public void ProcessRequest(HttpContext context) { if (context.Request.HttpMethod != "POST") { context.Response.End(); } else { // User has already authenticated if (context.Session["id"] != null) { context.Response.Redirect("index.aspx"); return; } // Determine if authentication is successful AuctionDB db = new AuctionDB(); int userid = db.Authenticate(context.Request.Form["username"], context.Request.Form["password"]); if (userid > -1) { // User successfully authenticated, log them in by adding the username key to our session context.Session.Add("id", userid); context.Session.Add("username", context.Request.Form["username"]); context.Response.Redirect("index.aspx"); return; } else { // User failed to authenticate, kick them out context.Session.Abandon(); context.Response.Redirect("index.aspx"); return; } } }
protected void Page_Load(object sender, EventArgs e) { // Prevent logged in users from accessing the registration page if (Session["id"] != null) { Response.Redirect("./index.aspx"); return; } if (HttpContext.Current.Request.HttpMethod == "POST") { AuctionDB db = new AuctionDB(); try { db.CreateUser(Request.Form["username"], Request.Form["password"], Request.Form["email"]); Response.Write("Username " + Request.Form["username"] + " was added to the database."); } catch (Exception ex) { Response.Write(ex.Message); } /* * foreach (string key in Request.Form.AllKeys) * { * * } */ } }