Esempio n. 1
0
        private static void Checks(bool inDatabase)
        {
            if (inDatabase)
            {
                Helpers.Database.ParameterBuilder paramBuilder = new Helpers.Database.ParameterBuilder();
                paramBuilder.AddParameter(SqlDbType.VarChar, "@Username", Action.Username);
                paramBuilder.AddParameter(SqlDbType.VarChar, "@Password", Action.Password);

                using (SqlDataReader dataReader = Helpers.Database.Provider.ExecuteReader("/Sql/Specific/Login/retrieve.sql", paramBuilder.Parameters)) {
                    int timetableId;

                    if (dataReader.Read())
                    {
                        if (!int.TryParse(dataReader["TimetableId"].ToString(), out timetableId))
                        {
                            Redirects.MissingTimetableId();
                        }
                        else
                        if ((bool)dataReader["IsActive"])
                        {
                            // Temporary
                            if ((bool)dataReader["IsAdmin"])
                            {
                                UserManagement.Accounts.TeachingAccount account = new UserManagement.Accounts.TeachingAccount(
                                    dataReader["Username"] as string,
                                    dataReader["Password"] as string,
                                    dataReader["Title"] as string,
                                    dataReader["Forename"] as string,
                                    dataReader["Surname"] as string,
                                    dataReader["HoldingName"] as string,
                                    (int)dataReader["StaffId"],
                                    (int)dataReader["TimetableId"],
                                    (bool)dataReader["IsActive"],
                                    (bool)dataReader["IsAdmin"]);

                                Action.LoginUser(account);
                            }
                            // Temporary
                            else
                            {
                                Action.Redirects.NonAdmin();
                            }
                        }
                        else
                        {
                            Action.Redirects.Disabled();
                        }
                    }
                    else
                    {
                        Action.Redirects.Invalid();
                    }
                }
            }
            else
            {
                UserManagement.Accounts.Account account = WebServer.PleaseTakes.Session.CurrentInstance.School.Settings.NonTeachingAccounts[Action.Username];

                if (account.Password.Equals(Action.Password))
                {
                    if (account.IsActive)
                    {
                        Action.LoginUser(account);
                    }
                    else
                    {
                        Action.Redirects.Disabled();
                    }
                }
                else
                {
                    Action.Redirects.Invalid();
                }
            }
        }