protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
if (UserLogIn.UserLogInCheck(this.Request))
{
error_message.Visible = false;
UserLogIn user = UserLogIn.UserLoggedIn(this.Request);
switch (user.AccessLevel)
{
case 1:
{
Response.Redirect("~/AdminPage.aspx");
break;
}
case 2:
{
Response.Redirect("~/AdminPage.aspx");
break;
}
case 3:
{
Response.Redirect("~/UserPage.aspx");
break;
}
}
error_message.Text = "Podaci za prijavu nisu tačni!";
error_message.ForeColor = System.Drawing.Color.Red;
error_message.Visible = true;
}
}
}
public UserLogIn UserPretraga()
{
try
{
SqlCommand cmd = DBConnection.GetCommand;
cmd.CommandText = "select u.*,g.Name,g.AccessLevel from Users as u " +
"inner join UserGroups as g on u.UserGroupID = g.Id " +
"where u.ID = @id";
cmd.Parameters.AddWithValue("@id", this.Id);
using (cmd.Connection)
{
DataTable dt = new DataTable();
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
da.Fill(dt);
if (dt.Rows.Count == 1)
{
UserLogIn user = new UserLogIn(dt.Rows[0]);
return(user);
}
else
{
throw new Exception("User ne postoji");
}
}
}
}
catch (Exception ex)
{
Message = ex.Message;
return(null);
}
}
public bool LoadAllUsers()
{
try
{
SqlCommand cmd = DBConnection.GetCommand;
cmd.CommandText = "select u.*,g.Name,g.AccessLevel from Users as u " +
"inner join UserGroups as g on u.UserGroupID = g.Id ";
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count > 0)
{
foreach (DataRow dr in dt.Rows)
{
UserLogIn user = new UserLogIn(dr);
AllUsers.Add(user);
}
return(true);
}
return(false);
}
}
catch (Exception ex)
{
ErrMessage = "Pristup korisnicima nije moguc.";
return(false);
}
}
protected void datagrid_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
Admin a = new Admin();
if (a.DeleteUser())
{
datagrid.DataSource = null;
UserLogIn user = new UserLogIn();
if (user.LoadAllUsers())
{
datagrid.DataSource = user.AllUsers;
datagrid.DataBind();
}
}
else
{
error_message.Text = a.Message;
}
}
protected void datagrid_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
Admin a = new Admin();
a.Id = ((HiddenField)datagrid.Rows[e.RowIndex].FindControl("Id")).Value;
if (a.DeleteUser())
{
datagrid.DataSource = null;
UserLogIn user = new UserLogIn();
if (user.LoadAllUsers())
{
datagrid.DataSource = user.AllUsers;
datagrid.DataBind();
}
}
else
{
error_message.Text = a.Message;
}
}
public static UserLogIn UserLoggedIn(HttpRequest request)
{
if (request != null && request.Cookies != null)
{
if (request.Cookies["Id"] != null)
{
var value = request.Cookies["Id"].Value;
try
{
SqlCommand cmd = DBConnection.GetCommand;
cmd.Parameters.AddWithValue("@id", value);
cmd.CommandText = "select u.Id, u.Fullname,g.AccessLevel from Users as u " +
"inner join UserGroups as g on u.UserGroupID = g.Id " +
"where u.Id = @id and u.Active = 1";
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count > 0)
{
UserLogIn user = new UserLogIn();
user.Id = dt.Rows[0]["Id"].ToString();
user.FullName = dt.Rows[0]["Fullname"].ToString();
user.AccessLevel = Convert.ToInt32(dt.Rows[0]["AccessLevel"]);
return(user);
}
return(null);
}
}
catch (Exception ex)
{
ErrMessage = "Nije uspelo logovanje";
return(null);
}
}
}
return(null);
}
protected void btn_login_Click(object sender, EventArgs e)
{
error_message.Visible = false;
string pass = FormsAuthentication.HashPasswordForStoringInConfigFile(tbx_pass.Text, "SHA1");
if (UserLogIn.LogInUser(Response, tbx_username.Text, pass))
{
switch (Convert.ToInt32(Request.Cookies["AccessLevel"].Value))
{
case 1:
{
Response.Redirect("~/AdminPage.aspx");
break;
}
case 2:
{
Response.Redirect("~/AdminPage.aspx");
break;
}
case 3:
{
Response.Redirect("~/UserPage.aspx");
break;
}
}
return;
}
error_message.Text = "Podaci za prijavu nisu tačni!";
error_message.ForeColor = System.Drawing.Color.Red;
error_message.Visible = true;
}
protected void btnOdjava_Click(object sender, EventArgs e)
{
UserLogIn.LogOutUser(this.Response);
Response.Redirect("~/LogIn.aspx");
}