public static employee_ru show_employees(string user_name)
{
string query = String.Format("SELECT employee_ru.emp_ru_name,position.pos_name,privilege.privil_status from ((employee_ru inner join user_control On user_control.emp_ru_id = employee_ru.emp_ru_id) inner join position On position.pos_id = employee_ru.pos_id) inner join privilege On privilege.emp_ru_id = employee_ru.emp_ru_id where user_control.uct_user = '******'", user_name);
try
{
conn.Open();
command.CommandText = query;
SqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
string empname = reader.GetString(0);
string posname = reader.GetString(1);
string status = reader.GetString(2);
employee_ru ru = new employee_ru(empname, posname, status, user_name);
return(ru);
}
}
finally
{
conn.Close();
}
return(null);
}
public static employee_ru show_employees_id(string user_name)
{
string query = String.Format("select employee_ru.emp_ru_id from employee_ru where employee_ru.emp_ru_name = '{0}'", user_name);
try
{
conn.Open();
command.CommandText = query;
SqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
int emp_id = reader.GetInt32(0);
employee_ru ru = new employee_ru(emp_id);
return(ru);
}
}
finally
{
conn.Close();
}
return(null);
}
public static employee_ru Login_employee_ru(string username, string password)
{
string query = String.Format("SELECT COUNT(*) from ((employee_ru inner join user_control On user_control.emp_ru_id = employee_ru.emp_ru_id) inner join position On position.pos_id = employee_ru.pos_id) inner join privilege On privilege.emp_ru_id = employee_ru.emp_ru_id where user_control.uct_user = '******'", username);
command.CommandText = query;
try
{
conn.Open();
int countuser = (int)command.ExecuteScalar();
if (countuser == 1)
{
query = String.Format("select user_control.uct_password from ((employee_ru inner join user_control On user_control.emp_ru_id = employee_ru.emp_ru_id) inner join position On position.pos_id = employee_ru.pos_id) inner join privilege On privilege.emp_ru_id = employee_ru.emp_ru_id where user_control.uct_user = '******'", username);
command.CommandText = query;
string dbpassword = command.ExecuteScalar().ToString();
if (dbpassword == password)
{
query = String.Format("select user_control.uct_user from ((employee_ru inner join user_control On user_control.emp_ru_id = employee_ru.emp_ru_id) inner join position On position.pos_id = employee_ru.pos_id) inner join privilege On privilege.emp_ru_id = employee_ru.emp_ru_id where user_control.uct_user = '******' ", username);
command.CommandText = query;
SqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
string username1 = reader.GetString(0);
employee_ru ru = new employee_ru(username, password, username1);
return(ru);
}
return(null);
}
return(null);
}
else
{
return(null);
}
}
finally
{
conn.Close();
}
return(null);
}
protected void btnlogin_Click(object sender, EventArgs e)
{
String Username = txtusername.Text;
String Password = txtpassword.Text;
employee_ru ru = employee_ru.Login_employee_ru(Username, Password);
doctor doc = doctor.Login_doctor(Username, Password);
nurse nu = nurse.Login_nurse(Username, Password);
if (ru != null)
{
string user = ru.username;
employee_ru show_name = employee_ru.show_employees(user);
if (show_name != null)
{
if (show_name.status == "ได้รับสิทธิการรักษา")
{
Session["staff_name"] = show_name.emp_ru_name;
if (show_name.pos_name == "เจ้าหน้าที่")
{
Response.Redirect("../Page/index_opd.aspx");
}
else if (show_name.pos_name == "เวชระเบียน")
{
Response.Redirect("../Page/index_opd.aspx");
}
else if (show_name.pos_name == "พยาบาล")
{
Response.Redirect("../Page/nurse_index_opd.aspx");
}
else if (show_name.pos_name == "เภสัชกรณ์")
{
Response.Redirect("../Page/index_opd.aspx");
}
else if (show_name.pos_name == "หัวหน้า")
{
Response.Redirect("../Page/index_opd.aspx");
}
else
{
Response.Redirect("../Page/index_student.aspx");
}
}
else
{
// ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('ไม่ถูกยืนยันสิทธิการรักษา');", true);
Session["staff_name"] = show_name.emp_ru_name;
if (show_name.pos_name == "พยาบาล")
{
Response.Redirect("../Page/appointment_management_index.aspx");
// ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('เป็นพยาบาล');", true);
}
else
{
ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('ไม่ถูกยืนยันสิทธิการรักษา');", true);
}
}
}
}
else if (doc != null)
{
Session["doc_name"] = doc.emp_doc_name;
Session["doc_id"] = doc.emp_doc_id;
Session["specialist"] = doc.emp_doc_specialist;
Response.Redirect("../Page/index_doctor.aspx");
// ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('gfdtdryhththdyhn');", true);
}
else if (nu != null)
{
Session["nurse_name"] = nu.emp_ru_name;
if (nu.pos_name == "พยาบาล")
{
Response.Redirect("../Page/appointment_management_index.aspx");
// ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('"+ nu.emp_ru_name + "');", true);
}
else
{
ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('ไม่ถูกยืนยันสิทธิการรักษา');", true);
}
// Response.Redirect("../Page/index_doctor.aspx");
}
else
{
ClientScript.RegisterStartupScript(GetType(), "hwa", "alert('ไม่พบข้อมูลในระบบ');", true);
}
}
