protected void Button1_Click(object sender, EventArgs e)
{
hashing hasher = new hashing();
string pass = hasher.hash(TextBox2.Text);
string user = TextBox1.Text;
string url = Server.MapPath("App_Data/Staff.xml");
DataSet set = new DataSet();
FileStream file = new FileStream(url, FileMode.Open, FileAccess.Read);
StreamReader reader = new StreamReader(file);
set.ReadXml(reader);
DataRow staff = set.Tables[0].NewRow();
staff["UserName"] = user;
staff["Password"] = pass;
set.Tables[0].Rows.Add(staff);
set.AcceptChanges();
file.Close();
file = new FileStream(url, FileMode.Create, FileAccess.Write | FileAccess.Read);
StreamWriter writer = new StreamWriter(file);
set.WriteXml(writer);
writer.Close();
file.Close();
Label1.Text = "Success!";
}
protected void CreateUser_Click(object sender, EventArgs e)
{
DataSet dataSet = new DataSet();
String userFile = "../App_Data/Member.xml";
FileStream fs = new FileStream(Server.MapPath(userFile),
FileMode.Open, FileAccess.Read);
StreamReader reader = new StreamReader(fs);
dataSet.ReadXml(reader);
fs.Close(); //close after reading
hashing hashCompute = new hashing();
string hashedPassword = hashCompute.hash(Password.Text);
DataRow newUser = dataSet.Tables[0].NewRow(); //add new user informate to the xml file
newUser["UserName"] = UserName.Text;
newUser["Password"] = hashedPassword;
dataSet.Tables[0].Rows.Add(newUser);
dataSet.AcceptChanges();
fs = new FileStream(Server.MapPath(userFile), FileMode.Create,
FileAccess.Write | FileAccess.Read);
StreamWriter writer = new StreamWriter(fs);
dataSet.WriteXml(writer);
writer.Close();
fs.Close();
if (!String.IsNullOrEmpty(Request.QueryString["ReturnUrl"]))
{
Response.Redirect(Request.QueryString["ReturnUrl"]);
}
else
{
Response.Redirect("~/Account/Login.aspx");
}
}
protected void LogIn(object sender, EventArgs e)
{
if (IsValid)
{
//cookie code
HttpCookie myCookies = new HttpCookie("myCookieId");
myCookies["username"] = UserName.Text;
myCookies["Password"] = Password.Text;
myCookies.Expires = DateTime.Now.AddMonths(6);
Response.Cookies.Add(myCookies);
DataSet ds = new DataSet();
String cmd = "UserName='******'";
FileStream fs = new FileStream(Server.MapPath("../App_Data/Staff.xml"),
FileMode.Open, FileAccess.Read);
StreamReader reader = new StreamReader(fs);
ds.ReadXml(reader);
fs.Close();
DataTable users = ds.Tables[0];
DataRow[] matches = users.Select(cmd);
if (matches != null && matches.Length > 0)
{
DataRow row = matches[0];
hashing hashCompute = new hashing();
string hashedPassword = hashCompute.hash(Password.Text);
String pass = (String)row["Password"];
if (0 != String.Compare(pass, hashedPassword, false))
{
//either username or password is incorrect
FailureText.Text = "Invalid username or password.";
ErrorMessage.Visible = true;
}
else
{
// increment visitor counter
Global.increment();
FormsAuthentication.RedirectFromLoginPage
(UserName.Text, RememberMe.Checked);
Response.Redirect("~/StaffPage.aspx");
}
}
else
{
FailureText.Text = "Invalid username or password.";
ErrorMessage.Visible = true;
}
}
}