private bool loginEMR(string emr, string userName, string password, string facilityName) { string emrConnString = ""; ClsUtility.Init_Hashtable(); Entity en = new Entity(); try { if (emr.ToLower() == "iqcare") { DataRow dr = (DataRow)en.ReturnObject(Entity.GetConnString(), ClsUtility.theParams , "Select ConnString,DBase,DBName From aa_Database", ClsUtility.ObjectEnum.DataRow, serverType); emrConnString = ClsUtility.Decrypt(dr["ConnString"].ToString()); string sPassword = ClsUtility.Encrypt(password); string sSQL = "SELECT top 1 a.userID, a.UserName, a.Password, a.UserFirstName, a.UserLastName, c.GroupName, f.FacilityID, f.PosID MFLCode FROM " + "(Select FacilityID, PosID FROM mst_Facility WHERE FacilityName = '" + facilityName + "') f, " + "mst_user a " + "INNER JOIN dbo.lnk_UserGroup b ON a.UserID = b.UserID " + "INNER JOIN dbo.mst_Groups c ON b.GroupID = c.GroupID " + "WHERE a.DeleteFlag = 0 AND a.UserName = '******' AND Password = '******'"; try { dr = (DataRow)en.ReturnObject(emrConnString, ClsUtility.theParams, sSQL, ClsUtility.ObjectEnum.DataRow, serverType); } catch (Exception ex) { if (ex.Message.Contains("There is no row at position 0")) { MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader, MessageBoxButtons.OK, MessageBoxIcon.Warning); return(false); } else { MessageBox.Show(ex.Message, Assets.Messages.ErrorHeader); return(false); } } if (dr.Table.Rows.Count >= 1) { clsGbl.loggedInUser.UserID = Convert.ToInt16(dr["userID"]); clsGbl.loggedInUser.UserName = dr["UserName"].ToString(); clsGbl.loggedInUser.Password = dr["Password"].ToString(); clsGbl.loggedInUser.FirstName = dr["UserFirstName"].ToString(); clsGbl.loggedInUser.LastName = dr["UserLastName"].ToString(); clsGbl.loggedInUser.Group = dr["GroupName"].ToString(); clsGbl.loggedInUser.FacilityID = Convert.ToInt16(dr["FacilityID"]); clsGbl.loggedInUser.FacilityName = facilityName; clsGbl.loggedInUser.MFLCode = dr["MFLCode"].ToString(); return(true); } else { MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader); return(false); } } else if (emr.ToLower() == "cpad") { DataRow dr = null; string sPassword = ClsUtility.Encrypt(password); string sSQL = "SELECT a.userID, a.UserName, a.Password, a.firstname, a.lastname, b.facilityname, a.salt FROM cpad.mst_user a" + ",(select a.facilityname from cpad.mst_facility a where configured = true limit 1)b " + "WHERE a.DeleteFlag = false AND a.username = '******' limit 1"; try { dr = (DataRow)en.ReturnObject(Entity.getconnString(clsGbl.xmlPath), ClsUtility.theParams , sSQL, ClsUtility.ObjectEnum.DataRow, serverType); } catch (Exception ex) { if (ex.Message.Contains("There is no row at position 0")) { MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader, MessageBoxButtons.OK, MessageBoxIcon.Warning); return(false); } else { MessageBox.Show(ex.Message, Assets.Messages.ErrorHeader); return(false); } } if (dr.Table.Rows.Count >= 1) { string salt = dr["salt"].ToString(); string p = password + salt; string s = ClsUtility.GetSHA1Hash(p); if (s == dr["password"].ToString()) { clsGbl.loggedInUser.UserID = Convert.ToInt16(dr["userID"]); clsGbl.loggedInUser.UserName = dr["UserName"].ToString(); clsGbl.loggedInUser.Password = dr["Password"].ToString(); clsGbl.loggedInUser.FirstName = dr["FirstName"].ToString(); clsGbl.loggedInUser.LastName = dr["LastName"].ToString(); clsGbl.loggedInUser.FacilityName = dr["facilityname"].ToString(); return(true); } else { MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader, MessageBoxButtons.OK, MessageBoxIcon.Warning); return(false); } } else { MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader); return(false); } } else { return(true); } } catch (Exception ex) { MessageBox.Show(ex.Message, Assets.Messages.ErrorHeader); return(false); } }