internal Usuario getUsuario(string username, string password)
{
//this.fechaSistema.ToString();
Usuario user = null;
try
{
string hash = GetSha256FromString(password);
//
// Open the SqlConnection.
//
con.Open();
//
// The following code uses an SqlCommand based on the SqlConnection.
//
SqlCommand cmd = new SqlCommand(String.Format("SELECT TOP 1 u.Id,u.Nombre as UsuarioNombre,u.Password,u.Intentos,u.Habilitado,r.Nombre as RolNombre FROM [GD2C2015].[JANADIAN_DATE].[Usuario] u INNER JOIN [GD2C2015].[JANADIAN_DATE].[Rol] r ON (u.Rol=r.Id) WHERE u.Nombre = '{0}' and r.Nombre LIKE '%Admin%' ", username), con);
DataTable dt = new DataTable();
dt.TableName = "Tabla";
dt.Load(cmd.ExecuteReader());
if (dt.Rows.Count == 0)
{
con.Close();
throw (new NoResultsException("Usuario incorrecto"));
}
foreach (DataRow Fila in dt.Rows)
{
if (!Convert.ToBoolean(Fila["Habilitado"]))
{
con.Close();
throw (new UnavailableException("Usuario no esta habilitado"));
}
else if (!Convert.ToString(Fila["Password"]).Equals(hash))
{
SqlCommand update = new SqlCommand(String.Format("UPDATE [GD2C2015].[JANADIAN_DATE].[Usuario] SET Intentos = {0} WHERE Nombre = '{1}'", Convert.ToInt32(Fila["Intentos"]) + 1, username), con);
update.ExecuteNonQuery();
con.Close();
throw (new PasswordMismatchException("Contraseña incorrecta"));
}
else
{
SqlCommand update = new SqlCommand(String.Format("UPDATE [GD2C2015].[JANADIAN_DATE].[Usuario] SET Intentos = {0} WHERE Nombre = '{1}'", 0, username), con);
update.ExecuteNonQuery();
user = new Usuario(Convert.ToInt32(Fila["Id"]), Convert.ToString(Fila["UsuarioNombre"]), Convert.ToInt32(Fila["Intentos"]), Convert.ToString(Fila["RolNombre"]));
}
}
con.Close();
}
catch (Exception exAlta)
{
con.Close();
throw (new Exception(exAlta.ToString()));
}
return user;
}
public FormAdminMenu(Usuario userLogin)
{
this.userLogin = userLogin;
InitializeComponent();
}
