protected void btnLogin_Click(object sender, EventArgs e)
{
ThesysController.QueryExecuteWithParameters("sp_UserExpiryCheck", new string[0], new string[0]);
string username = txtUserName.Text.ToString();
byte[] hashedBytes;
// PASSWORD
MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider();
UTF8Encoding encoder = new UTF8Encoding();
hashedBytes = md5Hasher.ComputeHash(encoder.GetBytes(txtPassword.Text.ToString()));
DataSet ds = new DataSet();
using (SqlConnection con = new SqlConnection(ThesysController.ConnectionString))
{
using (SqlCommand com = new SqlCommand("SELECT * FROM v_UserPasswords WHERE user_name=@username AND password=@password", con))
{
con.Open();
com.Parameters.AddWithValue("@username", username);
com.Parameters.AddWithValue("@password", hashedBytes);
SqlDataAdapter da = new SqlDataAdapter(com);
da.Fill(ds);
con.Close();
if (ds.Tables[0].Rows.Count > 0)
{
Session["user_id"] = ds.Tables[0].Rows[0]["id"].ToString();
Session["user_type"] = ds.Tables[0].Rows[0]["type"].ToString();
switch (ds.Tables[0].Rows[0]["type"].ToString())
{
case "Admin":
Response.Redirect("administrator/dashboard.aspx");
break;
case "Student":
Response.Redirect("student/dashboard.aspx");
break;
case "Faculty":
Response.Redirect("faculty/dashboard.aspx");
break;
case "Visitor":
Response.Redirect("visitor/dashboard.aspx");
break;
}
}
else
{
Response.Redirect("Default.aspx");
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["user_id"] == null)
{
Response.Redirect("../Default.aspx");
}
else
{
if (Session["user_type"].ToString() != "Admin")
{
Response.Redirect("not_admin");
}
}
string user_id = (string)Session["user_id"];
string full_name = ThesysController.GetStringFromQuery("SELECT CONCAT(last_name,', ',first_name) FROM v_Admins WHERE id=" + user_id);
lblUserFullName_Header.Text = full_name;
lblUserFullName_Panel.Text = full_name;
lblUserFullName_Sidebar.Text = full_name;
if (!IsPostBack)
{
}
}
