public ActionResult DoLogin()
{
var username = Request.Form["username"];
var pass = Request.Form["pass"];
var sm = "";
var cmd = new SqlCommand();
cmd.CommandText = "getUser";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@username", SqlDbType.VarChar, 90).Value = username.ToString();
DataTable dt = new LHR.lib.DataAdapter().ExecPro(cmd);
if (dt.Rows.Count > 0)
{
DataRow dr = dt.NewRow();
dr = dt.Rows[0];
if (dr[7].ToString() == LHR.lib.CoreSecurity.getMd5Hash(pass))
{
Session["userid"] = dr[0].ToString();
Session["username"] = username;
Session["groupid"] = dr[8].ToString();
sm = "yes";
}
else
{
sm = "no";
}
}
else
{
sm = "no";
}
return(Content(sm));
}
