ASP.NET C# and SQL 2008: Problems & Solutions: How to customize login control

SQL Role Manager - Roles stored in SQL Table

Login.aspx file:

<%@ Control Language="C#" AutoEventWireup="true" CodeFile="Login.ascx.cs" Inherits="UserControls_Login" %>

<span class="AdminTitle">If already member:</span><br />

<asp:Login ID="Login1" runat="server" onauthenticate="Login1_Authenticate">

</asp:Login>

<br />

<span class="AdminTitle">Create new user wizard:</span><br />

<asp:Panel ID="Panel1" runat="server" BackColor="White" BorderStyle="Dashed"

BorderWidth="1px" Width="400px">

<table border="0" style="margin: 30px; font-size: 10pt; font-family: Verdana"

width="400">

<tr>

<td align="center" colspan="2"

style="font-weight: bold; color: white; background-color: #6b696b">

Create Your UserID </td>

</tr>

<tr>

<asp:Label ID="UserNameLabel" runat="server"

AssociatedControlID="userNameTextBox">UserID:</asp:Label>

</td>

<td>

<asp:TextBox ID="userNameTextBox" runat="server"></asp:TextBox>

<asp:RequiredFieldValidator ID="UserNameRequired" runat="server"

ControlToValidate="userNameTextBox" ErrorMessage="User Name is required."

ToolTip="User Name is required." ValidationGroup="CreateUserWizard1"> *</asp:RequiredFieldValidator>

</td>

</tr>

<tr>

<asp:Label ID="PasswordLabel0" runat="server"

AssociatedControlID="passwordTextBox">Password:</asp:Label>

</td>

<td>

<asp:TextBox ID="passwordTextBox" runat="server" TextMode="Password"></asp:TextBox>

<asp:RequiredFieldValidator ID="PasswordRequired" runat="server"

ControlToValidate="passwordTextBox" ErrorMessage="Password is required."

ToolTip="Password is required." ValidationGroup="CreateUserWizard1"> *</asp:RequiredFieldValidator>

</td>

</tr>

<tr>

<asp:Label ID="ConfirmPasswordLabel" runat="server"

AssociatedControlID="emailTextBox">Re-Type Password:</asp:Label>

</td>

<td>

<asp:TextBox ID="confirmPasswordTextBox" runat="server" TextMode="Password"></asp:TextBox>

<asp:RequiredFieldValidator ID="ConfirmPasswordRequired" runat="server"

ControlToValidate="confirmPasswordTextBox"

ErrorMessage="Confirm Password is required."

ToolTip="Confirm Password is required."

ValidationGroup="CreateUserWizard1"> *</asp:RequiredFieldValidator>

</td>

</tr>

<tr>

<asp:Label ID="EmailLabel" runat="server" AssociatedControlID="emailTextBox">Email:</asp:Label>

</td>

<td>

<asp:TextBox ID="emailTextBox" runat="server"></asp:TextBox>

<asp:RequiredFieldValidator ID="EmailRequired" runat="server"

ControlToValidate="emailTextBox" ErrorMessage="Email is required."

ToolTip="Email is required." ValidationGroup="CreateUserWizard1"> *</asp:RequiredFieldValidator>

</td>

</tr>

</table>

<br />

<tr>

<td align="center" colspan="2"

style="font-weight: bold; color: white; background-color: #6b696b">

If You Forget Your Password

</td>

</tr>

<tr>

Security Question:

</td>

<td>

<asp:DropDownList ID="questionDropDownBox" runat="server" Width="200">

<asp:ListItem Text="[Select a Question]" />

<asp:ListItem Text="Favorite Pet" />

<asp:ListItem Text="Mother's Maiden Name" />

<asp:ListItem Text="Who was your childhood hero?" />

<asp:ListItem Text="Your favorite pasttime?" />

</asp:DropDownList>

<asp:RequiredFieldValidator ID="QuestionRequired" runat="server"

ControlToValidate="questionDropDownBox" ErrorMessage="Select a Security Question"

InitialValue="[Select a Question]" ValidationGroup="CreateUserWizard1">*</asp:RequiredFieldValidator>

</td>

</tr>

<tr>

Your Answer:

</td>

<td>

<asp:TextBox ID="answerDropDownBox" runat="server"></asp:TextBox>

<asp:RequiredFieldValidator ID="AnswerRequired" runat="server"

