Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
using System.Data;
using System.Data.SqlClient;
using System.Web.Security;
namespace edmsNET.DataAccess
{
/// <summary>
/// Summary description for Account.
/// </summary>
public class Account
{
private SqlConnection m_Connection;
private string m_ErrorMsg;
Command.Parameters.Add(new SqlParameter("@UserName",
SqlDbType.Char, 32));
Command.Parameters.Add(new SqlParameter("@Password",
SqlDbType.Char, 40));
Command.Parameters.Add(new SqlParameter("@Email",
SqlDbType.Char, 64));
Command.Parameters.Add(new
SqlParameter("@ModifiedDate", SqlDbType.DateTime));
Command.Parameters.Add(new
SqlParameter("@CreationDate", SqlDbType.DateTime));
Command.Parameters["@UserName"].Value = UserName;
if (Password.Length == 40)
{
Command.Parameters["@Password"].Value = Password;
}
else
{
Command.Parameters["@Password"].Value =
FormsAuthentication.HashPasswordForStoringInConfigFile
(Password, "SHA1");
}
Command.Parameters["@Email"].Value = Email;
Command.Parameters["@ModifiedDate"].Value =
DateTime.Now;
Command.Parameters["@CreationDate"].Value =
DateTime.Now;
try
{
m_Connection.Open();
Command.ExecuteNonQuery();
}
finally
{
m_Connection.Close();
}
}
Command.Parameters.Add(new SqlParameter("@AccountID",
SqlDbType.Int));
Command.Parameters.Add(new SqlParameter("@UserName",
SqlDbType.Char, 32));
Command.Parameters.Add(new SqlParameter("@Password",
SqlDbType.Char, 40));
Command.Parameters.Add(new SqlParameter("@Email",
SqlDbType.Char, 64));
Command.Parameters.Add(new
SqlParameter("@ModifiedDate", SqlDbType.DateTime));
Command.Parameters["@AccountID"].Value = AccountID;
Command.Parameters["@UserName"].Value = UserName;
if (Password.Length == 40)
{
Command.Parameters["@Password"].Value = Password;
}
else
{
Command.Parameters["@Password"].Value =
FormsAuthentication.HashPasswordForStoringInConfigFile
(Password, "SHA1");
}
Command.Parameters["@Email"].Value = Email;
Command.Parameters["@ModifiedDate"].Value =
DateTime.Now;
try
{
m_Connection.Open();
Command.ExecuteNonQuery();
}
finally
{
m_Connection.Close();
}
}
Command.Parameters.Add(new SqlParameter("@AccountID",
SqlDbType.Int));
Command.Parameters["@AccountID"].Value = AccountID;
try
{
m_Connection.Open();
Command.ExecuteNonQuery();
}
finally
{
m_Connection.Close();
}
}
return ds.Tables["Account"];
}
Command.Parameters.Add(new SqlParameter("@AccountID",
SqlDbType.Int));
Command.Parameters["@AccountID"].Value = AccountID;
if (ds.Tables["Account"].Rows.Count > 0)
return ds.Tables["Account"].Rows[0];
else
return null;
}
Command.Parameters.Add(new SqlParameter("@UserName",
SqlDbType.Char, 32));
Command.Parameters["@UserName"].Value = UserName;
try
{
m_Connection.Open();
SqlDataReader dr = Command.ExecuteReader();
if (dr.Read())
{
retval = Convert.ToInt32(dr["AccountID"]);
}
else
{
throw new Exception("Unknown UserName");
}
}
finally
{
m_Connection.Close();
}
return retval;
}
Command.Parameters.Add(new SqlParameter("@AccountID",
SqlDbType.Int));
Command.Parameters["@AccountID"].Value = AccountID;
Command.Parameters.Add(new SqlParameter("@username",
SqlDbType.Char, 32));
Command.Parameters["@username"].Value = username;
try
{
m_Connection.Open();
SqlDataReader dr = Command.ExecuteReader();
if (dr.Read())
{
if(dr["Password"].ToString() ==
FormsAuthentication.HashPasswordForStoringInConfigFile
(password, "SHA1"))
{
ret = true;
}
else
{
m_ErrorMsg = "Invalid password";
}
}
else
{
m_ErrorMsg = "User Name not found.";
ret = false;
}
}
finally
{
m_Connection.Close();
}
return ret;
}
}
}