protected void LoginButton_Click(object sender, EventArgs e)
{
string Username = HttpUtility.HtmlEncode(defaultFormEmail.Text);
string pass = HttpUtility.HtmlEncode(defaultFormPass.Text);
string type = "Select UserLoginType from Coordinator where Username = "******"CyberDayMaster"].ConnectionString);
SqlCommand loginCommand = new SqlCommand();
loginCommand.Connection = CDMConnection;
CDMConnection.Open();
System.Data.SqlClient.SqlCommand findPass = new System.Data.SqlClient.SqlCommand();
findPass.Connection = CDMConnection;
findPass.CommandText = "Select CoordinatorID,Password from CoordinatorAuth where Username = @Username";
findPass.Parameters.Add(new SqlParameter("@Username", Username));
SqlDataReader reader = findPass.ExecuteReader();
try
{
if (reader.HasRows)
{
while (reader.Read())
{
string storedHash = reader["Password"].ToString();
if (PasswordHash.ValidatePassword(defaultFormPass.Text, storedHash))
{
UserLoginEmail = Username;
UserLoginName = Username;
CoordinatorID = int.Parse(reader["CoordinatorID"].ToString());
ShowMessage("Logged in successfully as " + UserLoginName.Trim() + " Role: Coordinator! " + UserLoginType, MessageType.Success);
if (UserLoginEmail != null)
{
//MasterMenu.Items[3].Text = HttpUtility.HtmlEncode((UserLoginName.Trim()).Trim());
}
else
{
ShowMessage("Still Null!" + reader.GetString(2), MessageType.Warning);
}
// LoginForm.InnerHtml = "LogOut";
LoginDiv.Style.Add("display", "none");
LogoutDiv.Style.Add("display", "block");
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), System.Guid.NewGuid().ToString(), "ShowMessage('Wrong Password!','Warning');", true);
}
}
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), System.Guid.NewGuid().ToString(), "ShowMessage('Couldn't Find That Email!','Warning');", true);
}
}
finally
{
//dbConnection.Close();
CDMConnection.Close();
MasterMenu.Items.RemoveAt(1);
System.Web.UI.WebControls.MenuItem myItem = new System.Web.UI.WebControls.MenuItem("CoordinatorView", "2");
MasterMenu.Items.AddAt(1, myItem);
}
//ShowMessage("Heard! " + Username, MessageType.Info);
}
protected void LoginButton_Click(object sender, EventArgs e)
{
string email = HttpUtility.HtmlEncode(defaultFormEmail.Text);
string pass = HttpUtility.HtmlEncode(defaultFormPass.Text);
string type = "Select Type from Staff where Email = " + email;
SqlConnection authConnection = new SqlConnection(WebConfigurationManager.ConnectionStrings["CARESconnection"].ConnectionString);
SqlConnection dbConnection = new SqlConnection(WebConfigurationManager.ConnectionStrings["CARESconnection"].ConnectionString);
SqlCommand loginCommand = new SqlCommand();
loginCommand.Connection = authConnection;
loginCommand.Parameters.AddWithValue("@Email", email);
loginCommand.Parameters.AddWithValue("@Password", pass);
dbConnection.Open();
authConnection.Open();
System.Data.SqlClient.SqlCommand findPass = new System.Data.SqlClient.SqlCommand();
findPass.Connection = authConnection;
findPass.CommandText = "Select * from Staff where Email = @Email";
findPass.Parameters.Add(new SqlParameter("@Email", email));
SqlDataReader reader = findPass.ExecuteReader();
try
{
if (reader.HasRows)
{
while (reader.Read())
{
string storedHash = reader["Password"].ToString();
if (PasswordHash.ValidatePassword(defaultFormPass.Text, storedHash))
{
UserLoginEmail = email;
UserLoginType = reader.GetString(3).Trim();
UserLoginID = reader.GetInt32(0);
UserLoginLocation = reader.GetInt32(4);
string qry1 = "select * from Staff where Email='" + email + "'";
SqlCommand cmd1 = new SqlCommand(qry1, dbConnection);
SqlDataReader sdr1 = cmd1.ExecuteReader();
while (sdr1.Read())
{
UserLoginID = sdr1.GetInt32(0);
UserLoginName = (sdr1.GetString(1).Substring(0, 1) + ". " + sdr1.GetString(2));
}
ShowMessage("Logged in successfully as " + UserLoginName.Trim() + " Role: " + UserLoginType, MessageType.Success);
if (UserLoginEmail != null)
{
MasterMenu.Items[4].Text = HttpUtility.HtmlEncode((UserLoginName.Trim()).Trim());
}
else
{
ShowMessage("Still Null!" + reader.GetString(2), MessageType.Warning);
}
// LoginForm.InnerHtml = "LogOut";
LoginDiv.Style.Add("display", "none");
LogoutDiv.Style.Add("display", "block");
if (UserLoginType != "Admin")
{
MasterMenu.Items[3].Enabled = false;
}
else
{
MasterMenu.Items[3].Enabled = true;
}
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), System.Guid.NewGuid().ToString(), "ShowMessage('Wrong Password!','Warning');", true);
}
}
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), System.Guid.NewGuid().ToString(), "ShowMessage('Couldn't Find That Email!','Warning');", true);
}
}
finally
{
dbConnection.Close();
authConnection.Close();
}
// MessageBox.Show("IT WORKS");
//ShowMessage("Heard! " + email + pass, MessageType.Info);
}