = txtusername.Text;
        string password = txtpassword.Text;
        IBusinessAuthentication ibau = GenericFactory <BusinessLayer, IBusinessAuthentication> .CreateInstance();

        string acceslevel = ibau.isValidUser(username, password);

        if (acceslevel != "")
        {
            string roles = ibau.GetRolesForUser(username);
            FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(30), false, roles);
            string     encryptedTicket           = FormsAuthentication.Encrypt(authTicket);
            HttpCookie authCookie = new HttpCookie
                                        (FormsAuthentication.FormsCookieName, encryptedTicket);
            Response.Cookies.Add(authCookie);

            //FormsAuthentication.RedirectFromLoginPage(username.ToString(), true);
            SessionFacade.USERNAME = username;
            SessionFacade.ROLE     = roles;
            Response.Redirect(FormsAuthentication.GetRedirectUrl(username, true));
        }
        else
        {
            lblStatus.Text = "Invalid login for Requested Page";
        }
    }
    protected void btnRegister_Click(object sender, EventArgs e)
    {
        if (Page.IsValid)
        {
            try
            {
                string             uname    = txtUsername.Text;
                string             fname    = txtFirstName.Text;
                string             lname    = txtLastName.Text;
                string             street   = txtAddress.Text;
                string             city     = txtCity.Text;
                string             state    = txtState.Text;
                string             zipcode  = txtZipcode.Text;
                string             email    = txtEmail.Text;
                string             ccnum    = txtCCNumber.Text;
                string             expdate  = txtCCExpiration.Text;
                string             cctype   = ddlCCType.SelectedItem.ToString();
                string             password = txtPW.Text;
                string             phint    = txtPWHintQ.Text;
                string             pAns     = txtPWHintA.Text;
                IBusinessFunctions ibf      = GenericFactory <BusinessLayer, IBusinessFunctions> .CreateInstance();

                IBusinessAuthentication ibu = GenericFactory <BusinessLayer, IBusinessAuthentication> .CreateInstance();

                bool isvalidUsername = ibf.checkUsername(uname);
                if (isvalidUsername)
                {
                    lblStatus.Text = "Please choose a different Username as this already exists";
                    throw new Exception("duplicate username");
                }
                else
                {
                    int    regusers      = ibf.RegisterUsers(uname, password, phint, pAns);
                    string userId        = ibu.isValidUser(uname, password);
                    int    rows_affected = ibf.RegisterCustomer(userId, fname, lname, street, city, state, zipcode, ccnum, cctype, expdate, email);
                    if (rows_affected > 0)
                    {
                        SessionFacade.CUSTOMERID = userId;
                        Response.Redirect("ConfirmCheckOut.aspx");
                    }
                }
            }
            catch (Exception ex)
            {
                lblStatus.Text = ex.Message;
            }
        }
    }
    protected void btnlogin_Click(object sender, EventArgs e)
    {
        IBusinessAuthentication ibau = GenericFactory <BusinessLayer, IBusinessAuthentication> .CreateInstance();

        try
        {
            string username = ibau.isValidUser(Utils.StripPunctuation(txtusername.Text), Utils.StripPunctuation(txtpassword.Text));

            if (username != null)
            {
                SessionFacade.CUSTOMERID = username;
                lblStatus.Text           = "Welcome " + txtusername.Text;
                Response.Redirect("ConfirmCheckOut.aspx");
            }
            else
            {
                lblStatus.Text = "Invalid User";
            }
        }
        catch (Exception ex)
        {
            lblStatus.Text = ex.Message;
        }
    }