ControlToValidate="answerDropDownBox" ErrorMessage="RequiredFieldValidator"

ValidationGroup="CreateUserWizard1">*</asp:RequiredFieldValidator>

</td>

</tr>

</table>

<br />

<tr>

<td align="center" colspan="2"

style="font-weight: bold; color: white; background-color: #6b696b">

Help Us Customize Your Experience </td>

</tr>

<tr>

Country:</td>

<td>

<asp:DropDownList ID="countryDropDownBox" runat="server">

<asp:ListItem Text="[Select a Country]" />

<asp:ListItem Text="United States of America" />

<asp:ListItem Text="United Kingdom" />

<asp:ListItem Text="Portugal" />

<asp:ListItem Text="Europe" />

<asp:ListItem Text="Other" />

</asp:DropDownList>

<asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server"

ControlToValidate="countryDropDownBox" ErrorMessage="Select a Country"

InitialValue="[Select a Country]" ValidationGroup="CreateUserWizard1">*</asp:RequiredFieldValidator>

</td>

</tr>

<tr>

Gender:</td>

<td>

<asp:DropDownList ID="genderDropDownBox" runat="server">

<asp:ListItem Text="[Select Gender]" />

<asp:ListItem Text="Male" />

<asp:ListItem Text="Female" />

</asp:DropDownList>

<asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server"

ControlToValidate="genderDropDownBox" ErrorMessage="Select Gender"

InitialValue="[Select Gender]" ValidationGroup="CreateUserWizard1">*</asp:RequiredFieldValidator>

</td>

</tr>

<tr>

Age:</td>

<td>

<asp:TextBox ID="ageTextBox" runat="server"></asp:TextBox>

<asp:RequiredFieldValidator ID="RequiredFieldValidator3" runat="server"

ControlToValidate="ageTextBox" ErrorMessage="Enter Age"

ValidationGroup="CreateUserWizard1">*</asp:RequiredFieldValidator>

<asp:RangeValidator ID="RangeValidator1" runat="server" ControlToValidate="ageTextBox"

ErrorMessage="Not a valid number" MaximumValue="120" MinimumValue="1"

Type="Integer" ValidationGroup="CreateUserWizard1">*</asp:RangeValidator>

</td>

</tr>

<tr>

<asp:CompareValidator ID="PasswordCompare" runat="server"

ControlToCompare="passwordTextBox" ControlToValidate="confirmPasswordTextBox"

Display="Dynamic"

ErrorMessage="The Password and Confirmation Password must match."

ValidationGroup="CreateUserWizard1"></asp:CompareValidator>

</td>

</tr>

<tr>

<asp:Literal ID="ErrorMessage" runat="server" EnableViewState="False"></asp:Literal>

</td>

</tr>

<tr>

<td>

<asp:Button ID="createNewUserButton" runat="server" Text="Create user"

ValidationGroup="CreateUserWizard1" onclick="createNewUserButton_Click" />

</td>

</tr>

</table>

</asp:Panel>

Login.aspx.cs file:

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Web.UI;

using System.Web.UI.WebControls;

public partial class UserControls_Login : System.Web.UI.UserControl

{

protected void Page_Load(object sender, EventArgs e)

{

}

protected void createNewUserButton_Click(object sender, EventArgs e)

{

string userName, password, email, securityQuestoin, securityAnswer, country, gender;

userName = userNameTextBox.Text.ToString();

password = passwordTextBox.Text.ToString();

email = emailTextBox.Text.ToString();

securityQuestoin = questionDropDownBox.Text.ToString();

securityAnswer = answerDropDownBox.Text.ToString();

country = countryDropDownBox.Text.ToString();

gender = genderDropDownBox.Text.ToString();

int age = Int16.Parse( ageTextBox.Text.ToString());

UserDetailsAccess.UserAdd(userName, password, email, securityQuestoin, securityAnswer, country, gender, age);

}

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)

{

Boolean bauthenticated = false;

bauthenticated = UserDetailsAccess.IsValidUser(Login1.UserName, Login1.Password);

if (bauthenticated)

{

e.Authenticated = true;

//save the productId into session variable to use it later on

Session["loggedInUserName"] = Login1.UserName;

