Exemple #1
0
        //
        //  Function: public int LoginLogout(int Action, string UserName)
        //
        //  Arguments:  int pvAction = Type of action (0 = Logout, 1 = Login with system user, 2 = Login with Name)
        //              string pvUserName = User name if not using AD
        //
        //  Return Value: User_Info filled in with user data if successful login or blank if unsuccessful
        //
        //  Purpose: Logs a user in or out of the system.  Without being logged in, no actions can be performed

        public int LoginLogout(User_Info CUser, int pvAction, string pvUserName = "")
        {
            string UserName = pvUserName;

            // If the user name is blank then get it from the system and try to log in with AD security
            string connString = SQLConnString;

            // If logging out, then just wipe out the current user and return the blank one
            if (pvAction == 0)
            {
                CUser.User_Name = "";
                CUser.Access    = 0;
                CUser.User_ID   = 0;
                return(1);
            }

            // If using system user, then get it and process accordingly
            if (pvAction == 1)
            {
                UserName = new System.Security.Principal.WindowsPrincipal(System.Security.Principal.WindowsIdentity.GetCurrent()).Identity.Name;

                int duser;  // See if it's a domain user

                duser = UserName.IndexOf("\\");

                if (duser > 0)
                {
                    UserName = UserName.Substring(duser + 1);
                }
            }

            // If using an entered user, we don't need to do anything different so just carry on

            // Query the User Database for the user
            StringBuilder query = new StringBuilder("SELECT * FROM ");

            query.Append(tblUserInfo);
            query.Append(" WHERE User_Name ='");
            query.Append(UserName);
            query.Append("'");

            using (SqlConnection sqlCon = new SqlConnection(connString))
            {
                sqlCon.Open();
                SqlCommand SqlCmd = new SqlCommand(query.ToString(), sqlCon);
                using SqlDataReader reader = SqlCmd.ExecuteReader();
                while (reader.Read())
                {
                    CUser.User_Name = String.Format("{0}", reader[1]);
                    CUser.Access    = (int)reader[2];
                    CUser.User_ID   = (int)reader[0];
                }
                sqlCon.Close();
            }
            return(1);
        }
        public static string GetStaffId()
        {
            string domain = Environment.UserDomainName;
            //string domain = IPGlobalProperties.GetIPGlobalProperties().DomainName;

            string loginName = new System.Security.Principal.WindowsPrincipal(System.Security.Principal.WindowsIdentity.GetCurrent()).Identity.Name;

            string         username    = loginName.Substring(loginName.IndexOf('\\') + 1);
            DirectoryEntry domainEntry = new DirectoryEntry("LDAP://" + domain);

            DirectorySearcher searcher = new DirectorySearcher(domainEntry);

            searcher.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))";
            SearchResult   result = searcher.FindOne();
            DirectoryEntry entry  = result.GetDirectoryEntry();

            string account = entry.Properties["sAMAccountName"].Value.ToString();

            return(account);
        }