public SqlDataReader check_duplicate(User_Info obj)
{
string sql = "SELECT * FROM [dbo].[User] WHERE UID='" + obj.UID + "' OR UEmail='" + obj.UEmail + "'";
SqlCommand cmd = sqlconnection(sql);
SqlDataReader reader = cmd.ExecuteReader();
return reader;
}
public SqlDataReader check_duplicate(User_Info obj)
{
string sql = "SELECT * FROM [dbo].[User] WHERE UID='" + obj.UID + "' OR UEmail='" + obj.UEmail + "'";
SqlCommand cmd = sqlconnection(sql);
SqlDataReader reader = cmd.ExecuteReader();
return(reader);
}
public SqlDataReader check_user(User_Info obj)
{
string sql = "SELECT * FROM [dbo].[User] WHERE UID='" + obj.UID + "' AND Password='******'";
SqlCommand cmd = sqlconnection(sql);
SqlDataReader reader = cmd.ExecuteReader();
return(reader);
}
public SqlDataReader check_user(User_Info obj)
{
string sql = "SELECT * FROM [dbo].[User] WHERE UID='" + obj.UID + "' AND Password='******'";
SqlCommand cmd = sqlconnection(sql);
SqlDataReader reader = cmd.ExecuteReader();
return reader;
}
protected void SignIn_btn_Click(object sender, EventArgs e)
{
User_Info obj = new User_Info();
obj.UID = this.id_box.Text;
obj.Password = this.pwd_box.Text;
if (string.IsNullOrEmpty(this.id_box.Text))
{
this.msg_lbl.Text = "Please enter ID";
}
else if (string.IsNullOrEmpty(this.pwd_box.Text))
{
this.msg_lbl.Text = "please enter password";
}
else
{
SqlDataReader signin = signin_data.check_user(obj);
if (signin.HasRows)
{
while (signin.Read())
{
Session["user"] = signin.GetString(5);
Session["user_name"] = signin.GetString(2);
Session["user_id"] = signin.GetString(1);
Response.Write(userName);
switch (signin.GetString(5))
{
case "Librarian":
Response.Redirect("LibrarianProfile.aspx");
break;
case "Faculty":
Response.Redirect("User_Profile.aspx");
break;
case "Student":
Response.Redirect("User_Profile.aspx");
break;
}
}
}
else
{
this.msg_lbl.Text = "Invalid ID";
}
}
}
protected void SignIn_btn_Click(object sender, EventArgs e)
{
User_Info obj = new User_Info();
obj.UID = this.id_box.Text;
obj.Password = this.pwd_box.Text;
if (string.IsNullOrEmpty(this.id_box.Text))
this.msg_lbl.Text = "Please enter ID";
else if (string.IsNullOrEmpty(this.pwd_box.Text))
this.msg_lbl.Text = "please enter password";
else
{
SqlDataReader signin = signin_data.check_user(obj);
if (signin.HasRows)
{
while (signin.Read())
{
Session["user"] = signin.GetString(5);
Session["user_name"] = signin.GetString(2);
Session["user_id"] = signin.GetString(1);
Response.Write(userName);
switch (signin.GetString(5))
{
case "Librarian":
Response.Redirect("LibrarianProfile.aspx");
break;
case "Faculty":
Response.Redirect("User_Profile.aspx");
break;
case "Student":
Response.Redirect("User_Profile.aspx");
break;
}
}
}
else
{
this.msg_lbl.Text = "Invalid ID";
}
}
}
public string save_user_info(User_Info u_obj)
{
try
{
string sql = "INSERT INTO [dbo].[User](UID,UName,UEmail,Password,UType) VALUES('" + u_obj.UID + "', '" + u_obj.UName + "', '" + u_obj.UEmail + "', '" + u_obj.Password + "', '" + u_obj.Account_Type + "')";
SqlCommand cmd = sqlconnection(sql);
cmd.ExecuteNonQuery();
//connection.Close();
return(null);
}
catch (Exception exception)
{
return(exception.Message);
}
}
public string save_user_info(User_Info u_obj)
{
try
{
string sql = "INSERT INTO [dbo].[User](UID,UName,UEmail,Password,UType) VALUES('" + u_obj.UID + "', '" + u_obj.UName + "', '" + u_obj.UEmail + "', '" + u_obj.Password + "', '" + u_obj.Account_Type + "')";
SqlCommand cmd = sqlconnection(sql);
cmd.ExecuteNonQuery();
//connection.Close();
return null;
}
catch (Exception exception)
{
return exception.Message;
}
}
protected void Register_btn_Click(object sender, EventArgs e)
{
User_Info u_obj = new User_Info();
u_obj.UName = this.Name_box.Text.ToString();
u_obj.UID = this.ID_box.Text.ToString();
u_obj.UEmail = this.email_box.Text.ToString();
u_obj.Account_Type = this.Acc_type_radio.SelectedItem.Text.ToString();
u_obj.Password = this.pwd_box.Text.ToString();
SqlDataReader reader = data.check_duplicate(u_obj);
if (reader.HasRows)
{
warning_lbl.Text = "This ID or Email is already registered";
}
else
{
data.save_user_info(u_obj);
Response.Redirect("SignIn.aspx");
}
}
protected void Register_btn_Click(object sender, EventArgs e)
{
User_Info u_obj = new User_Info();
u_obj.UName = this.Name_box.Text.ToString();
u_obj.UID = this.ID_box.Text.ToString();
u_obj.UEmail = this.email_box.Text.ToString();
u_obj.Account_Type = this.Acc_type_radio.SelectedItem.Text.ToString();
u_obj.Password = this.pwd_box.Text.ToString();
SqlDataReader reader = data.check_duplicate(u_obj);
if (reader.HasRows)
{
warning_lbl.Text = "This ID or Email is already registered";
}
else
{
data.save_user_info(u_obj);
Response.Redirect("SignIn.aspx");
}
}