Torna al Thread


using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Data.SqlClient;
public partial class login : System.Web.UI.Page
{
    String connectionString = ConfigurationManager.ConnectionStrings["Personal"].ConnectionString;
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
        }
    }
    public bool CheckEmail(string Email)
    {
        using (SqlConnection conn = new SqlConnection(connectionString))
        {
            conn.Open();
            SqlCommand checkEmail = new SqlCommand("SELECT COUNT(*) FROM users WHERE Email=@Email", conn);
            checkEmail.Parameters.AddWithValue("@email", Email);
            int rows = Convert.ToInt32(checkEmail.ExecuteScalar());
            return (rows > 0);

        }

    }
    public bool CheckPassword(string Password)
    {
        using (SqlConnection conn = new SqlConnection(connectionString))
        {
            conn.Open();
            SqlCommand checkPassword = new SqlCommand("SELECT COUNT(*) FROM users WHERE Password=@Password", conn);
            checkPassword.Parameters.AddWithValue("@password", Password);
            int rows = Convert.ToInt32(checkPassword.ExecuteScalar());
            return (rows > 0);

        }

    }
    protected void BtnLogin_Click(object sender, EventArgs e)
    {
        using (SqlConnection conn = new SqlConnection(connectionString))
        {
            string Email = txtEmail.Text;
            string Password = txtPass.Text;
            if (CheckEmail(Email) == false)
            {
                error.Text = "Non esiste Email";

            }
            else if (CheckPassword(Password) == false)
            {
                error.Text = "Non Esiste Password";
            }
            else
            {
                conn.Open();
                string SQL = "SELECT * FROM users WHERE Email=@Email and Password=@Password";
                SqlCommand reader_command = new SqlCommand(SQL, conn);
                reader_command.Parameters.AddWithValue("@Email", txtEmail.Text);
                reader_command.Parameters.AddWithValue("@Password", txtPass.Text);
                SqlDataReader reader_exec = reader_command.ExecuteReader();
                if (reader_exec.Read())
                {
                    Session["userlogin"] = true;
                    Session["ID"] = reader_exec["ID"].ToString();
                    Session["UserName"] = reader_exec["Username"].ToString();
                    Session["Email"] = reader_exec["Email"].ToString();
                    Session["Livello"] = reader_exec["Livello"].ToString();
                    Session["Ruolo"] = reader_exec["Ruolo"].ToString();
                    Response.Redirect("members.aspx");
                }
                else
                {
                    error.Text = "Non esiste nessun email e password";
                }
                reader_exec.Close();
                error.Text = "GO";
            }
        }
    }
}
Copyright © dotNetHell.it 2002-2024
Running on Windows Server 2008 R2 Standard, SQL Server 2012 & ASP.NET 3.5