public ActionResult LogIn(StaffLogin login) { if (!String.IsNullOrEmpty(login.StaffCode) || !String.IsNullOrEmpty(login.StaffPassword)) { if (Session["iuser"] == null) { try { CustomersData data = new CustomersData(); login = data.GetStaffLogin(login); Session["iuser"] = login.StaffID; Session["iusername"] = login.StaffName; Session["istaffrole"] = login.StaffRoleID; Session["imageUrl"] = login.ImageUrl; StaffData st = new StaffData(); List <StaffPermissionGroup> item = new List <StaffPermissionGroup>(); item = st.GetStaffMenu(login.StaffRoleID); string menu = st.GetMenu(item); Session["imenu"] = menu; return(RedirectToAction("Index")); } catch (Exception ex) { TempData["error"] = ex.Message; return(View()); } } else { return(RedirectToAction("Index")); } } else { if (String.IsNullOrEmpty(login.StaffCode) || String.IsNullOrEmpty(login.StaffPassword)) { TempData["error"] = "กรุณากรอกรหัสพนักงานและรหัสผ่าน"; return(View()); } else if (String.IsNullOrEmpty(login.StaffCode)) { TempData["error"] = "กรุณากรอกรหัสพนักงาน"; return(View()); } else if (String.IsNullOrEmpty(login.StaffPassword)) { TempData["error"] = "กรุณากรอกรหัสผ่าน"; return(View()); } else { TempData["error"] = "ไม่มีข้อมูลพนักงาน"; return(View()); } } }
public ActionResult DeleteConfirmed(int id) { StaffLogin staffLogin = db.StaffLogins.Find(id); db.StaffLogins.Remove(staffLogin); db.SaveChanges(); return(RedirectToAction("Index")); }
public ProcessPage(IClinicDB db, StaffLogin login) { InitializeComponent(); this.db = db; technician = login; uc6_showProcess = new UC6_ShowProcess(db); procesSpec = new List <ProcesSpec>(); }
public ActionResult Login(string staffID, string staffPass) { string u = staffID; string p = staffPass; if (staffID == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } StaffLogin staffLogin = db.StaffLogins.Find(Convert.ToInt32(staffID)); Staff staff = db.Staffs.Find(Convert.ToInt32(staffID)); StudentLogin studentLogin = db.StudentLogins.Find(Convert.ToInt32(staffID)); if (studentLogin != null) { ViewBag.Message = "Please log in using the Student Login page."; return(View()); } else { if (staffLogin == null) { ViewBag.LoginSuccess = "Please Retry, please type again."; } else { if (staff.access_level == 1) { if (staffPass == staffLogin.staff_pwd) { ViewBag.LoginSuccess = "Success"; System.Web.HttpContext.Current.Session["sv_staffLogin"] = Convert.ToInt32(staffID); return(RedirectToAction("Index", "StaffPortal", null)); } else { ViewBag.LoginSuccess = "Failed"; } } else { if (staffPass == staffLogin.staff_pwd) { ViewBag.LoginSuccess = "Success"; System.Web.HttpContext.Current.Session["sv_staffLogin"] = Convert.ToInt32(staffID); return(RedirectToAction("Index", "TeacherPortal", null)); } else { ViewBag.LoginSuccess = "Failed"; } } } } return(View()); }
public StaffLogin GetStaffLoginOnMobile(StaffLogin login) { MySqlConnection ObjConn = DBHelper.ConnectDb(ref errMsg); try { string strSQL = @"SELECT * FROM staff s WHERE s.Staffcode={0} AND s.staffpassword={1} AND s.Deleted=0 AND s.Activated=1 "; strSQL = string.Format(strSQL, Utility.ReplaceString(login.StaffCode.Trim()), Utility.ReplaceString(Utility.HashPassword(login.StaffPassword.Trim()))); DataTable dt = DBHelper.List(strSQL, ObjConn); if (dt != null && dt.Rows.Count > 0) { string strSQL1 = @" SELECT * FROM staffrolepermission sp WHERE sp.StaffPermissionID=22 AND staffRoleID=" + Convert.ToInt32(dt.Rows[0]["StaffRoleID"].ToString()); DataTable dt1 = DBHelper.List(strSQL1, ObjConn); if (dt1.Rows.Count > 0) { login.StaffID = Convert.ToInt32(dt.Rows[0]["StaffID"].ToString()); login.StaffName = dt.Rows[0]["StaffFirstName"].ToString(); login.ImageUrl = dt.Rows[0]["StaffImagePath"].ToString(); login.StaffRoleID = Convert.ToInt32(dt.Rows[0]["StaffRoleID"].ToString()); } } else { string strSQL2 = @" SELECT s.StaffID,s.StaffCode,s.StaffFirstName,s.StaffImagePath ,s.StaffRoleID,so.Password FROM staff s LEFT JOIN staff_otp so ON s.StaffID=so.StaffID WHERE s.StaffRoleID=5 AND so.Deleted=0 AND s.Staffcode=" + Utility.ReplaceString(login.StaffCode.Trim()) + " AND so.Password="******"StaffID"].ToString()); login.StaffName = dt2.Rows[0]["StaffFirstName"].ToString(); login.ImageUrl = dt2.Rows[0]["StaffImagePath"].ToString(); login.StaffRoleID = Convert.ToInt32(dt2.Rows[0]["StaffRoleID"].ToString()); } else { throw new Exception("รหัสพนักงาน หรือ รหัสผ่าน ไม่ถูกต้อง,กรุณาติดต่อผู้ดูแลระบบ"); } } return(login); } catch (Exception ex) { throw; } }
