public static int Logout(users ck2)
{
if (null == ck2)
{
return(-1);
}
try
{
var ck = new ManageCookie();
using (SqlConnection conn = DBConnection())
{
string strsql = string.Format(@"
update persons set p_is_online=0 where p_id=@p_id;
update online_user set logout_date=getdate() where id=@log_id;
");
var cmd = new SqlCommand(strsql, conn)
{
CommandType = CommandType.Text
};
cmd.Parameters.AddWithValue("@log_id", ck2.online_id);
cmd.Parameters.AddWithValue("@p_id", ck2.p_id);
cmd.ExecuteNonQuery();
ck.DeleteCookies();
//HttpContext.Current.Session["logId"] = null;
HttpContext.Current.Cache.Remove("menuData");
HttpContext.Current.Cache.Remove("menuText");
}
}
catch { return(-1); }
return(0);
}
public static string Login(string IdCard, string strName, string UserStatus)
{
ManageCookie ck = new ManageCookie();
int retIdentity = 0; //To get the identity from inserted value
int retAllow = 0; //To validate user
SqlConnection conn = DBConnection();
DataSet ds = new DataSet();
//Add one more criteria: p.p_is_deleted is 0
string strsql = string.Format(@"select p.p_id, p.m_id, p.p_role_id
, p.p_idno, p.p_name_thai, p.p_sname_thai, p.p_name_eng, p.p_sname_eng
, p.p_is_online, isnull(datediff(hour, p.last_login, getdate()),0) as last_login
, m.mi_code, m.mi_name
,d.d_code, d.d_name
from persons p
left join ministry m on p.m_id = m.mi_id
left join persons_detail pd on p.p_id = pd.p_id
left join department d on pd.d_id = d.d_id
where p.p_idno = @idno and p.p_name_eng = @name and p.p_is_active=1 and p.p_is_delete=0 and p.p_role_id=@role_id; ");
SqlCommand cmd = new SqlCommand(strsql, conn);
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@idno", IdCard);
cmd.Parameters.AddWithValue("@name", strName);
cmd.Parameters.AddWithValue("@role_id", UserStatus);
cmd.CommandTimeout = 0;
//DataSet ds = ExecuteDetaset(cmd);
SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(ds);
retAllow = validateUser(ds);
if (retAllow == 1)
{
// Comment by Ton
// strsql = string.Format(@"insert into online_user(p_id,p_idno,p_name_thai,p_sname_thai)
// values(@uid, @idno, @namethai, @sname);
// select @@Identity;
// update persons set p_is_active=1, last_login=getdate(), p_is_online=1 where p_idno=@idno;
// ");
// Add one more criteria condition : also check UID
strsql = string.Format(@"insert into online_user(p_id,p_idno,p_name_thai,p_sname_thai)
values(@uid, @idno, @namethai, @sname);
select @@Identity;
update persons set p_is_active=1, last_login=getdate(), p_is_online=1 where (p_idno=@idno) AND (p_id = @uid) ;
");
cmd.Parameters.Clear();
cmd.CommandText = strsql;
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@uid", ds.Tables[0].Rows[0]["p_id"]);
cmd.Parameters.AddWithValue("@idno", IdCard);
cmd.Parameters.AddWithValue("@namethai", ds.Tables[0].Rows[0]["p_name_thai"]);
cmd.Parameters.AddWithValue("@sname", ds.Tables[0].Rows[0]["p_sname_thai"]);
cmd.ExecuteNonQuery();
retIdentity = Convert.ToInt32(cmd.ExecuteScalar());
HttpContext.Current.Session["logId"] = Convert.ToString(retIdentity) + "/" + ds.Tables[0].Rows[0]["p_id"] + "/" + ds.Tables[0].Rows[0]["mi_name"];
//ck.logId = retIdentity;
ck.CreateCookies(ds.Tables[0], Convert.ToString(retIdentity));
}
else
{
ck.DeleteCookies();
//Response.Cookies[myFunc.ckCKCode].Expires = DateTime.Now.AddDays(-1);
//Response.Cookies[myFunc.ckUserType].Expires = DateTime.Now.AddDays(-1);
//_Utility.MessageBox("Username Or Password are not correct.", txtUsername);
//return;
}
DBConnection().Close();
if (retAllow == 1 && retIdentity > 0)
{
return("");
}
else if (retAllow == 2)
{
return("ท่านไม่สามารถเข้าใช้งานได้ เนื่องจาขณะนี้มีผู้ใช้ที่ท่านระบุกำลังทำงานอยู่ในระบบ");
}
else if (retAllow == 0)
{
return("ข้อมูลไม่ถูกต้อง กรุณากรอกข้อมูลให้ถูกต้อง");
}
return("");
}