private bool isUserCredentialsValid(string userName, string password)
{
ZXPUserData zxpUD = new ZXPUserData();
int rowCount = 0;
bool isValidUser = false;
try
{
string sqlCmdText;
string sql_connStr = new TruckScheduleConfigurationKeysHelper().sql_connStr;
sqlCmdText = "SELECT COUNT (*) FROM dbo.Users WHERE [Password] = @UPASS AND UserName = @UNAME AND isDisabled = 0";
rowCount = Convert.ToInt32(SqlHelper.ExecuteScalar(sql_connStr, CommandType.Text, sqlCmdText, new SqlParameter("@UPASS", DataTransformer.PasswordHash(password)),
new SqlParameter("@UNAME", userName)));
if (rowCount > 0)
{
isValidUser = true;
}
else
{
isValidUser = false;
throw new Exception("Invalid login.");
}
}
catch (SqlException excep)
{
string strErr = " SQLException Error in dataProcessingAndCleanUp isUserCredentialsValid(). Details: " + excep.ToString();
ErrorLogging.WriteEvent(strErr, EventLogEntryType.Error);
System.Web.HttpContext.Current.Session["ErrorNum"] = 2;
ErrorLogging.sendtoErrorPage(2);
}
catch (Exception ex)
{
string strErr = " Exception Error in dataProcessingAndCleanUp isUserCredentialsValid(). Details: " + ex.ToString();
ErrorLogging.WriteEvent(strErr, EventLogEntryType.Error);
System.Web.HttpContext.Current.Session["ErrorNum"] = 1;
ErrorLogging.sendtoErrorPage(1);
}
finally
{
}
return(isValidUser);
}
public static string PasswordHash(string ClearTextPassword)
{
return(DataTransformer.getMD5Hash(ClearTextPassword)); //Can modify to different type of hashing
}
