Esempio n. 1
0
        public void insertUser()
        {
            SqlConnection con = new SqlConnection();

            con.ConnectionString = ConfigurationManager.ConnectionStrings["KalendarDB"].ConnectionString;
            SqlCommand com = new SqlCommand();

            com.Connection  = con;
            com.CommandText = "INSERT INTO Users (UserName,Password,FirstName,LastName,Email,Address) VALUES(@UserName,@Password,@FirstName, @LastName,@Email, @Address)";
            com.Parameters.AddWithValue("@UserName", txtUsername.Text);
            CryptographyReference.Cryptography cryptography = new CryptographyReference.Cryptography();
            com.Parameters.AddWithValue("@Password", cryptography.Encrypt(txtPassword.Text));
            com.Parameters.AddWithValue("@FirstName", txtFName.Text);
            com.Parameters.AddWithValue("@LastName", txtLName.Text);
            com.Parameters.AddWithValue("@Email", txtEmail.Text);
            com.Parameters.AddWithValue("@Address", txtAddress.Text);
            SqlCommand com2 = new SqlCommand();

            com2.Connection  = con;
            com2.CommandText = "INSERT INTO Preferences (UserName,CalendarSize,BackgroundColor,HeaderColor,CalendarTextSize,DayBorderStyle,WeekdayNameStyle,WeekdayNameSize,TodayColor,SelectedDayColor,ShowPreviousNextMonths) VALUES (@UserName,'50','White','Gray','Large','NotSet','Short','Large','White','LightGray',0)";
            com2.Parameters.AddWithValue("@UserName", txtUsername.Text);
            try
            {
                con.Open();
                com.ExecuteNonQuery();
                com2.ExecuteNonQuery();
                Response.Redirect("~/Kalendar.aspx");
            }
            catch (SqlException er)
            {
                if (er.Message.StartsWith("Cannot insert duplicate key"))
                {
                    StatusMessage.Text = "That username is already taken, try another one.";
                }
                else
                {
                    StatusMessage.Text = "Oops, something went wrong. If someone from FINKI comes show them this error number: " + er.Number;
                }
            }
            finally
            {
                con.Close();
            }
        }
Esempio n. 2
0
        protected void btnLogin_Click(object sender, EventArgs e)
        {
            lblError.Text = "";
            SqlConnection con = new SqlConnection();

            con.ConnectionString = ConfigurationManager.ConnectionStrings["KalendarDB"].ConnectionString;
            SqlCommand com = new SqlCommand();

            com.Connection  = con;
            com.CommandText = "SELECT Password FROM Users WHERE UserName=@UserName";
            com.Parameters.AddWithValue("@UserName", txtUsername.Text);
            try
            {
                con.Open();
                SqlDataReader reader = com.ExecuteReader();
                if (reader.Read())
                {
                    CryptographyReference.Cryptography cryptography = new CryptographyReference.Cryptography();
                    string password = cryptography.Decrypt(reader[0].ToString());
                    if (txtPassword.Text.Equals(password))
                    {
                        FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, true);
                    }
                    else
                    {
                        lblError.Text = "Wrong username or password";
                    }
                }
                else
                {
                    lblError.Text = "Wrong username or password";
                }
            }
            catch (SqlException er)
            {
                lblError.Text = "Oops, something went wrong. If someone from FINKI comes show them this error number: " + er.Number;
            }
            finally
            {
                con.Close();
            }
        }