Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- string connStr = ConfigurationManager.ConnectionStrings["sodnik_za_prekrskeConnectionString1"].ConnectionString;
- SqlConnection conn = new SqlConnection(connStr);
- conn.Open();
- SqlCommand userExists = new SqlCommand("select count(*) from uporabnik where username = '" + textBoxUsernameLogin.Text + "'", conn);
- SqlCommand userData = new SqlCommand("select username, password from uporabnik where username = '" + textBoxUsernameLogin.Text + "'", conn);
- SqlCommand getUserType = new SqlCommand("select vrsta_uporabnika from uporabnik where username = '"+textBoxUsernameLogin.Text+"'", conn);
- SqlCommand getIme = new SqlCommand("select ime from uporabnik where username = '" + textBoxUsernameLogin.Text + "'", conn);
- SqlCommand getPriimek = new SqlCommand("select priimek from uporabnik where username = '" + textBoxUsernameLogin.Text + "'", conn);
- int obstaja = Convert.ToInt32(userExists.ExecuteScalar().ToString());
- conn.Close();
- if (obstaja == 1)
- {
- conn.Open();
- string userType = getUserType.ExecuteScalar().ToString();
- string checkPass = "select password from uporabnik where username='" + textBoxUsernameLogin.Text + "'";
- SqlCommand passComm = new SqlCommand(checkPass, conn);
- string password = passComm.ExecuteScalar().ToString();
- if (password == textBoxPasswordLogin.Text)
- {
- if(userType == "admin")
- {
- status_prijave.InnerText = "Prijava uspešna";
- Session["login"] = "admin";
- Session["ime"] = getIme.ExecuteScalar().ToString();
- Session["priimek"] = getPriimek.ExecuteScalar().ToString();
- conn.Close();
- Response.Redirect("orodja.aspx");
- }
- if (userType == "user")
- {
- status_prijave.InnerText = "Prijava uspešna";
- Session["login"] = "user";
- Session["ime"] = getIme.ExecuteScalar().ToString();
- Session["priimek"] = getPriimek.ExecuteScalar().ToString();
- conn.Close();
- Response.Redirect("uporabnik.aspx");
- }
- }
- else
- {
- status_prijave.InnerText = "Napačno geslo";
- conn.Close();
- }
- }
- else
- {
- status_prijave.InnerText = "Uporabnik ne obstaja";
- conn.Close();
- }
- conn.Close();
Add Comment
Please, Sign In to add comment