protected void btnLogin_Click(object sender, EventArgs e)
{
SqlConnection conn = TravelExperts1DB.GetConnection();
try
{
conn.Open();
string checkUser = "******"
+ txtCustUserName.Text + "'";
SqlCommand userCmd = new SqlCommand(checkUser, conn);
int temp = Convert.ToInt32(userCmd.ExecuteScalar().ToString());
if (temp == 1)
{
string cryptPassword = EncryptDB.Encrypt(txtCustPassword.Text);
string checkPassword = "******" + cryptPassword + "'";
SqlCommand passCmd = new SqlCommand(checkPassword, conn);
string password = passCmd.ExecuteScalar().ToString().Replace(" ", "");
if (password == cryptPassword)
{
Session["Login"] = txtCustUserName.Text;
Response.Write("Password is correct");
Response.Redirect("User.aspx");
}
else
{
Response.Write("Password is not correct");
}
}
else
{
Response.Write("Username is not correct");
}
}
catch //(Exception ex)
{
Response.Write("Password is not correct"); //NEED TO FIGURE OUT HOW TO FIX IF PASSWORD IS NOT IN DATABASE
//throw ex;
}
finally
{
conn.Close();
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["Login"] != null)
{
string custUserName = Session["Login"].ToString();
SqlConnection conn = TravelExperts1DB.GetConnection();
string getCustFirstName = "SELECT CustFirstName from Customers where CustUserName = @CustUserName";
SqlCommand cmd = new SqlCommand(getCustFirstName, conn);
SqlParameter input = new SqlParameter();
input.ParameterName = "@CustUserName";
input.Value = custUserName;
cmd.Parameters.Add(input);
try
{
conn.Open();
SqlDataReader myReader;
myReader = cmd.ExecuteReader();
string name = "";
while (myReader.Read())
{
name = (myReader["CustFirstName"].ToString());
lblWelcome.Text += name;
}
}
catch (Exception ex)
{
throw ex;
}
finally
{
conn.Close();
}
}
else
{
Response.Redirect("Login.aspx");
}
}
protected void btnCustRegister_Click(object sender, EventArgs e)
{
bool UserNameChecked = false;
bool insert = false;
List <string> userNames = CustomersDB.GetUserNames(); // replace with user name list
foreach (string username in userNames)
{
if (txtCustUserName.Text == username)
{
Response.Write("User name is already taken. Please choose another user name");
UserNameChecked = false;
break;
}
else
{
UserNameChecked = true;
}
}
if (Page.IsValid && UserNameChecked)
{
string cryptPassword = EncryptDB.Encrypt(txtCustPassword.Text);
Customer cust = new Customer(txtCustFirstName.Text, txtCustLastName.Text, txtCustAddress.Text,
txtCustCity.Text, ddlCustProv.SelectedValue.ToString(), txtCustPostal.Text,
ddlCustCountry.SelectedValue.ToString(), txtCustHomePhone.Text, txtCustBusPhone.Text,
txtCustEmail.Text, txtCustUserName.Text, cryptPassword.ToString().Trim());
SqlConnection conn = TravelExperts1DB.GetConnection();
try
{
conn.Open();
insert = CustomersDB.CreateCustomer(cust);
if (insert)
{
Response.Redirect("http://localhost:61652/Login.aspx");
//Response.Write("Registration successful");
}
//else
// Response.Write("Registration unsuccessful");
}
catch (Exception)
{
//Response.Write("User name is already taken. Please choose another user name");
//throw ex;
Response.Write("Registration unsuccessful");
}
finally
{
conn.Close();
}
}
//else
//{
// Response.Write("Registration unsuccessful");
//}
}