public int ChangeUserPassword(Property objProp, string user)
{
int flag = 0;
SqlConnection sqlCon = new SqlConnection(conStr);
EncryptPassword objEncPwd = new EncryptPassword();
try
{
SqlCommand sqlCmd = new SqlCommand();
sqlCmd.Connection = sqlCon;
sqlCmd.CommandText = "sp_ChangePassword";
sqlCmd.CommandType = CommandType.StoredProcedure;
SqlParameter pUserID = sqlCmd.Parameters.Add("@UserID", SqlDbType.VarChar, 20);
pUserID.Value = objProp.UserID;
SqlParameter pOldPwd = sqlCmd.Parameters.Add("@OldPwd", SqlDbType.VarChar, 32);
string encOldPwd = objEncPwd.EncryptText(objProp.OldPassword, "helloworld");
pOldPwd.Value = encOldPwd;
SqlParameter pNewPwd = sqlCmd.Parameters.Add("@NewPwd", SqlDbType.VarChar, 32);
string encNewPwd = objEncPwd.EncryptText(objProp.Password, "helloworld");
pNewPwd.Value = encNewPwd;
SqlParameter pUser = sqlCmd.Parameters.Add("@User", SqlDbType.VarChar, 20);
pUser.Value = user;
SqlParameter pFlag = sqlCmd.Parameters.Add("@Flag", SqlDbType.Int);
pFlag.Direction = ParameterDirection.Output;
sqlCon.Open();
sqlCmd.ExecuteNonQuery();
flag = (int)pFlag.Value;
}
catch (SqlException SqlEx)
{
objNLog.Error("SQLException : " + SqlEx.Message);
throw new Exception("Exception re-Raised from DL with SQLError# " + SqlEx.Number + " while Changing Password.", SqlEx);
}
catch (Exception ex)
{
objNLog.Error("Exception : " + ex.Message);
throw new Exception("**Error occured while Changing Password.", ex);
}
finally
{
sqlCon.Close();
}
return flag;
}
protected void btnLogin_Click(object sender, EventArgs e)
{
try
{
Property objProp = new Property();
UserLoginBLL userLog = new UserLoginBLL();
EncryptPassword encPwd = new EncryptPassword();
TextBox txtUserID = (TextBox)phLogin.FindControl("txtUserID");
TextBox txtPwd = (TextBox)phLogin.FindControl("txtPassword");
string encPassword = encPwd.EncryptText(txtPwd.Text, "helloworld");
objProp.UserID = txtUserID.Text.Trim();
objProp.Password = encPassword.Trim();
if (userLog.LoginUser(objProp))
{
Session["User"] = objProp.UserID;
if ((string)Session["Role"] == "D")
Response.Redirect("Home/DoctorHome.aspx");
else if ((string)Session["Role"] == "N")
Response.Redirect("Home/NurseHome.aspx");
else if ((string)Session["Role"] == "P" || (string)Session["Role"] == "T")
Response.Redirect("Home/PharmacistHome.aspx");
else if ((string)Session["Role"] == "C")
Response.Redirect("Home/CSRHome.aspx");
else
Response.Redirect("Patient/AllPatientProfile.aspx");
}
else
{
Session["User"] = null;
Label lblStatus = (Label)phLogin.FindControl("lblStatus");
lblStatus.Visible = true;
lblStatus.Text = "Invalid UserID/Password..!";
objNLog.Error("Login failed for the user - " + txtUserID.Text);
}
}
catch (Exception ex)
{
objNLog.Error("Error : " + ex.Message);
}
}
public int CreateUser(Property objUser, string user)
{
EncryptPassword encPwd = new EncryptPassword();
SqlConnection sqlCon = new SqlConnection(conStr);
SqlCommand sqlCmd = new SqlCommand("sp_set_Users", sqlCon);
sqlCmd.CommandType = CommandType.StoredProcedure;
SqlParameter userid = sqlCmd.Parameters.Add("@User_ID", SqlDbType.VarChar, 50);
userid.Value = objUser.UserID;
SqlParameter passWord = sqlCmd.Parameters.Add("@Password", SqlDbType.VarChar, 32);
string encP = encPwd.EncryptText(objUser.Password, "helloworld");
passWord.Value = encP.Trim();
SqlParameter comments = sqlCmd.Parameters.Add("@Comments", SqlDbType.VarChar, 50);
comments.Value = objUser.Comments;
SqlParameter stampsLoc = sqlCmd.Parameters.Add("@StampLoc", SqlDbType.VarChar, 50);
stampsLoc.Value = objUser.StampLoc;
if (objUser.EMPID > 0)
{
SqlParameter empID = sqlCmd.Parameters.Add("@Emp_ID", SqlDbType.Int);
empID.Value = objUser.EMPID;
SqlParameter DocID = sqlCmd.Parameters.Add("@Doc_ID", SqlDbType.Int);
DocID.Value = int.Parse(objUser.DocID);
SqlParameter empFName = sqlCmd.Parameters.Add("@Emp_FName", SqlDbType.VarChar,50);
empFName.Value = objUser.EMPFName;
SqlParameter empLName = sqlCmd.Parameters.Add("@Emp_LName", SqlDbType.VarChar, 50);
empLName.Value = objUser.EMPLName;
}
SqlParameter Userrole = sqlCmd.Parameters.Add("@User_Role", SqlDbType.Char, 1);
Userrole.Value = objUser.UserRole;
SqlParameter User_type = sqlCmd.Parameters.Add("@User_Type", SqlDbType.Char, 1);
User_type.Value = "N";
SqlParameter pUser = sqlCmd.Parameters.Add("@User", SqlDbType.VarChar, 20);
pUser.Value = user;
try
{
sqlCon.Open();
sqlCmd.ExecuteNonQuery();
resultFlag = 1;
}
catch (SqlException SqlEx)
{
objNLog.Error("SQLException : " + SqlEx.Message);
throw new Exception("Exception re-Raised from DL with SQLError# " + SqlEx.Number + " while Registering User Profile.", SqlEx);
}
catch (Exception ex)
{
objNLog.Error("Exception : " + ex.Message);
throw new Exception("**Error occured while Registering User Profile.", ex);
}
finally
{
sqlCon.Close();
}
return resultFlag;
}
