protected void Page_Load(object sender, EventArgs e)
{
if (Page.IsPostBack)
{
string db = "Database.mdb";
MyAdoHelperAccess.ConnectToDb(db);
string uname = Request["username"];
string password = Request["password"];
string sql = "select * from tbl_users where uname='" + uname + "' and upass='******';";
if (uname == "admin" && MyAdoHelperAccess.IsExist(db, sql))
{
Session["username"] = uname;
Session["password"] = password;
Response.Redirect("Admin.aspx");
}
else if (MyAdoHelperAccess.IsExist(db, sql))
{
Session["username"] = uname;
Session["password"] = password;
Response.Redirect("index.aspx");
}
else
{
Response.Write("Incorrect user name or password.");
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
string db = "Database.mdb";
MyAdoHelperAccess.ConnectToDb(db);
dataTable.InnerHtml = MyAdoHelperAccess.printDataTableWithDelete(db, "select * from tbl_users");
}
protected void Page_Load(object sender, EventArgs e)
{
if (Page.IsPostBack)
{
string db = "Database.mdb";
MyAdoHelperAccess.ConnectToDb(db);
string firstname = Request["firstname"];
string lastname = Request["lastname"];
string uname = Request["username"];
string password = Request["password"];
string email = Request["email"];
string gender = Request["gender"];
string bday = Request["date"];
string phoneNum = Request["number"];
string sql = "select * from tbl_users where uname='" + uname + "';";
if (!MyAdoHelperAccess.IsExist(db, sql))
{
MyAdoHelperAccess.DoQuery(db, "insert into tbl_users (uname, Fname, Lname, upass, email, bday, gender, cellNum, phoneNum) values ('" + uname + "', '" + firstname + "', '" + lastname + "', '" + password + "', '" + email + "', '" + bday + "', '" + gender + "', '" + phoneNum.Substring(0, 3) + "', '" + phoneNum.Substring(3) + "');");
Session["username"] = uname;
Session["password"] = password;
Response.Redirect("Login.aspx");
}
else
{
Response.Write("The user \"" + uname + "\" already exists.");
}
}
}
protected void LoginSubmit_Click(object sender, EventArgs e)
{
bool isExsist = false;
var filename = string.Empty;
myAdoHelperAccess = new MyAdoHelperAccess();
if (UserName.Text != "" || Password.Text != "")
{
var sqlComm = "Select * From tbl_user where userName='******' and password ='******'";
isExsist = myAdoHelperAccess.IsExist(filename, sqlComm);
if (isExsist)
{
loginAttem = 1;
Response.Redirect("HtmlPage2.html");
}
else
{
if (userName == UserName.Text)
{
loginAttem++;
}
userName = UserName.Text;
Response.Redirect("Login.aspx");
}
}
else
{
Response.Redirect("Login.aspx");
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Page.IsPostBack)
{
string db = "Database.mdb";
MyAdoHelperAccess.ConnectToDb(db);
string sql = "select * from tbl_users";
string str = MyAdoHelperAccess.printDataTable(db, sql);
Response.Write(str);
}
}
protected void DeleteUser(object sender, EventArgs e)
{
int id = int.Parse(Request["IdBox"]);
string db = "Database.mdb";
MyAdoHelperAccess.ConnectToDb(db);
string sql = "delete from tbl_users where id = " + int.Parse(Request["IdBox"]) + ";";
MyAdoHelperAccess.DoQuery(db, "delete from tbl_users where id = " + int.Parse(Request["IdBox"]) + ";");
Response.Redirect(Request.RawUrl);
}
protected void RegisrationSubmit_Click(object sender, EventArgs e)
{
myAdoHelperAccess = new MyAdoHelperAccess();
RegistrationForm registrationForm = registaration();
var filename = string.Empty;
if (registrationForm.Password == null)
{
Response.Redirect("registration.aspx");
}
var sqlCommand = "INSERT INTO tbl_users (UserFirstName, UserLastName, BirthdatDate, UserName,UserPss,UserEmail)" +
"VALUES('" + registrationForm.FirstName.ToString() + "', '" + registrationForm.LastName.ToString() +
"', '" + registrationForm.DateOfBirth.ToString() + "','" + "', '" + registrationForm.UserName.ToString() +
"','" + registrationForm.Password.ToString() + "', '" + registrationForm.Email.ToString() + "')";
myAdoHelperAccess.DoQuery(filename, sqlCommand);
}
protected void GetUsersById(object sender, EventArgs e)
{
var filename = string.Empty;
myAdoHelperAccess = new MyAdoHelperAccess();
if (List.Text != "")
{
var sqlCommand = "SELECT * From tbl_users WHERE ID =" + List.Text;
DataTable userstbl = myAdoHelperAccess.ExecuteDatatable(filename, sqlCommand);
foreach (DataRow row in userstbl.Rows)
{
UserName.Text = row["UserName"].ToString();
LastName.Text = row["LastName"].ToString();
FirstName.Text = row["FirstName"].ToString();
Email.Text = row["Email"].ToString();
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Page.IsPostBack)
{
string uname = (string)Session["username"];
string password = (string)Session["password"];
string db = "Database.mdb";
string sql = "select * from tbl_users where uname='" + uname + "' and upass='******';";
bool selected = Request["accessibility"] == "on";
if (MyAdoHelperAccess.IsExist(db, sql))
{
string query = "update tbl_users\nset accessibility = " + selected + "\nwhere uname = '" + uname + "';";
MyAdoHelperAccess.DoQuery(db, query);
}
Response.Redirect("index.aspx");
}
}
protected void Page_Load(object sender, EventArgs e)
{
string DbName = "Database.accdb";
MyAdoHelperAccess.ConnectToDb(DbName);
}
