public static employee_ru show_employees(string user_name) { string query = String.Format("SELECT employee_ru.emp_ru_name,position.pos_name,privilege.privil_status from ((employee_ru inner join user_control On user_control.emp_ru_id = employee_ru.emp_ru_id) inner join position On position.pos_id = employee_ru.pos_id) inner join privilege On privilege.emp_ru_id = employee_ru.emp_ru_id where user_control.uct_user = '******'", user_name); try { conn.Open(); command.CommandText = query; SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { string empname = reader.GetString(0); string posname = reader.GetString(1); string status = reader.GetString(2); employee_ru ru = new employee_ru(empname, posname, status, user_name); return(ru); } } finally { conn.Close(); } return(null); }
public static employee_ru show_employees_id(string user_name) { string query = String.Format("select employee_ru.emp_ru_id from employee_ru where employee_ru.emp_ru_name = '{0}'", user_name); try { conn.Open(); command.CommandText = query; SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { int emp_id = reader.GetInt32(0); employee_ru ru = new employee_ru(emp_id); return(ru); } } finally { conn.Close(); } return(null); }
public static employee_ru Login_employee_ru(string username, string password) { string query = String.Format("SELECT COUNT(*) from ((employee_ru inner join user_control On user_control.emp_ru_id = employee_ru.emp_ru_id) inner join position On position.pos_id = employee_ru.pos_id) inner join privilege On privilege.emp_ru_id = employee_ru.emp_ru_id where user_control.uct_user = '******'", username); command.CommandText = query; try { conn.Open(); int countuser = (int)command.ExecuteScalar(); if (countuser == 1) { query = String.Format("select user_control.uct_password from ((employee_ru inner join user_control On user_control.emp_ru_id = employee_ru.emp_ru_id) inner join position On position.pos_id = employee_ru.pos_id) inner join privilege On privilege.emp_ru_id = employee_ru.emp_ru_id where user_control.uct_user = '******'", username); command.CommandText = query; string dbpassword = command.ExecuteScalar().ToString(); if (dbpassword == password) { query = String.Format("select user_control.uct_user from ((employee_ru inner join user_control On user_control.emp_ru_id = employee_ru.emp_ru_id) inner join position On position.pos_id = employee_ru.pos_id) inner join privilege On privilege.emp_ru_id = employee_ru.emp_ru_id where user_control.uct_user = '******' ", username); command.CommandText = query; SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { string username1 = reader.GetString(0); employee_ru ru = new employee_ru(username, password, username1); return(ru); } return(null); } return(null); } else { return(null); } } finally { conn.Close(); } return(null); }
protected void btnlogin_Click(object sender, EventArgs e) { String Username = txtusername.Text; String Password = txtpassword.Text; employee_ru ru = employee_ru.Login_employee_ru(Username, Password); doctor doc = doctor.Login_doctor(Username, Password); nurse nu = nurse.Login_nurse(Username, Password); if (ru != null) { string user = ru.username; employee_ru show_name = employee_ru.show_employees(user); if (show_name != null) { if (show_name.status == "ได้รับสิทธิการรักษา") { Session["staff_name"] = show_name.emp_ru_name; if (show_name.pos_name == "เจ้าหน้าที่") { Response.Redirect("../Page/index_opd.aspx"); } else if (show_name.pos_name == "เวชระเบียน") { Response.Redirect("../Page/index_opd.aspx"); } else if (show_name.pos_name == "พยาบาล") { Response.Redirect("../Page/nurse_index_opd.aspx"); } else if (show_name.pos_name == "เภสัชกรณ์") { Response.Redirect("../Page/index_opd.aspx"); } else if (show_name.pos_name == "หัวหน้า") { Response.Redirect("../Page/index_opd.aspx"); } else { Response.Redirect("../Page/index_student.aspx"); } } else { // ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('ไม่ถูกยืนยันสิทธิการรักษา');", true); Session["staff_name"] = show_name.emp_ru_name; if (show_name.pos_name == "พยาบาล") { Response.Redirect("../Page/appointment_management_index.aspx"); // ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('เป็นพยาบาล');", true); } else { ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('ไม่ถูกยืนยันสิทธิการรักษา');", true); } } } } else if (doc != null) { Session["doc_name"] = doc.emp_doc_name; Session["doc_id"] = doc.emp_doc_id; Session["specialist"] = doc.emp_doc_specialist; Response.Redirect("../Page/index_doctor.aspx"); // ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('gfdtdryhththdyhn');", true); } else if (nu != null) { Session["nurse_name"] = nu.emp_ru_name; if (nu.pos_name == "พยาบาล") { Response.Redirect("../Page/appointment_management_index.aspx"); // ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('"+ nu.emp_ru_name + "');", true); } else { ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('ไม่ถูกยืนยันสิทธิการรักษา');", true); } // Response.Redirect("../Page/index_doctor.aspx"); } else { ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('ไม่พบข้อมูลในระบบ');", true); } }