Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Web;
- using System.Web.UI;
- using System.Web.UI.WebControls;
- using System.Web.Configuration;
- using System.Data;
- using System.Data.SqlClient;
- public partial class _Default : System.Web.UI.Page
- {
- //adding connection string to page and adding query to enter user data into database
- private readonly string dbconnection = WebConfigurationManager.ConnectionStrings["mumsDiaryConnectionString"].ConnectionString;
- private const string querySingupUser = "INSERT INTO [reg_user](ID,first,last,email,password,suburb,postcode,state,country) VALUES(@id,@firstname,@lastname,@email,@password,@suburb,@postcode,@state,@country)";
- private const string queryLoginUser = "SELECT COUNT(*) FROM [reg_user] WHERE email=@eml";
- protected void Page_Load(object sender, EventArgs e)
- {
- }
- protected void reg_submit_Click(object sender, EventArgs e)
- {
- string checkUser = "SELECT COUNT(*) FROM [reg_user] WHERE email='" + reg_email.Text + "'";
- if (Page.IsPostBack)
- {
- using (var conn = new SqlConnection(dbconnection))
- using (var comm = new SqlCommand(checkUser, conn))
- {
- conn.Open();
- int userCount = Convert.ToInt32(comm.ExecuteScalar().ToString());
- if (userCount == 1)
- {
- reg_user_exist.Visible = true;
- }
- conn.Close();
- }
- }
- else {
- if (Page.IsValid)
- {
- var first = reg_first.Text;
- var last = reg_last.Text;
- var email = reg_email.Text;
- var pass = reg_pass.Text.GetHashCode().ToString();
- var sub = reg_sub.Text;
- var state = reg_state.Text;
- var post = reg_post.Text;
- var country = "Australia";
- // function called to sing up user account
- saveUser(first, last, email, pass, sub, post, state, country);
- }
- }
- }
- //function to signup new users
- protected void saveUser(string fst, string lst, string eml, string pas, string sub, string post, string stt, string cont)
- {
- var newGuid = Guid.NewGuid().ToString();
- using (var conn = new SqlConnection(dbconnection))
- using (var comm = new SqlCommand(querySingupUser, conn))
- {
- conn.Open();
- comm.Parameters.AddWithValue("@id", newGuid.ToString());
- comm.Parameters.Add("@firstname", SqlDbType.NVarChar).Value = fst;
- comm.Parameters.Add("@lastname", SqlDbType.NVarChar).Value = lst;
- comm.Parameters.Add("@email", SqlDbType.NVarChar).Value = eml;
- comm.Parameters.Add("@password", SqlDbType.NVarChar).Value = pas;
- comm.Parameters.Add("@suburb", SqlDbType.NVarChar).Value = sub;
- comm.Parameters.Add("@postcode", SqlDbType.Int).Value = post;
- comm.Parameters.Add("@state", SqlDbType.NVarChar).Value = stt;
- comm.Parameters.Add("@country", SqlDbType.NVarChar).Value = cont;
- comm.ExecuteNonQuery();
- conn.Close();
- Session["email"] = eml.ToString();
- Session["password"] = pas.ToString();
- Response.Redirect("~/Pages/Home_page.aspx");
- }
- }
- protected void login_submit_Click(object sender, EventArgs e)
- {
- var em = login_email.Text;
- var pass = login_password.Text.GetHashCode().ToString();
- validate_login(em, pass);
- }
- // function to validate email
- protected void validate_login(string em, string pass)
- {
- using (var conn = new SqlConnection(dbconnection))
- using (var comm = new SqlCommand(queryLoginUser, conn))
- {
- //checking if the email address exist in the database
- conn.Open();
- comm.Parameters.Add("@eml", SqlDbType.NVarChar).Value = em; // em is user input email making sure its sqldbtype
- int temp = Convert.ToInt32(comm.ExecuteScalar().ToString());
- conn.Close();
- // if email address found
- if (temp == 1)
- {
- string checkingPasswordQuery = "SELECT password FROM [reg_user] WHERE email=@eml";
- using (var comm_pass = new SqlCommand(checkingPasswordQuery, conn))
- {
- conn.Open();
- comm_pass.Parameters.Add("@eml", SqlDbType.NVarChar).Value = em;
- var db_password = comm_pass.ExecuteScalar().ToString();
- conn.Close();
- if(db_password.Equals(pass)) // checking if password match from the database
- {
- Session["email"] = em;
- Session["password"] = pass;
- Response.Redirect("~/Pages/Home_page.aspx");
- }
- else
- {
- Invalid_pass.Visible = true;
- }
- }
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement