protected void btn_Submit_Click(object sender, EventArgs e)
{
try
{
if (captcha == "True")
{
if (txt_UserID.Text != "" && txt_Password.Text != "")
{
if (SqInjection.checkForSQLInjection(txt_UserID.Text.Trim()))
{
return;
}
else
{
name = Encrypt(txt_UserID.Text.Trim());
objPRReq.UserID = HttpUtility.UrlEncode(txt_UserID.Text.Trim());
objPRReq.SGNO = txt_UserID.Text.Trim();
}
if (SqInjection.checkForSQLInjection(txt_UserID.Text.Trim()))
{
Response.Redirect(string.Format("~/Error.aspx"), false);
}
else
{
objPRReq.Email = txt_UserID.Text.Trim();
}
if (SqInjection.checkForSQLInjection(txt_Password.Text.Trim()))
{
Response.Redirect(string.Format("~/Error.aspx"), false);
}
else
{
objPRReq.Password = HttpUtility.UrlEncode(txt_Password.Text.Trim());
}
objPRReq.Status = "Active";
PRResp r = objPRIBC.AdminLogin(objPRReq);
DataTable dt = r.GetTable;
objPRReq.Role = 0;
if (dt.Rows.Count > 0)
{
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = dt.Rows[0]["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
if (txtPwdHash.Value == value.ToLower())
{
foreach (DataRow dr in dt.Rows)
{
if (dr["Role"].ToString() != "0")
{
continue;
}
// CIT Inventory
if (dr["Status"].ToString() == "Active")
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/Admin/AssignRole.aspx?st={0}", name), false);
}
}
throw new Exception("You are not authorised for the role of Admin");
}
}
try
{
objPRReq.EmpID = double.Parse(objPRReq.UserID);
}
catch
{
throw new Exception("Invalid User Login Credentials");
}
r = objPRIBC.EmpLogin(objPRReq);
dt = r.GetTable;
if (dt.Rows.Count > 0)
{
r = objPRIBC.getAdminRoleEmpID(objPRReq);
DataTable dr = r.GetTable;
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = dt.Rows[0]["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
// CIT Inventory
if (txtPwdHash.Value != value.ToLower())
{
}
else if (dr.Rows.Count > 0 && dr.Rows[0]["Status"].ToString() == "Active")
{
Session["UserID"] = dr.Rows[0]["UID"];
Response.Redirect(string.Format("~/Admin/AssignRole.aspx?st={0}", name), false);
}
else
{
throw new Exception("You are not authorised for the role of Admin");
}
}
r = objPRIBC.ProjStaffLogin(objPRReq);
dt = r.GetTable;
if (dt.Rows.Count > 0)
{
r = objPRIBC.getAdminRoleEmpID(objPRReq);
DataTable dr = r.GetTable;
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = dt.Rows[0]["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
// CIT Inventory
if (txtPwdHash.Value != value.ToLower())
{
}
else if (dr.Rows.Count > 0 && dr.Rows[0]["Status"].ToString() == "Active")
{
Session["UserID"] = dr.Rows[0]["UID"];
Response.Redirect(string.Format("~/Admin/AssignRole.aspx?st={0}", name), false);
}
else
{
throw new Exception("You are not authorised for the role of Admin");
}
}
throw new Exception(" Invalid User Login Credintials");
}
else
{
throw new Exception(" Enter UserID & Password");
}
}
}
catch (Exception ex)
{
string msg = ex.Message.Replace("'", ""); ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
// Admin Login
//protected void ValidateCaptcha(object sender, ServerValidateEventArgs e)
//{
// Captcha1.ValidateCaptcha(txt_Captcha.Text.Trim());
// e.IsValid = Captcha1.UserValidated;
// if (e.IsValid)
// {
// captcha = e.IsValid.ToString();
// }
//}
protected void btn_AdminLogin_Click(object sender, EventArgs e)
{
try
{
if (txt_UserID.Text != "" && txt_Password.Text != "")
{
if (Session["captcha"].ToString() == txt_Captcha.Text)
{
if (SqInjection.checkForSQLInjection(txt_UserID.Text.Trim()))
{
return;
}
else
{
name = Encrypt(txt_UserID.Text.Trim());
objPRReq.UserID = HttpUtility.UrlEncode(txt_UserID.Text.Trim());
objPRReq.SGNO = txt_UserID.Text.Trim();
}
if (SqInjection.checkForSQLInjection(txt_UserID.Text.Trim()))
{
Response.Redirect(string.Format("~/Error.aspx"), false);
}
else
{
objPRReq.Email = txt_UserID.Text.Trim();
}
if (SqInjection.checkForSQLInjection(txt_Password.Text.Trim()))
{
Response.Redirect(string.Format("~/Error.aspx"), false);
}
else
{
objPRReq.Password = HttpUtility.UrlEncode(txt_Password.Text.Trim());
}
objPRReq.Status = "Active";
PRResp r = objPRIBC.AdminLogin(objPRReq);
DataTable dt = r.GetTable;
if (dt.Rows.Count > 0)
{
foreach (DataRow dr in dt.Rows)
{
