using System; using System.Data; using System.Configuration; using System.Collections; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; using System.Data.SqlClient; public partial class Login : System.Web.UI.Page { private SqlConnection sqlCn = new SqlConnection(); protected void Page_Load(object sender, EventArgs e) { sqlCn = (SqlConnection)Session["SQL_CONNECTION"]; } protected void cmdDoLogin_Click(object sender, EventArgs e) { //Composizione username utente Gruppo SIGLA string s = txtUser.Text.Trim() + "@grupposigla.it"; if (VerificaLogin(s, txtPwd.Text.Trim())) { Session["IsAuthenticated"] = true; string sSql; SqlDataAdapter DA; DataSet DS; sqlCn = (SqlConnection)Session["SQL_CONNECTION"]; //Sessione (ricavo ID da UserName immesso da utente che ha effettuato login) sSql = "SELECT * FROM users WHERE UserName= '" + s.Trim() + "'"; DA = new SqlDataAdapter(sSql, sqlCn); DS = new DataSet(); DA.Fill(DS); //Memorizzo in sessione l'UserID Session["Id"]=DS.Tables[0].Rows[0].ItemArray[2].ToString(); DS.Dispose(); DS = null; DA.Dispose(); DA = null; Response.Redirect(Request.QueryString["Origin"]); lblNoAuthenticate.Visible = false; } else { Session["IsAuthenticated"] = false; lblNoAuthenticate.Visible = true; } } private bool VerificaLogin(string usr, string pwd) { //Store Procedure SqlCommand cmd = new SqlCommand("DoLogin_Ric", sqlCn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("usr", SqlDbType.VarChar, 30); cmd.Parameters.Add("pwd", SqlDbType.VarChar, 30); cmd.Parameters.Add("res", SqlDbType.Int); cmd.Parameters[0].Direction = ParameterDirection.Input; cmd.Parameters[1].Direction = ParameterDirection.Input; cmd.Parameters[2].Direction = ParameterDirection.Output; string s = txtUser.Text.Trim() + "@grupposigla.it"; cmd.Parameters[0].Value = s; cmd.Parameters[1].Value = txtPwd.Text.Trim(); cmd.ExecuteNonQuery(); if ((int)cmd.Parameters[2].Value == 1) { return true; } else{ return false; } } }