public bool doLogin(string user, string pass, bool remember)
{
authen x = new authen();
bool ret = false;
setCookie("lastUser", (remember)?user:"");
SqlConnection myConnection = new SqlConnection(connString);
try {
myConnection.Open();
try {
SqlDataReader myReader = null;
string strSql = "SELECT userID FROM [dbo].[user] WHERE email = '" + user + "' AND password = '******'";
SqlCommand myCommand = new SqlCommand(strSql, myConnection);
myReader = myCommand.ExecuteReader();
while (myReader.Read())
{
HttpContext.Current.Session["uid"] = myReader[0].ToString();
userID = myReader[0].ToString();
ret = true;
}
myReader.Close();
myConnection.Close();
} catch (Exception ex1) {
err = "Ex1:" + ex1.Message;
}
}catch (Exception ex2) {
err = "Ex2:" + ex2.Message;
}
/*if (!ret) HttpContext.Current.Session["uid"]="";*/
return(ret);
}
public static int changePass(string oldPass, string newPass)
{
int ret = -1;
authen x = new authen();
if (x.validUser())
{
string uid = (string)HttpContext.Current.Session["uid"];
SqlConnection myConnection = new SqlConnection(connString);
try {
myConnection.Open();
try {
string strSql = "UPDATE [dbo].[user]" +
"SET password = '******'" +
"WHERE userID = " + uid + " AND password='******'";
SqlCommand myCommand = new SqlCommand(strSql, myConnection);
ret = myCommand.ExecuteNonQuery();
myConnection.Close();
} catch (Exception ex1) {
}
} catch (Exception ex2) {
}
}
return(ret); /*-1: failed, 0: old pass mismatch, >1: success*/
}
public static void redirIfNotAdmin()
{
authen x = new authen();
if (!x.isAnAdmin)
{
HttpContext.Current.Response.Redirect("./default.aspx");
}
}
public static void logoutIfNotValid()
{
authen x = new authen();
if (!x.validUser())
{
HttpContext.Current.Response.Redirect("./login.aspx");
}
}
public static string isAdmin()
{
//do some admin stuff
authen x = new authen();
string ret = "<style type='text/css'>.admin{display:none;}</style>";
if (x.isAnAdmin) //is admin
{
ret = "<style type='text/css'>.useronly{display:none;}</style>";
}
return(ret);
}
public static string autocomplete()
{
//do some admin stuff
string ret = "";
authen x = new authen();
SqlConnection myConnection = new SqlConnection(x.getConnectionString());
try {
myConnection.Open();
try {
SqlDataReader myReader = null;
string strSql = "SELECT DISTINCT businessName AS aText, businessID AS aID, 1 AS aType FROM [business] " +
"UNION " +
"SELECT DISTINCT businessTypeName, bt.businessTypeID, 2 " +
"FROM [business] as b, [businessType] as bt,[business_businessType] as bbt " +
"WHERE bt.businessTypeID = bbt.businessTypeID " +
"AND b.businessID = bbt.businessID " +
"UNION " +
"SELECT DISTINCT tubeName, t.tubeID, 3 " +
"FROM [tube] as t " +
"WHERE convert(varbinary(50), UPPER(tubeName)) != convert(varbinary(50), tubeName) " +
"UNION " +
"SELECT DISTINCT countyName, c.countyID, 4 " +
"FROM [county] as c " +
"WHERE convert(varbinary(50), UPPER(countyName)) != convert(varbinary(50), countyName) " +
"ORDER BY aText";
SqlCommand myCommand = new SqlCommand(strSql, myConnection);
myReader = myCommand.ExecuteReader();
while (myReader.Read())
{
ret += (ret.Length > 0) ? "|" : "";
ret += myReader["aText"].ToString() + ";" + myReader["aID"].ToString() + ";" + myReader["aType"].ToString();
}
myReader.Close();
myConnection.Close();
} catch (Exception ex1) {}
} catch (Exception ex2) {}
return(ret);
}
// end of 3rd copy
public static bool getuserpass(int userid, out string email, out string pass)
{
bool ret = false;
email = "";
pass = "";
authen x = new authen();
if (x.validUser())
{
SqlConnection myConnection = new SqlConnection(x.getConnectionString());
try {
myConnection.Open();
try {
string strSql = @"SELECT [email], [password] FROM [user]
WHERE userID = '" + userid + "'";
SqlCommand myCommand = new SqlCommand(strSql, myConnection);
SqlDataReader myReader = null;
myReader = myCommand.ExecuteReader();
if (myReader.Read())
{
email = myReader["email"].ToString();
pass = myReader["password"].ToString();
ret = true;
}
myReader.Close();
myConnection.Close();
} catch (Exception ex1) {
}
} catch (Exception ex2) {
}
}
return(ret);
}
public static string getConn()
{
authen x = new authen();
return(x.getConnectionString());
}
public static bool isUserAdmin()
{
authen x = new authen();
return(x.isAnAdmin);
}