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = dr["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
//Application Admin
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "0" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("Admin/{0}?st={0}", name), false);
}
else
// DG
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "1" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/DG/DGHome.aspx?st={0}", name), false);
}
else
//Project Staff Payroll
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "10" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/PSPayrolls/PSHome.aspx?st={0}", name), false);
}
else
// Payroll Users
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "2" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/ACCPayrolls/PayrollHome.aspx?st={0}", name), false);
}
else
// Vehicle Admin
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "3" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/Vehicle/VehicleHome.aspx?st={0}", name), false);
}
else
//E Admin
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "4" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/EAdmin/eAdmnHome.aspx?st={0}", name), false);
}
else
// Security
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "5" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/SecurityOfficer/SOHome.aspx?st={0}", name), false);
}
else
// ART
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "6" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/AR_T/ARTHome.aspx?st={0}", name), false);
}
else //ARE
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "7" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/AR_E/AREHome.aspx?st={0}", name), false);
}
else //GuestHouse
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "8" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/GuestHouse/GHHome.aspx?st={0}", name), false);
}
else // CIT Inventory
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "9" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/CICTInventory/InventoryHome.aspx?st={0}", name), false);
}
else // CIT Inventory
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "11" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/eLeave/eLeaveAdminHome.aspx?st={0}", name), false);
}
else // Finance
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "12" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/Finance/FinanceHome.aspx?st={0}", name), false);
}
else // CMU Ticketing
if (dr["Status"].ToString() == "Active" && dr["Role"].ToString() == "14" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dr["UID"];
Response.Redirect(string.Format("~/CMU_Ticketing/CMUTicketingHome.aspx?st={0}", name), false);
}
else
{
string msg = " Invalid User Login Credintials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
}
else
{
objPRReq.Status = "Active";
PRResp ru = objPRIBC.StoreUserLogin(objPRReq);
DataTable dtu = ru.GetTable;
if (dtu.Rows.Count > 0)
{
foreach (DataRow dru in dtu.Rows)
{
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = dru["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
if (dru["Status"].ToString() == "Active" && dru["Role"].ToString() == "10" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dru["SUID"];
Response.Redirect(string.Format("~/NIRDStores/StoreUser/StoreUserHome.aspx?st={0}", name), false);
}
else
{
string msg = "Invalid User Login Credientials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
}
else
{
objPRReq.Status = "Active";
if (Microsoft.VisualBasic.Information.IsNumeric(txt_UserID.Text))
{
objPRReq.EmpID = int.Parse(txt_UserID.Text.Trim());
}
PRResp remp = objPRIBC.EmpLogin(objPRReq);
DataTable dtemp = remp.GetTable;
if (dtemp.Rows.Count > 0)
{
foreach (DataRow dremp in dtemp.Rows)
{
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = dremp["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
if (dremp["Status"].ToString() == "Active" && dremp["Role"].ToString() == "5" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dremp["EmpID"];
Response.Redirect(string.Format("~/HOC/HOC_MainHome.aspx?st={0}", name), false);
}
//else
// if (dremp["Status"].ToString() == "Active" && dremp["Role"].ToString() == "5" && txtPwdHash.Value == value.ToLower())
