public static void AddUser(User user)
{
using (var connection = new SqlConnection(ConnectionStr))
{
var command = new SqlCommand("AddUser", connection) { CommandType = System.Data.CommandType.StoredProcedure };
command.Parameters.AddWithValue("@Login", user.Login);
command.Parameters.AddWithValue("@Password", user.Password);
command.Parameters.AddWithValue("@Mail", user.Mail);
command.Parameters.AddWithValue("@IsAdmin", user.IsAdmin);
connection.Open();
command.ExecuteNonQuery();
}
}
public ActionResult Login(User user)
{
if (!string.IsNullOrWhiteSpace(user.Login) || !string.IsNullOrWhiteSpace(user.Password))
{
user.Password = Security.GetHashString(user.Password);
if (LoginModel.IsLoginSuccess(user.Login, user.Password))
{
FormsAuthentication.SetAuthCookie(user.Login, user.IsRemember);
}
else
{
ViewBag.ErrorMessage = "Incorrect login or password!";
return View();
}
}
return RedirectToAction("sp", "main");
}
public ActionResult Registration(User user)
{
if (ModelState.IsValid)
{
if (UsersManager.GetUserInfo(user.Login) == null)
{
user.Password = Security.GetHashString(user.Password);
UsersManager.AddUser(user);
return RedirectToAction("sp", "main");
}
else
{
ViewBag.ErrorMessage = "This login is in use by another user!";
return View();
}
}
return View();
}