public bool Login(string uid, string pwd, string host, string sessionid) {
if (uid.Length == 0) return false;
bool success = false;
pwd = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "SHA1");
SqlConnection con = new SqlConnection(strCon);
SqlCommand sql = new SqlCommand("select c_pwd from t_operator where c_uid=@uid and c_role>0", con);
sql.Parameters.Add("@uid", uid);
try {
con.Open();
SqlDataReader reader = sql.ExecuteReader();
while (reader.Read()) {
if (pwd.Equals(reader["c_pwd"].ToString())) {
if (sessionid.Equals("loggedsession")) {
success = true;
}
else {
if (sessions.ContainsKey(sessionid)) {
Psp hpsp = sessions[sessionid] as Psp;
if (hpsp != null) hpsp = null;
}
op = GetOperator(uid);
op.host = host;
op.sessionid = sessionid;
sessions[sessionid] = this; // add to session hash
// init permission table
InitPermission();
AsyncLogWriter("Logged in");
success = true;
}
}
}
reader.Close();
}
catch (Exception ex) {
op.opid = -1;
AsyncLogWriter(ex);
success = false;
}
finally {
con.Close();
}
return success;
}
public Operator GetOperator(int opid) {
Operator op = new Operator();
DataTable tabOp = GetOperator(opid.ToString(), 1);
if (tabOp != null && tabOp.Rows.Count > 0) {
try {
op.opid = Convert.ToInt32(tabOp.Rows[0]["c_id"]);
op.uid = tabOp.Rows[0]["c_uid"].ToString();
op.role = Convert.ToInt32(tabOp.Rows[0]["c_role"]);
op.branch = Convert.ToInt32(tabOp.Rows[0]["c_branch"]);
op.desc = tabOp.Rows[0]["c_desc"].ToString();
op.host = tabOp.Rows[0]["c_host"].ToString();
op.phone = tabOp.Rows[0]["c_phone"].ToString();
op.email = tabOp.Rows[0]["c_email"].ToString();
op.promode = Convert.ToInt32(tabOp.Rows[0]["c_promode"]);
}
catch {
op.opid = -1;
}
}
return op;
}
public void SaveOperator(Operator op) {
ValidatePermission("Admin");
SqlConnection con = new SqlConnection(strCon);
daOperator.UpdateCommand.Connection = con;
try {
con.Open();
daOperator.UpdateCommand.Parameters["@uid"].Value = op.uid;
daOperator.UpdateCommand.Parameters["@pwd"].Value = FormsAuthentication.HashPasswordForStoringInConfigFile(op.pwd, "SHA1");
daOperator.UpdateCommand.Parameters["@role"].Value = op.role;
daOperator.UpdateCommand.Parameters["@desc"].Value = op.desc;
daOperator.UpdateCommand.Parameters["@branch"].Value = op.branch;
daOperator.UpdateCommand.Parameters["@promode"].Value = op.promode;
daOperator.UpdateCommand.Parameters["@phone"].Value = op.phone;
daOperator.UpdateCommand.Parameters["@email"].Value = op.email;
daOperator.UpdateCommand.ExecuteNonQuery();
}
catch (Exception ex) {
AsyncLogWriter("SaveOperator :" + ex);
}
finally {
con.Close();
}
}
protected void buttonSave_Click(object sender, System.EventArgs e) {
SetMode(true);
try {
Operator op = new Operator();
op.uid = textUid.Text;
op.pwd = textPwd.Text;
op.role = Convert.ToInt32(comboRole.SelectedValue);
op.desc = textDesc.Text;
op.branch = Convert.ToInt32(comboBranch.SelectedValue);
op.promode = comboProMode.SelectedIndex;
op.phone = textPhone.Text;
op.email = textEmail.Text;
this.PspProxy.SaveOperator(op);
labelOpStatus.Text = "Амжилттай хадгалагдлаа";
}
catch (Exception ex) {
labelOpStatus.Text = ex.Message;
}
checkNew.Checked = false;
buttonNew.Enabled = true;
buttonEdit.Enabled = true;
buttonSave.Enabled = false;
}