// {
// Session["UserID"] = dremp["EmpID"];
// Response.Redirect(string.Format("~/Emp/Circulars.aspx?st={0}", name), false);
// }
else
{
string msg = "Invalid User Login Credientials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
}
else
{
PRResp rps = objPRIBC.ProjStaffLogin(objPRReq);
DataTable dps = rps.GetTable;
if (dps.Rows.Count > 0)
{
foreach (DataRow drps in dps.Rows)
{
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = drps["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
if (drps["Status"].ToString() == "Active" && drps["Role"].ToString() == "12" && txtPwdHash.Value == value.ToLower().Trim() && (drps["Flag1"].ToString() != "1" || drps["Flag1"].ToString() == ""))
{
Session["UserID"] = drps["EmpID"];
Response.Redirect(string.Format("~/ProjectStaff/PSHome.aspx?st={0}", name), false);
}
else if (drps["Status"].ToString() == "Active" && drps["Role"].ToString() == "12" && txtPwdHash.Value == value.ToLower().Trim())
{
Session["UserID"] = drps["EmpID"];
Response.Redirect(string.Format("~/ProjectStaff/PS_MainHome.aspx?st={0}", name), false);
}
else
{
string msg = "Invalid User Login Credientials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
}
else
{
// Security Guard
objPRReq.Status = "Active";
objPRReq.SGNO = txt_UserID.Text.Trim();
PRResp rsg = objPRIBC.SGLogin(objPRReq);
DataTable dsg = rsg.GetTable;
if (dsg.Rows.Count > 0)
{
foreach (DataRow drg in dsg.Rows)
{
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = drg["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
if (drg["Status"].ToString() == "Active" && drg["Role"].ToString() == "100" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = drg["SGID"];
Response.Redirect(string.Format("~/Security/SecurityHomepage.aspx?st={0}", name), false);
}
else
{
string msg = "Invalid User Login Credientials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
}
else
{
objPRReq.Status = "Active";
objPRReq.Email = txt_UserID.Text.Trim();
PRResp rcit = objPRIBC.CITSSLogin(objPRReq);
DataTable dcit = rcit.GetTable;
if (dcit.Rows.Count > 0)
{
foreach (DataRow dts in dcit.Rows)
{
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = dts["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
if (dts["Status"].ToString() == "Active" && dts["Role"].ToString() == "11" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dts["CSID"];
Response.Redirect(string.Format("~/CITStaff/CITSSHome.aspx?st={0}", name), false);
}
else
{
string msg = "Invalid User Login Credientials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
}
else
{
objPRReq.Status = "Active";
objPRReq.UserID = txt_UserID.Text.Trim();
PRResp rcelDA = objPRIBC.eLDALogin(objPRReq);
DataTable dcelDA = rcelDA.GetTable;
if (dcelDA.Rows.Count > 0)
{
foreach (DataRow dtelda in dcelDA.Rows)
{
string myval = FormsAuthentication.HashPasswordForStoringInConfigFile(ViewState["KeyGenerator"].ToString(), "SHA1");
string password = dtelda["Password"].ToString();
string value = FormsAuthentication.HashPasswordForStoringInConfigFile(password.ToLower() + myval.ToLower(), "SHA1");
if (dtelda["Status"].ToString() == "Active" && dtelda["Role"].ToString() == "12" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dtelda["UserID"];
Response.Redirect(string.Format("~/eLeaveDA/EmployeeStatus.aspx?st={0}", name), false);
}
else
if (dtelda["Status"].ToString() == "Active" && dtelda["Role"].ToString() == "13" && txtPwdHash.Value == value.ToLower())
{
Session["UserID"] = dtelda["UserID"];
Response.Redirect(string.Format("~/HCMS/hcmsHome.aspx?st={0}", name), false);
}
else
{
string msg = "Invalid User Login Credientials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
}
else
{
string msg = " Enter User Login Credientials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
}
}
}
}
}
}
else
{
string msg = " Enter Valid Cpatch..";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
else
{
string msg = " Enter User Login Credientials";
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "Alert...!!!", "alert('" + msg + "');", true);
}
}
catch (Exception ex)
{
string msg = ex.Message.Replace("'", ""); Response.Redirect(string.Format("~/Error.aspx?st=" + msg.ToString()), false);
}
}
