Esempio n. 1
0
 public ActionResult Registration(LibraryUser user)
 {
     if (ModelState.IsValid)
     {
         if (user.AddUser(user))
         {
             return RedirectToAction("Index", "User");
         }
         else
         {
             ModelState.AddModelError("", "Duplicate Email ID used try again with another Email ID");
         }
     }
     return ViewIfNoOneLoggedIn();
 }
Esempio n. 2
0
        public ActionResult LogIn(LibraryUser user)
        {
            if (ModelState.IsValid)
            {
                if (user.Authenticate(user))
                {
                    FormsAuthentication.SetAuthCookie(user.EmailID, false);
                    Session["login_type"] = user.login_type;
                    Session["EmailID"] = user.EmailID.Trim();
                    return RedirectToAction("Index");
                }
                else
                {
                    ModelState.AddModelError("", "Log In Data is Incorrect");
                }
            }

            return ViewIfNoOneLoggedIn();
        }
Esempio n. 3
0
        public bool Authenticate(LibraryUser user)
        {
            //return true;
            SqlConnection conn = null;
            SqlDataReader rdr = null;

            try
            {
                conn = new SqlConnection(@"Data Source = (LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\LMS_DB.mdf;Integrated Security = True");
                conn.Open();
                SqlCommand cmd = new SqlCommand("dbo.User_Authenticate", conn);
                cmd.CommandType = CommandType.StoredProcedure;

                cmd.Parameters.Add("@email_id", SqlDbType.NVarChar).Value = user.EmailID;
                cmd.Parameters.Add("@password", SqlDbType.NVarChar).Value = user.Password;

                // Add the output parameter and set its properties.
                SqlParameter outparameter = new SqlParameter();
                outparameter.ParameterName = "@login_type";
                outparameter.SqlDbType = SqlDbType.NVarChar;
                outparameter.Size = 12;
                outparameter.Direction = ParameterDirection.Output;

                // Add the parameter to the Parameters collection.
                cmd.Parameters.Add(outparameter);

                cmd.ExecuteNonQuery();
                login_type = Convert.ToString(cmd.Parameters["@login_type"].Value).Trim();

            }
            catch (Exception)
            {

            }
            finally
            {
                if (conn != null)
                {
                    conn.Close();
                }
                if (rdr != null)
                {
                    rdr.Close();
                }
            }
            if (login_type == "Student" || login_type == "Librarian" || login_type == "Admin")
                return true;
            else
                return false;
        }
Esempio n. 4
0
        public bool AddUser(LibraryUser user)
        {
            if (!IsValid(user.EmailID)) { return false; }

            SqlConnection conn = null;
            SqlDataReader rdr = null;

            try
            {
                if (user.EmailID != null && user.Password != null && user.FirstName != null && user.LastName != null)
                {
                    // conn = new SqlConnection(WebConfigurationManager.ConnectionStrings["_connectionString"].ConnectionString);
                    conn = new SqlConnection(@"Data Source = (LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\LMS_DB.mdf;Integrated Security = True");
                    conn.Open();
                    SqlCommand cmd = new SqlCommand("dbo.User_AddStudent", conn);
                    cmd.CommandType = CommandType.StoredProcedure;

                    // cmd.Parameters.Add("@email_id", SqlDbType.NVarChar).Value = EmailID;
                    // cmd.Parameters.Add("@password", SqlDbType.NVarChar).Value = Password;
                    // Add the input parameter and set its properties.
                    SqlParameter parameter1 = new SqlParameter();
                    parameter1.ParameterName = "@email_id";
                    parameter1.SqlDbType = SqlDbType.NVarChar;
                    parameter1.Direction = ParameterDirection.Input;
                    parameter1.Value = user.EmailID;

                    // Add the parameter to the Parameters collection.
                    cmd.Parameters.Add(parameter1);

                    // Add the input parameter and set its properties.
                    SqlParameter parameter2 = new SqlParameter();
                    parameter2.ParameterName = "@password";
                    parameter2.SqlDbType = SqlDbType.NVarChar;
                    parameter2.Direction = ParameterDirection.Input;
                    parameter2.Value = user.Password;

                    // Add the parameter to the Parameters collection.
                    cmd.Parameters.Add(parameter2);

                    // Add the input parameter and set its properties.
                    SqlParameter parameter3 = new SqlParameter();
                    parameter3.ParameterName = "@firstname";
                    parameter3.SqlDbType = SqlDbType.NVarChar;
                    parameter3.Direction = ParameterDirection.Input;
                    parameter3.Value = user.FirstName;

                    // Add the parameter to the Parameters collection.
                    cmd.Parameters.Add(parameter3);

                    // Add the input parameter and set its properties.
                    SqlParameter parameter4 = new SqlParameter();
                    parameter4.ParameterName = "@lastname";
                    parameter4.SqlDbType = SqlDbType.NVarChar;
                    parameter4.Direction = ParameterDirection.Input;
                    parameter4.Value = user.LastName;

                    // Add the parameter to the Parameters collection.
                    cmd.Parameters.Add(parameter4);

                    cmd.ExecuteNonQuery();

                    return true;
                }
                else
                    return false;
            }
            catch (SqlException sqlEx)
            {
                if (sqlEx.Message.StartsWith("Violation of UNIQUE KEY constraint"))
                {
                    return false;
                }
                else
                    throw;
            }
            catch (Exception)
            {
                return false;
            }
            finally
            {
                if (conn != null)
                {
                    conn.Close();
                }
                if (rdr != null)
                {
                    rdr.Close();
                }
            }
        }