private bool loginEMR(string emr, string userName, string password, string facilityName)
{
string emrConnString = "";
ClsUtility.Init_Hashtable();
Entity en = new Entity();
try
{
if (emr.ToLower() == "iqcare")
{
DataRow dr = (DataRow)en.ReturnObject(Entity.GetConnString(), ClsUtility.theParams
, "Select ConnString,DBase,DBName From aa_Database", ClsUtility.ObjectEnum.DataRow, serverType);
emrConnString = ClsUtility.Decrypt(dr["ConnString"].ToString());
string sPassword = ClsUtility.Encrypt(password);
string sSQL = "SELECT top 1 a.userID, a.UserName, a.Password, a.UserFirstName, a.UserLastName, c.GroupName, f.FacilityID, f.PosID MFLCode FROM " +
"(Select FacilityID, PosID FROM mst_Facility WHERE FacilityName = '" + facilityName + "') f, " +
"mst_user a " +
"INNER JOIN dbo.lnk_UserGroup b ON a.UserID = b.UserID " +
"INNER JOIN dbo.mst_Groups c ON b.GroupID = c.GroupID " +
"WHERE a.DeleteFlag = 0 AND a.UserName = '******' AND Password = '******'";
try
{
dr = (DataRow)en.ReturnObject(emrConnString, ClsUtility.theParams, sSQL, ClsUtility.ObjectEnum.DataRow, serverType);
}
catch (Exception ex)
{
if (ex.Message.Contains("There is no row at position 0"))
{
MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader, MessageBoxButtons.OK, MessageBoxIcon.Warning);
return(false);
}
else
{
MessageBox.Show(ex.Message, Assets.Messages.ErrorHeader);
return(false);
}
}
if (dr.Table.Rows.Count >= 1)
{
clsGbl.loggedInUser.UserID = Convert.ToInt16(dr["userID"]);
clsGbl.loggedInUser.UserName = dr["UserName"].ToString();
clsGbl.loggedInUser.Password = dr["Password"].ToString();
clsGbl.loggedInUser.FirstName = dr["UserFirstName"].ToString();
clsGbl.loggedInUser.LastName = dr["UserLastName"].ToString();
clsGbl.loggedInUser.Group = dr["GroupName"].ToString();
clsGbl.loggedInUser.FacilityID = Convert.ToInt16(dr["FacilityID"]);
clsGbl.loggedInUser.FacilityName = facilityName;
clsGbl.loggedInUser.MFLCode = dr["MFLCode"].ToString();
return(true);
}
else
{
MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader);
return(false);
}
}
else if (emr.ToLower() == "cpad")
{
DataRow dr = null;
string sPassword = ClsUtility.Encrypt(password);
string sSQL = "SELECT a.userID, a.UserName, a.Password, a.firstname, a.lastname, b.facilityname, a.salt FROM cpad.mst_user a" +
",(select a.facilityname from cpad.mst_facility a where configured = true limit 1)b " +
"WHERE a.DeleteFlag = false AND a.username = '******' limit 1";
try
{
dr = (DataRow)en.ReturnObject(Entity.getconnString(clsGbl.xmlPath), ClsUtility.theParams
, sSQL, ClsUtility.ObjectEnum.DataRow, serverType);
}
catch (Exception ex)
{
if (ex.Message.Contains("There is no row at position 0"))
{
MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader, MessageBoxButtons.OK, MessageBoxIcon.Warning);
return(false);
}
else
{
MessageBox.Show(ex.Message, Assets.Messages.ErrorHeader);
return(false);
}
}
if (dr.Table.Rows.Count >= 1)
{
string salt = dr["salt"].ToString();
string p = password + salt;
string s = ClsUtility.GetSHA1Hash(p);
if (s == dr["password"].ToString())
{
clsGbl.loggedInUser.UserID = Convert.ToInt16(dr["userID"]);
clsGbl.loggedInUser.UserName = dr["UserName"].ToString();
clsGbl.loggedInUser.Password = dr["Password"].ToString();
clsGbl.loggedInUser.FirstName = dr["FirstName"].ToString();
clsGbl.loggedInUser.LastName = dr["LastName"].ToString();
clsGbl.loggedInUser.FacilityName = dr["facilityname"].ToString();
return(true);
}
else
{
MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader, MessageBoxButtons.OK, MessageBoxIcon.Warning);
return(false);
}
}
else
{
MessageBox.Show(Assets.Messages.InvalidUser, Assets.Messages.ErrorHeader);
return(false);
}
}
else
{
return(true);
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, Assets.Messages.ErrorHeader);
return(false);
}
}