private void backAA_Click(object sender, EventArgs e)
        {
            this.Close();
            AdminDashboard obj = new AdminDashboard();

            obj.Show();
        }
Esempio n. 2
0
 private void backASM_Click(object sender, EventArgs e)
 {
     if (u.Type == "Admin")
     {
         this.Close();
         AdminDashboard obj = new AdminDashboard();
         obj.Show();
     }
     else if (u.Type == "Academic_Staff")
     {
         this.Close();
         AcademicStaffDashBoard obj = new AcademicStaffDashBoard();
         obj.Show();
     }
     else if (u.Type == "Non_Academic_Staff")
     {
         this.Close();
         NonAcademicStaffDashboard obj = new NonAcademicStaffDashboard();
         obj.Show();
     }
     else if (u.Type == "Administrative_Staff")
     {
         this.Close();
         AdministrativeStaffDashboard obj = new AdministrativeStaffDashboard();
         obj.Show();
     }
 }
        private void btnLogin_Click(object sender, EventArgs e)
        {
            if (txtUsername.Text == "")
            {
                MessageBox.Show("Please enter username");
            }
            else if (txtUsername.Text == "")
            {
                MessageBox.Show("Please enter password");
            }
            else if (userType.Text == "")
            {
                MessageBox.Show("Please select usertype");
            }
            else
            {
                string conString = CommonConstants.connnectionString;
                if (userType.Text.Equals("Academic Staff"))
                {
                    using (SqlConnection connection = new SqlConnection(conString))
                    {
                        connection.Open();
                        SqlCommand command = new SqlCommand(null, connection);


                        command.CommandText = "SELECT * FROM Academic_Staff_Credentials WHERE stfID = @stfID ";

                        SqlParameter stfID = new SqlParameter("@stfID", SqlDbType.VarChar, 100);
                        stfID.Value = txtUsername.Text;
                        command.Parameters.Add(stfID);


                        // Call Prepare after setting the Commandtext and Parameters.
                        command.Prepare();
                        SqlDataReader reader = command.ExecuteReader();

                        if (reader.Read())
                        {
                            String secured_pwd_from_db = reader["password"].ToString();
                            String salt_from_db        = reader["salt"].ToString();

                            String userID_from_db = reader["stfID"].ToString();

                            if (PasswordUtil.verifyUserPassword(txtPassword.Text, secured_pwd_from_db, salt_from_db))
                            {
                                User u = new User();
                                //populate u
                                //u.setuserID(userID_from_db);
                                u = getAcademicStaffObjectWithAllProperties(userID_from_db);

                                //Track Login - Start
                                TrackLogin("Academic Staff", connection, userID_from_db, conString);
                                //Track Login - End

                                UserSessionStore.Instance.setUser(u);
                                AcademicStaffDashBoard objAcdStfDashBoard = new AcademicStaffDashBoard();
                                this.Hide();
                                objAcdStfDashBoard.Show();
                            }
                            else
                            {
                                MessageBox.Show("Your password is incorrect.");
                            }
                        }
                        else
                        {
                            MessageBox.Show("Your Username or password not found.");
                        }
                        connection.Close();
                    }
                }
                else if (userType.Text.Equals("Administrative Staff"))
                {
                    using (SqlConnection connection = new SqlConnection(conString))
                    {
                        connection.Open();
                        SqlCommand command = new SqlCommand(null, connection);

                        command.CommandText = "SELECT * FROM Administrative_Staff_credentials WHERE stfID = @stfID ";

                        SqlParameter stfID = new SqlParameter("@stfID", SqlDbType.VarChar, 100);
                        stfID.Value = txtUsername.Text;
                        command.Parameters.Add(stfID);


                        // Call Prepare after setting the Commandtext and Parameters.
                        command.Prepare();
                        SqlDataReader reader = command.ExecuteReader();

                        if (reader.Read())
                        {
                            String secured_pwd_from_db = reader["password"].ToString();
                            String salt_from_db        = reader["salt"].ToString();

                            String userID_from_db = reader["stfID"].ToString();

                            if (PasswordUtil.verifyUserPassword(txtPassword.Text, secured_pwd_from_db, salt_from_db))
                            {
                                User u = new User();
                                //populate u
                                //u.setuserID(userID_from_db);
                                u = getAdministrativeStaffObjectWithAllProperties(userID_from_db);

