Torna al Thread
using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Data.SqlClient;
public partial class login : System.Web.UI.Page
{
String connectionString = ConfigurationManager.ConnectionStrings["Personal"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
}
}
public bool CheckEmail(string Email)
{
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
SqlCommand checkEmail = new SqlCommand("SELECT COUNT(*) FROM users WHERE Email=@Email", conn);
checkEmail.Parameters.AddWithValue("@email", Email);
int rows = Convert.ToInt32(checkEmail.ExecuteScalar());
return (rows > 0);
}
}
public bool CheckPassword(string Password)
{
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
SqlCommand checkPassword = new SqlCommand("SELECT COUNT(*) FROM users WHERE Password=@Password", conn);
checkPassword.Parameters.AddWithValue("@password", Password);
int rows = Convert.ToInt32(checkPassword.ExecuteScalar());
return (rows > 0);
}
}
protected void BtnLogin_Click(object sender, EventArgs e)
{
using (SqlConnection conn = new SqlConnection(connectionString))
{
string Email = txtEmail.Text;
string Password = txtPass.Text;
if (CheckEmail(Email) == false)
{
error.Text = "Non esiste Email";
}
else if (CheckPassword(Password) == false)
{
error.Text = "Non Esiste Password";
}
else
{
conn.Open();
string SQL = "SELECT * FROM users WHERE Email=@Email and Password=@Password";
SqlCommand reader_command = new SqlCommand(SQL, conn);
reader_command.Parameters.AddWithValue("@Email", txtEmail.Text);
reader_command.Parameters.AddWithValue("@Password", txtPass.Text);
SqlDataReader reader_exec = reader_command.ExecuteReader();
if (reader_exec.Read())
{
Session["userlogin"] = true;
Session["ID"] = reader_exec["ID"].ToString();
Session["UserName"] = reader_exec["Username"].ToString();
Session["Email"] = reader_exec["Email"].ToString();
Session["Livello"] = reader_exec["Livello"].ToString();
Session["Ruolo"] = reader_exec["Ruolo"].ToString();
Response.Redirect("members.aspx");
}
else
{
error.Text = "Non esiste nessun email e password";
}
reader_exec.Close();
error.Text = "GO";
}
}
}
}