Пример #1
0
        //public static bool checkPersonnelExist(string username, string password)
        //{
        //    NpgsqlConnection conn = new NpgsqlConnection(ConfigurationManager.ConnectionStrings["Banken"].ConnectionString);
        //    int amount = 0;
        //    try
        //    {
        //        conn.Open();
        //        string sqlCheckUser = string.Empty;

        //        //sqlCheckUser = "******";
        //        //NpgsqlCommand command = new NpgsqlCommand(@sqlCheckUser, conn);

        //        sqlCheckUser = "******";
        //        NpgsqlCommand command = new NpgsqlCommand(@sqlCheckUser, conn);

        //        command.Parameters.Add(new NpgsqlParameter("newUserName", NpgsqlDbType.Varchar));
        //        command.Parameters["newUserName"].Value = username;
        //        command.Parameters.Add(new NpgsqlParameter("newUserpassword", NpgsqlDbType.Varchar));
        //        command.Parameters["newUserpassword"].Value = password;

        //        NpgsqlDataReader dr = command.ExecuteReader();
        //        while (dr.Read())
        //        {
        //            amount = (int)(dr["amount"]);
        //        }
        //    }
        //    finally
        //    {
        //        conn.Close();
        //    }
        //    if (amount > 0)
        //    {
        //        return true;
        //    }
        //    else
        //    {
        //        return false;
        //    }
        //}
        #endregion loggin
        #region admin

        public static List <personnel> getPersonnelList()
        {
            List <personnel> personnelList = new List <personnel>();
            NpgsqlConnection conn          = new NpgsqlConnection(ConfigurationManager.ConnectionStrings["Banken"].ConnectionString);

            try
            {
                conn.Open();
                string personnelsql = string.Empty;
                personnelsql = "SELECT * from personnel";


                NpgsqlCommand    command = new NpgsqlCommand(@personnelsql, conn);
                NpgsqlDataReader dr      = command.ExecuteReader();
                while (dr.Read())
                {
                    personnel newPersonnel = new personnel();
                    newPersonnel.idPersonnel  = (int)(dr["id_personnel"]);
                    newPersonnel.userName     = (string)(dr["username"]);
                    newPersonnel.userPassword = (string)(dr["password"]);
                    newPersonnel.firstName    = (string)(dr["firstname"]);
                    newPersonnel.lastName     = (string)(dr["lastname"]);
                    newPersonnel.address      = (string)(dr["address"]);
                    newPersonnel.postalCode   = (string)(dr["postalcode"]);
                    newPersonnel.city         = (string)(dr["city"]);
                    newPersonnel.access       = (int)(dr["access"]);
                    personnelList.Add(newPersonnel);
                }
            }
            finally
            {
                conn.Close();
            }
            return(personnelList);
        }
Пример #2
0
        protected void btnLoggin_Click(object sender, EventArgs e)
        {
            string userName     = txbUserName.Text;
            string userPassword = txbPassword.Text;
            int    idPersonnel  = Convert.ToInt32(Session["idPersonnel"]);

            if (methods.checkPersonnelExist(idPersonnel, userName, userPassword) == true)
            {
                personnel newPersonnel = new personnel();

                // get all user info by name and password
                //newPersonnel = methods.getPersonnelByName(userName, userPassword);

                Session["idPersonnel"] = newPersonnel.idPersonnel;

                if (newPersonnel.access == 1)
                {
                    //FormsAuthentication.RedirectFromLoginPage(access.ToString(), false);
                    Response.Redirect("personal.aspx");
                }
                else if (newPersonnel.access == 2)
                {
                    //FormsAuthentication.RedirectFromLoginPage(accessId.ToString(), false);
                    Response.Redirect("admin.aspx");
                }
                else
                {
                    lblErrorMessage.Text = "Användare saknar behörighet";
                }
            }
            else
            {
                lblErrorMessage.Text = "Fel användarnamn eller lösenord. Försök igen.";
            }


            //Session["Id"] = //Id från inloggad från databasen
            ////om staff bool redirect till admin else till komp.port
            //if ()
            //{
            //  Response.Redirect("~/admin.aspx");
            //}
            //else
            //{
            //  Response.Redirect("~/kompetensportalen.aspx");
        }