protected void Button1_Click(object sender, EventArgs e)
{
bool authenticate = false;
SqlConnection con = new SqlConnection("Data Source=radon;Initial Catalog=Clinic;Integrated Security=True");
con.Open();
SqlCommand cmd = new SqlCommand("select adminclinic from LoginTable where adminname = @username", con);
cmd.Parameters.AddWithValue("@username", TextBoxUserName.Text);
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
if (reader["adminclinic"].ToString() == DropDownList1.Text)
{
authenticate = true;
con.Close();
break;
}
else
{
LabelMessage.Text = "You are not authorized!";
LabelMessage.EnableViewState = true;
LabelMessage.Visible = true;
}
}
if (authenticate)
{
ClinicDetails clinicInfo = new ClinicDetails();
clinicInfo.UserName = TextBoxUserName.Text;
clinicInfo.ClinicName = DropDownList1.Text;
clinicInfo.Date = Calendar1.SelectedDate.Date;
clinicInfo.Time = TextBoxTime.Text;
clinicInfo.Status = "Available";
string result = obj.InsertAvailability(clinicInfo);
LabelMessage.Text = result;
LabelMessage.EnableViewState = true;
LabelMessage.Visible = true;
}
if (!authenticate)
{
LabelMessage.Text = "You are not authorized!";
LabelMessage.EnableViewState = true;
LabelMessage.Visible = true;
}
}