                                //Track Login - Start
                                TrackLogin("Administrative Staff", connection, userID_from_db, conString);
                                //Track Login - End

                                UserSessionStore.Instance.setUser(u);
                                AdministrativeStaffDashboard objAdmStfDashBoard = new AdministrativeStaffDashboard();
                                this.Hide();
                                objAdmStfDashBoard.Show();
                            }
                            else
                            {
                                MessageBox.Show("Your password is incorrect.");
                            }
                        }
                        else
                        {
                            MessageBox.Show("Your Username or password not found.");
                        }
                        connection.Close();
                    }
                }
                else if (userType.Text.Equals("Admin"))
                {
                    using (SqlConnection connection = new SqlConnection(conString))
                    {
                        connection.Open();
                        SqlCommand command = new SqlCommand(null, connection);

                        command.CommandText = "SELECT * FROM Admin_credentials WHERE adminID = @adminID ";

                        SqlParameter adminID = new SqlParameter("@adminID", SqlDbType.VarChar, 100);
                        adminID.Value = txtUsername.Text;
                        command.Parameters.Add(adminID);


                        // Call Prepare after setting the Commandtext and Parameters.
                        command.Prepare();
                        SqlDataReader reader = command.ExecuteReader();

                        if (reader.Read())
                        {
                            String secured_pwd_from_db = reader["password"].ToString();
                            String salt_from_db        = reader["salt"].ToString();

                            String userID_from_db = reader["adminID"].ToString();

                            if (PasswordUtil.verifyUserPassword(txtPassword.Text, secured_pwd_from_db, salt_from_db))
                            {
                                User u = new User();
                                //populate u
                                u.setuserID(userID_from_db);
                                u.Type = "Admin";

                                //Track Login - Start
                                TrackLogin("Admin", connection, userID_from_db, conString);
                                //Track Login - End

                                UserSessionStore.Instance.setUser(u);

                                AdminDashboard objAdminDashboard = new AdminDashboard();
                                this.Hide();
                                objAdminDashboard.Show();
                            }
                            else
                            {
                                MessageBox.Show("Your password is incorrect.");
                            }
                        }
                        else
                        {
                            MessageBox.Show("Your Username or password not found.");
                        }
                        connection.Close();
                    }
                }
                else if (userType.Text.Equals("Non Academic Staff"))
                {
                    using (SqlConnection connection = new SqlConnection(conString))
                    {
                        connection.Open();
                        SqlCommand command = new SqlCommand(null, connection);

                        command.CommandText = "SELECT * FROM Non_Academic_Staff_Credentials WHERE stfID = @stfID ";

                        SqlParameter stfID = new SqlParameter("@stfID", SqlDbType.VarChar, 100);
                        stfID.Value = txtUsername.Text;
                        command.Parameters.Add(stfID);


                        // Call Prepare after setting the Commandtext and Parameters.
                        command.Prepare();
                        SqlDataReader reader = command.ExecuteReader();

                        if (reader.Read())
                        {
                            String secured_pwd_from_db = reader["password"].ToString();
                            String salt_from_db        = reader["salt"].ToString();

                            String userID_from_db = reader["stfID"].ToString();

                            if (PasswordUtil.verifyUserPassword(txtPassword.Text, secured_pwd_from_db, salt_from_db))
                            {
                                User u = new User();
                                //populate u
                                //u.setuserID(userID_from_db);
                                u = getNonAcademicStaffObjectWithAllProperties(userID_from_db);

                                //Track Login - Start
                                TrackLogin("Non Academic Staff", connection, userID_from_db, conString);
                                //Track Login - End

                                UserSessionStore.Instance.setUser(u);

                                NonAcademicStaffDashboard objNonAcdStfDashboard = new NonAcademicStaffDashboard();
                                this.Hide();
                                objNonAcdStfDashboard.Show();
                            }
                            else
                            {
                                MessageBox.Show("Your password is incorrect.");
                            }
                        }
                        else
                        {
                            MessageBox.Show("Your Username or password not found.");
                        }
                        connection.Close();
                    }
                }
                else
                {
                    MessageBox.Show("Unknown user type!!!");
                }


                //Login validation end
            }
        }