Exemplo n.º 1
0
        public ASFUser GetUser(MembershipInfo user)
        {
            ASFUser singleUser = new ASFUser();
            using (SqlConnection conn = new SqlConnection(connString))
            {
                // If user has correct password, then select user database
                string sql = BuildASFUserSQL() + ", b.Password ";

                string fromUser = @"FROM dbo.ASF_User AS a INNER JOIN dbo.aspnet_Membership as b ON a.Username = b.Username ";
                string whereUser = @"WHERE a.Username = @Username";

                sql = sql + fromUser + whereUser;

                SqlCommand cmd = new SqlCommand(sql, conn);
                cmd.Parameters.Add("@Username", SqlDbType.NVarChar).Value = user.Username;

                try
                {
                    conn.Open();
                    SqlDataReader read = cmd.ExecuteReader();
                    while (read.Read())
                    {
                        singleUser = new ASFUserCallback().ProcessRow(read);
                        singleUser.Member.Password = read["Password"].ToString() ;
                    }
                }
                catch (Exception e)
                {
                    throw e;
                }
                finally
                {
                    conn.Close();
                }
            }
            return singleUser;
        }
Exemplo n.º 2
0
        public ASFUser DoLogin(MembershipInfo user)
        {
            ASFUser singleUser = new ASFUser();
            using (SqlConnection conn = new SqlConnection(connString))
            {
                // If user has correct password, then select user database
                string sql = BuildASFUserSQL();
                string sqlMember = @"SELECT a.UserId FROM dbo.aspnet_Membership as b WHERE b.Username = @Username AND b.Password = @Password";

                string fromUser = @"FROM dbo.ASF_User AS a";
                string whereUser = @" WHERE a.UserId = (" + sqlMember + ")";

                sql = sql + fromUser + whereUser;

                SqlCommand cmd = new SqlCommand(sql, conn);
                cmd.Parameters.Add("@Username", SqlDbType.Int).Value = user.Username;
                cmd.Parameters.Add("@Password", SqlDbType.Int).Value = user.Password;

                try
                {
                    conn.Open();
                    SqlDataReader read = cmd.ExecuteReader();
                    while (read.Read())
                    {
                        singleUser = new ASFUserCallback().ProcessRow(read);
                    }
                }
                catch (Exception e)
                {
                    throw e;
                }
                finally
                {
                    conn.Close();
                }
            }
            return singleUser;
        }