public ActionResult Edit([Bind(Include = "staff_id,staff_pwd")] StaffLogin staffLogin) { if (ModelState.IsValid) { db.Entry(staffLogin).State = EntityState.Modified; db.SaveChanges(); return(RedirectToAction("Index")); } ViewBag.staff_id = new SelectList(db.Staffs, "staff_id", "first_name", staffLogin.staff_id); return(View(staffLogin)); }
public ActionResult Create([Bind(Include = "staff_id,staff_pwd")] StaffLogin staffLogin) { if (ModelState.IsValid) { db.StaffLogins.Add(staffLogin); db.SaveChanges(); return(RedirectToAction("Index")); } ViewBag.staff_id = new SelectList(db.Staffs, "staff_id", "first_name", staffLogin.staff_id); return(View(staffLogin)); }
/// <summary> /// Returns DTO_StaffLogin /// </summary> /// <param name="StaffID"> Entered in LoginWindow</param> /// <param name="pw">Entered in LoginWindow</param> /// <returns></returns> public StaffLogin LoginStaff(string StaffID, string pw) { //DTO Init staffLogin = new StaffLogin(); staffLogin.StaffID = Convert.ToInt32(StaffID); staffLogin.Password = pw; staffLogin.StaffStatus = Status.Null; //DB connect and query string connectionString = (@"Data Source=st-i4dab.uni.au.dk;Initial Catalog=" + DBlogin + ";Integrated Security=False;User ID=" + DBlogin + ";Password="******";Connect Timeout=15;Encrypt=False;TrustServerCertificate=False"); connection = new SqlConnection(connectionString); command = new SqlCommand(); string queryString = "Select * from StaffLogin where StaffID = '" + StaffID + "'"; //DB Open and request try { connection.Open(); using (command = new SqlCommand(queryString, connection)) { reader = command.ExecuteReader(); while (reader.Read()) { if (reader["StaffID"].ToString() == StaffID && reader["Password"].ToString() == pw) { staffLogin.Name = reader["Name"].ToString(); if (reader["StaffStatus"].ToString() == "1") { staffLogin.StaffStatus = Status.Clinician; } else if (reader["StaffStatus"].ToString() == "2") { staffLogin.StaffStatus = Status.Technician; } } } } } catch { Console.Write("Database not connected or data not found"); } finally { connection.Close(); } return(staffLogin); }
// GET: StaffLogins/Details/5 public ActionResult Details(int?id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } StaffLogin staffLogin = db.StaffLogins.Find(id); if (staffLogin == null) { return(HttpNotFound()); } return(View(staffLogin)); }
// GET: StaffLogins/Edit/5 public ActionResult Edit(int?id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } StaffLogin staffLogin = db.StaffLogins.Find(id); if (staffLogin == null) { return(HttpNotFound()); } ViewBag.staff_id = new SelectList(db.Staffs, "staff_id", "first_name", staffLogin.staff_id); return(View(staffLogin)); }
public StaffLogin GetStaffLogin(StaffLogin login) { MySqlConnection ObjConn = DBHelper.ConnectDb(ref errMsg); try { string strSQL = "select * FROM staff Where Staffcode={0} and staffpassword={1} and Deleted=0 and Activated=1 "; strSQL = string.Format(strSQL, Utility.ReplaceString(login.StaffCode), Utility.ReplaceString(Utility.HashPassword(login.StaffPassword))); DataTable dt = DBHelper.List(strSQL, ObjConn); if (dt != null && dt.Rows.Count > 0) { login.StaffID = Convert.ToInt32(dt.Rows[0]["StaffID"].ToString()); login.StaffName = dt.Rows[0]["StaffFirstName"].ToString(); login.ImageUrl = dt.Rows[0]["StaffImagePath"].ToString(); login.StaffRoleID = Convert.ToInt32(dt.Rows[0]["StaffRoleID"].ToString()); } else { string strSQL2 = @" SELECT s.StaffID,s.StaffCode,s.StaffFirstName,s.StaffImagePath ,s.StaffRoleID,so.Password FROM staff s LEFT JOIN staff_otp so ON s.StaffID=so.StaffID WHERE s.StaffRoleID=5 AND so.Deleted=0 AND s.Staffcode=" + Utility.ReplaceString(login.StaffCode.Trim()) + " AND so.Password="******"StaffID"].ToString()); login.StaffName = dt2.Rows[0]["StaffFirstName"].ToString(); login.ImageUrl = dt2.Rows[0]["StaffImagePath"].ToString(); login.StaffRoleID = Convert.ToInt32(dt2.Rows[0]["StaffRoleID"].ToString()); } else { throw new Exception("รหัสพนักงาน หรือ รหัสผ่าน ไม่สิทธิ์เข้าใช้งานแอพพลิเคชั่นนี้ ,กรุณาตรวจสอบ"); } } return(login); } catch (Exception ex) { throw; } }
public bool CreateTechnicalSpec(Patient patient, StaffLogin ScanTechID, Ear earSide) { TecnicalSpec techSpec = new TecnicalSpec(); techSpec.CPR = patient.CPR; techSpec.Patient = patient; techSpec.StaffID = ScanTechID.StaffID; techSpec.StaffLogin = ScanTechID; techSpec.Printed = false; techSpec.EarSide = earSide; techSpec.CreateDate = DateTime.Now; //null values techSpec.EarPrints = new List <RawEarPrint>(); techSpec.RawEarScan = new RawEarScan(); techSpec.ScanID = 0; return(clinicDB.SaveTechnicalSpec(techSpec)); }