public ActionResult Create(Exam.Models.Exam e) { try { SqlConnection con = new SqlConnection(); con.ConnectionString = @"Data Source=(localdb)\MsSqlLocalDb;Initial Catalog=Exam;Integrated Security=True;Pooling=False"; con.Open(); SqlCommand cmd = new SqlCommand(); cmd.Connection = con; cmd.CommandType = System.Data.CommandType.StoredProcedure; cmd.CommandText = "InsertProcedure"; cmd.Parameters.AddWithValue("@UserName", e.UserName); cmd.Parameters.AddWithValue("@Password", e.Password); cmd.ExecuteNonQuery(); // TODO: Add insert logic here return(RedirectToAction("Login")); } catch (Exception ex) { ViewBag.err = ex.Message; return(View()); } }
public ActionResult Login(Exam.Models.Exam e) { SqlConnection con = new SqlConnection(); con.ConnectionString = @"Data Source=(localdb)\MsSqlLocalDb;Initial Catalog=Exam;Integrated Security=True;Pooling=False"; con.Open(); SqlCommand cmd = new SqlCommand(); cmd.Connection = con; cmd.CommandType = System.Data.CommandType.Text; cmd.CommandText = "select * from Exam where UserName=@UserName and Password=@Password"; cmd.Parameters.AddWithValue("@UserName", e.UserName); cmd.Parameters.AddWithValue("@Password", e.Password); SqlDataReader dr = cmd.ExecuteReader(); if (dr.Read()) { Session["UserName"] = dr["UserName"]; return(RedirectToAction("Edit")); } else { ViewBag.pwderr = "login failed"; return(View()); } }