public DataTable SelectByUserNameAndPasswordHash(REF_User oREF_User)
{
DBConnecton db;
db = new DBConnecton();
DataTable dataTable = new DataTable();
string sqlQuery = "SELECT * FROM `tbluser` WHERE `UserName` LIKE '" + oREF_User.USER_NAME + "' AND `password` LIKE '" + oREF_User.PASSWORD + "'";
//Open connection
if (db.OpenConnection() == true)
{
//Create Command
MySqlCommand cmd = new MySqlCommand(sqlQuery, db.getConnetion());
//Create a data reader and Execute the command
MySqlDataReader dataReader = cmd.ExecuteReader();
DataSet ds = new DataSet();
ds.Tables.Add(dataTable);
ds.EnforceConstraints = false;
dataTable.Load(dataReader);
dataReader.Close();
//close Connection
db.CloseConnection();
//return list to be displayed
return(dataTable);
}
else
{
return(dataTable);
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
try {
REF_User oUser = new REF_User();
DAC_User oDAC_User = new DAC_User();
oUser.USER_NAME = UserName.Text;
oUser.PASSWORD = Password.Text;
DataTable dt = oDAC_User.SelectByUserNameAndPasswordHash(oUser);
oUser.Role = Convert.ToInt32(dt.Rows[0][3].ToString());
Session["LoggedUser"] = oUser;
Response.Redirect("./frmHome.aspx", true);
}catch (Exception ex)
{
ShowMessage("Enter User name and password");
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
REF_User oUser = new REF_User();
oUser = (REF_User)Session["LoggedUser"];
if (oUser.Role == 1)
{
liAddEmployee.Visible = true;
liviewEmployee.Visible = true;
liSalaryEmployee.Visible = true;
liDamageConfirm.Visible = true;
liaddDamages.Visible = true;
liItem.Visible = true;
liStocks.Visible = true;
lireport.Visible = true;
liRent.Visible = true;
liRetun.Visible = true;
liAddOffers.Visible = true;
liiewOffers.Visible = true;
liaddcourse.Visible = true;
liviewcourse.Visible = true;
liaddustomertocourset.Visible = true;
licoursereport.Visible = true;
liAddService.Visible = true;
liViewService.Visible = true;
liAddCustome.Visible = true;
lifrmViewSalary.Visible = true;
liReturnReports.Visible = true;
lireport.Visible = true;
liFinanceReport.Visible = true;
}
else if (oUser.Role == 2)
{
liAddEmployee.Visible = false;
liSalaryEmployee.Visible = false;
liDamageConfirm.Visible = false;
liaddDamages.Visible = false;
liItem.Visible = false;
lireport.Visible = false;
liRent.Visible = true;
liRetun.Visible = true;
liAddOffers.Visible = false;
liiewOffers.Visible = true;
liaddcourse.Visible = false;
liviewcourse.Visible = true;
liaddustomertocourset.Visible = true;
licoursereport.Visible = false;
liAddService.Visible = false;
liViewService.Visible = true;
liAddCustome.Visible = true;
lifrmViewSalary.Visible = false;
liReturnReports.Visible = false;
lireport.Visible = false;
liFinanceReport.Visible = false;
liStocks.Visible = true;
liviewEmployee.Visible = true;
}
else if (oUser.Role == 3)
{
liAddEmployee.Visible = false;
liSalaryEmployee.Visible = false;
liviewEmployee.Visible = false;
liDamageConfirm.Visible = false;
liaddDamages.Visible = false;
liItem.Visible = false;
liStocks.Visible = false;
lireport.Visible = false;
liRent.Visible = false;
liRetun.Visible = false;
liAddOffers.Visible = false;
liiewOffers.Visible = false;
liaddcourse.Visible = false;
liviewcourse.Visible = false;
liaddustomertocourset.Visible = false;
licoursereport.Visible = false;
liAddService.Visible = false;
liViewService.Visible = false;
liAddCustome.Visible = false;
lifrmViewSalary.Visible = false;
liReturnReports.Visible = false;
lireport.Visible = false;
liFinanceReport.Visible = false;
liViewRepair.Visible = true;
}
}
catch
{
Response.Redirect("./frmLogin.aspx", true);
}
}
