protected void submit_login(object sender, EventArgs e) { //login check if (username_validator.IsValid && password_validator.IsValid) { //check all validators //get data from database //SqlConnection con = new SqlConnection(WebConfigurationManager.ConnectionStrings["project"].ConnectionString); SqlConnection con = new SqlConnection(); con.ConnectionString = "Data Source = (localdb)\\MSSQLlocalDB;Initial Catalog=mini_project;Integrated Security=True"; try { con.Open(); String query = "SELECT * FROM users WHERE faculty_id='" + username.Text + "' AND password = '******'"; SqlCommand cmd = new SqlCommand(query, con); SqlDataReader reader = cmd.ExecuteReader(); if (reader.HasRows) { reader.Read(); //valid user,identify if admin or coordinator or normal faculty int isAdmin = Int32.Parse(reader["isAdmin"].ToString()); int isCoordinator = Int32.Parse(reader["isCoordinator"].ToString()); user faculty = new user(reader["faculty_id"].ToString(), reader["name"].ToString(), reader["subject"].ToString(), isAdmin, isCoordinator, reader["branch"].ToString(), reader["semester"].ToString(), reader["year"].ToString()); Session["user_logged_in"] = faculty; HttpCookie user_new = new HttpCookie("user_new"); if (isAdmin == 1) { //go to admin.aspx; user_new["user_type"] = "Administrator"; Response.Cookies.Add(user_new); Response.Redirect("admin.aspx?username="******"name"].ToString()); } else if (isCoordinator == 1) { //go to coordinator.aspx; Session["subject"] = faculty.get_subject(); Session["year"] = faculty.get_year(); Session["branch"] = faculty.get_branch(); user_new["user_type"] = "Coordinator"; Response.Cookies.Add(user_new); Response.Redirect("coordinator.aspx?username="******"name"].ToString()); } else { //go to faculty.aspx; user_new["user_type"] = "Faculty"; Response.Cookies.Add(user_new); Response.Redirect("faculty.aspx?username="******"name"].ToString()); } } else { //invalid user Response.Redirect("login.aspx"); } }catch (Exception ex) { Label1.Text = ex.ToString(); } finally { con.Close(); } } else { Response.Redirect("login.aspx"); } }
protected void add_question(object sender, EventArgs e) { user faculty = (user)Session["user_logged_in"]; if (question_validator.IsValid && marks_validator.IsValid) { SqlConnection con = new SqlConnection(); con.ConnectionString = "Data Source = (localdb)\\MSSQLlocalDB;Initial Catalog=mini_project;Integrated Security=True"; try { con.Open(); string isMcQ = "No"; if (mcq.Checked) { isMcQ = "Yes"; } String query = "INSERT INTO questions(question_name,marks,mcq,faculty_id,faculty_name,subject,branch,semester,year) VALUES("; query += "@question_name,@marks,@isMcq,@faculty_id,@faculty_name,@subject,@branch,@semester,@year)"; SqlCommand cmd = new SqlCommand(query, con); cmd.Parameters.AddWithValue("@question_name", question.Text); cmd.Parameters.AddWithValue("@marks", marks.Items[marks.SelectedIndex].Value.ToString()); cmd.Parameters.AddWithValue("@isMcq", isMcQ); cmd.Parameters.AddWithValue("@faculty_id", faculty.get_faculty_id()); cmd.Parameters.AddWithValue("@faculty_name", faculty.get_faculty_name()); cmd.Parameters.AddWithValue("@subject", faculty.get_subject()); cmd.Parameters.AddWithValue("@branch", faculty.get_branch()); cmd.Parameters.AddWithValue("@semester", faculty.get_semester()); cmd.Parameters.AddWithValue("@year", faculty.get_year()); int rows_affected = cmd.ExecuteNonQuery(); if (rows_affected == 0) { result.Text = "Fail,Please contact developer"; result.ForeColor = System.Drawing.Color.FromName("Red"); } else { result.Text = "Success"; result.ForeColor = System.Drawing.Color.FromName("Green"); } result.Visible = true; result.Enabled = true; question.Text = ""; } catch (Exception ex) { result.Text = ex.ToString(); result.ForeColor = System.Drawing.Color.FromName("Red"); result.Visible = true; result.Enabled = true; } finally { con.Close(); } //to bind gridview after update //try //{ // con.Open(); // string q = "Select id,question_name,marks,mcq FROM questions WHERE faculty_name = '"+faculty.get_faculty_id()+"'"; // SqlDataAdapter ad = new SqlDataAdapter(q, con); // DataTable dt = new DataTable(); // ad.Fill(dt); // if (dt.Rows.Count > 0) // { // GridView1.DataSource = dt; // GridView1.DataBind(); // } //} //catch (Exception ex) //{ //} //finally //{ // con.Close(); //} GridView1.DataSourceID = SqlDataSource1.ID; } }