internal Usuario getUsuario(string username, string password) { //this.fechaSistema.ToString(); Usuario user = null; try { string hash = GetSha256FromString(password); // // Open the SqlConnection. // con.Open(); // // The following code uses an SqlCommand based on the SqlConnection. // SqlCommand cmd = new SqlCommand(String.Format("SELECT TOP 1 u.Id,u.Nombre as UsuarioNombre,u.Password,u.Intentos,u.Habilitado,r.Nombre as RolNombre FROM [GD2C2015].[JANADIAN_DATE].[Usuario] u INNER JOIN [GD2C2015].[JANADIAN_DATE].[Rol] r ON (u.Rol=r.Id) WHERE u.Nombre = '{0}' and r.Nombre LIKE '%Admin%' ", username), con); DataTable dt = new DataTable(); dt.TableName = "Tabla"; dt.Load(cmd.ExecuteReader()); if (dt.Rows.Count == 0) { con.Close(); throw (new NoResultsException("Usuario incorrecto")); } foreach (DataRow Fila in dt.Rows) { if (!Convert.ToBoolean(Fila["Habilitado"])) { con.Close(); throw (new UnavailableException("Usuario no esta habilitado")); } else if (!Convert.ToString(Fila["Password"]).Equals(hash)) { SqlCommand update = new SqlCommand(String.Format("UPDATE [GD2C2015].[JANADIAN_DATE].[Usuario] SET Intentos = {0} WHERE Nombre = '{1}'", Convert.ToInt32(Fila["Intentos"]) + 1, username), con); update.ExecuteNonQuery(); con.Close(); throw (new PasswordMismatchException("Contraseña incorrecta")); } else { SqlCommand update = new SqlCommand(String.Format("UPDATE [GD2C2015].[JANADIAN_DATE].[Usuario] SET Intentos = {0} WHERE Nombre = '{1}'", 0, username), con); update.ExecuteNonQuery(); user = new Usuario(Convert.ToInt32(Fila["Id"]), Convert.ToString(Fila["UsuarioNombre"]), Convert.ToInt32(Fila["Intentos"]), Convert.ToString(Fila["RolNombre"])); } } con.Close(); } catch (Exception exAlta) { con.Close(); throw (new Exception(exAlta.ToString())); } return user; }
public FormAdminMenu(Usuario userLogin) { this.userLogin = userLogin; InitializeComponent(); }