public static void doSessionLogin(Sessionable.Session myNewSession) { var session = HttpContext.Current.Session; session["username"] = myNewSession.USERNAME; session["user-directory"] = myNewSession.USERDIR; session["timeout"] = myNewSession.TIMEOUT; session["basecase"] = myNewSession.BASECASE; session["scenario"] = myNewSession.SCENARIO; session["analysis"] = myNewSession.ANALYSIS; session["isModified"] = myNewSession.isMODIFIED; session["needsRecalc"] = true; if (myNewSession.USERNAME.Equals("admingla")) { session["isAdmin"] = false; } else { session["isDemo"] = false; } try { DbUse.RunMysql("UPDATE userlist SET userlist.userid = '" + String.Empty + "', userlist.sessionid = '" + GetSessionID() + "' WHERE userlist.username = '******' ; "); } catch { } }
protected void RunLogin() { string strUsername = Request.Form["txtUsername"];//should use Server.Htmlencode? strUsername = MyUtilities.clean(strUsername); string strPassword = Request.Form["txtPassword"];//should use Server.Htmlencode? try { if (!DbUse.CookiesEnabled()) { throw new Exception(ERROR_COOKIES); } if (strUsername == "" | strPassword == "") { throw new Exception("Please Enter a Username or Password"); } if (!IsValidCaptcha()) { throw new Exception("Captcha Rejected!"); } RecognizeUser(strUsername, strPassword); //IF IT DOES NOT THROW ERROR THEN USERNAME AND PASSWORD PAIR IS VALID bool adoOpened = DbUse.OpenAdoMysql(conn); string commandString = "SELECT * FROM userlist WHERE username = '******';"; bool adoRecOpened = DbUse.OpenAdoRec(conn, rec, commandString); string dbUserDir = rec.Fields["usersub"].Value.ToString(); string dbCurrentModel = rec.Fields["currentModel"].Value.ToString(); DbUse.CloseAdo(conn); DbUse.CloseAdoRec(rec); //Session["timeout"] = "false"; //Session["username"] = strUsername; //Session["user-directory"] = dbUserDir; //Session["Basecase-model"] = dbCurrentModel; //this.Master.passCurrentModelName(currentModel); //IDEALLY SOFTWARE WILL SAVE MODEL ON TIMEOUT/LOGOUT, AND SET MODEL TO NONE bool modelModified = GetModelModified(); if (currentModel.Equals("none")) { if (modelModified) { modelModified = false; SetModelModified(modelModified); } } //Session["isModified"] = modelModified; //this.Master.PassModelModified(modelModified); bool isWhatif = IsWhatifMode(); //Session["isScenario"] = isWhatif; if (isWhatif) { //this.Master.PassCurrentWhatifName(GetCurrentWhatif()); //Session["Scenario-model"] = GetCurrentWhatif(); } bool isAnalysis = IsAnalysisMode(); //Session["isAnalysis"] = isAnalysis; if (isAnalysis) { //this.Master.PassCurrentAnalysisName(GetCurrentAnalysis()); //Session["Analysis-model"] = GetCurrentAnalysis(); } Sessionable.Session myNewSession = new Sessionable.Session { USERNAME = strUsername, TIMEOUT = "false", USERDIR = dbUserDir, BASECASE = dbCurrentModel, isMODIFIED = modelModified, SCENARIO = GetCurrentWhatif(), ANALYSIS = GetCurrentAnalysis(), needsRECALC = true }; Sessionable.doSessionLogin(myNewSession); if (myNewSession.USERNAME != "admingla") { Response.Redirect("/models.aspx", true); } else { Response.Redirect("/mpx_admin.aspx", true); } } catch (Exception ex) { //loginCount++; //hidden1.Value = loginCount + ""; if (ex.Message.ToLower().IndexOf("object reference") == 0) { txtError += " " + ex.StackTrace; } else { txtError = ex.Message; } } lblError.Text = txtError; lblError.CssClass = "lblErrorVis"; }