protected void btnLogin_Click(object sender, EventArgs e)
{
try
{
//if (Page.IsValid)
//{
using (SqlConnection con = new SqlConnection(conString))
{
using (SqlCommand cmd = new SqlCommand("sp_UserChk", con))
{
cmd.CommandType = CommandType.StoredProcedure;
//EncryptionDecryption crypt = new EncryptionDecryption();
//string strEncryptedPwd = EncryptDecrypt.Encrypt(txtPwd.Text);
cmd.Parameters.Add("@UserID", SqlDbType.NVarChar).Value = txtUsername.Text;
//cmd.Parameters.Add("@Pwd", SqlDbType.NVarChar).Value = strEncryptedPwd;
if (con.State == ConnectionState.Closed)
{
con.Open();
}
int retVal = Convert.ToInt16(cmd.ExecuteScalar());
if (retVal == 1)
{
ViewState["IsValidUser"] = retVal;
Page.Validate();
}
else
{
Session["CurrentUser"] = txtUsername.Text;
//fetch roletype and then redirect
string strRole = GetRoleType();
Session["Role"] = strRole;
BusinessObjects bo = new BusinessObjects();
string strPwd = bo.GetUserPwd(txtUsername.Text);
string strDecryptedPwd = strPwd;
string strEnteredPwd = txtPwd.Text;
if (strRole.ToUpper() != "ADMIN")
{
strDecryptedPwd = EncryptDecrypt.Decrypt(strPwd);
strEnteredPwd = txtPwd.Text;
}
else
{
strEnteredPwd = strEnteredPwd.ToUpper();
strDecryptedPwd = strDecryptedPwd.ToUpper();
}
if (strDecryptedPwd != strEnteredPwd)
{
ViewState["IsValidUser"] = 1;
Page.Validate();
}
else
{
if (strRole.ToUpper() == "ADMIN")
{
Response.Redirect("AdminHome.aspx", false);
}
else if (strRole.ToUpper() == "INSTRUCTOR")
{
Response.Redirect("InstructorHome.aspx", false);
}
else if (strRole.ToUpper() == "STUDENT")
{
Response.Redirect("StudentHome.aspx", false);
}
}
}
}
}
//}
}
catch (Exception ex)
{
string error = ex.Message.ToString();
}
}