}

else

{

e.Authenticated = false;

}

UserDetailsAccess.cs file:

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Data;

using System.Data.Common;

/// <summary>

/// Summary description for CreateCustomerWizard

/// </summary>

public class UserDetailsAccess

{

public UserDetailsAccess()

{

// TODO: Add constructor logic here

}

//get all user

public static DataTable GetAllUser()

{

DbCommand comm = GenericDataAccess.CreateCommand();//create command

comm.CommandText = "GetUsers"; //set stored procedure

return GenericDataAccess.ExecuteSelectCommand(comm);

}

// Remove a shopping cart item

public static bool DeleteUser(int userID)

{

// get a configured DbCommand object

DbCommand comm = GenericDataAccess.CreateCommand();

// set the stored procedure name

comm.CommandText = "UserDelete";

// create a new parameter

DbParameter param = comm.CreateParameter();

param.ParameterName = "@UserID";

param.Value = userID;

param.DbType = DbType.Int32;

comm.Parameters.Add(param);

// returns true in case of success or false in case of an error

try

{

// execute the stored procedure and return true if it executes

// successfully, or false otherwise

return (GenericDataAccess.ExecuteNonQuery(comm) != -1);

}

catch

{

// prevent the exception from propagating, but return false to

// signal the error

return false;

}

// Add a new customer

public static bool UserAdd(string userName, string password, string email, string securityQuestion, string securityAnswer, string country, string Gender, int Age)

{

// get a configured DbCommand object

DbCommand comm = GenericDataAccess.CreateCommand();

// set the stored procedure name

comm.CommandText = "UserAdd";

// create a new parameter

DbParameter param = comm.CreateParameter();

param.ParameterName = "@UserName";

param.Value = userName;

param.DbType = DbType.String;

param.Size = 36;

comm.Parameters.Add(param);

// create a new parameter

param = comm.CreateParameter();

param.ParameterName = "@Password";

param.Value = password;

param.DbType = DbType.String;

comm.Parameters.Add(param);

// create a new parameter

param = comm.CreateParameter();

param.ParameterName = "@Email";

param.Value = email;

param.DbType = DbType.String;

comm.Parameters.Add(param);

// create a new parameter

param = comm.CreateParameter();

param.ParameterName = "@SecurityQuestion";

param.Value = securityQuestion;

param.DbType = DbType.String;

comm.Parameters.Add(param);

// create a new parameter

param = comm.CreateParameter();

param.ParameterName = "@SecurityAnswer";

param.Value = securityAnswer;

param.DbType = DbType.String;

comm.Parameters.Add(param);

// create a new parameter

param = comm.CreateParameter();

param.ParameterName = "@Country";

param.Value = country;

param.DbType = DbType.String;

comm.Parameters.Add(param);

// create a new parameter

param = comm.CreateParameter();

param.ParameterName = "@Gender";

param.Value = Gender;

param.DbType = DbType.String;

comm.Parameters.Add(param);

// create a new parameter

param = comm.CreateParameter();

param.ParameterName = "@Age";

param.Value = Age;

param.DbType = DbType.Int32;

comm.Parameters.Add(param);

// returns true in case of success or false in case of an error

try

{

// execute the stored procedure and return true if it executes

// successfully, or false otherwise

return (GenericDataAccess.ExecuteNonQuery(comm) != -1);

}

catch

{

// prevent the exception from propagating, but return false to

// signal the error

return false;

}

// verify users against existing database

public static bool IsValidUser(string userName, string password)

{

// get a configured DbCommand object

DbCommand comm = GenericDataAccess.CreateCommand();

// set the stored procedure name

comm.CommandText = "UserIsExist";

// create a new parameter

DbParameter param = comm.CreateParameter();

param.ParameterName = "@UserName";

param.Value = userName;

param.DbType = DbType.String;

param.Size = 36;

comm.Parameters.Add(param);

// create a new parameter

param = comm.CreateParameter();

param.ParameterName = "@Password";

param.Value = password;

param.DbType = DbType.String;

comm.Parameters.Add(param);

// return the result table

DataTable table = GenericDataAccess.ExecuteSelectCommand(comm);

if (table.Rows.Count > 0)

{

return true;

}

else

{

return false;

}

ASP.NET C# and SQL 2008: Problems & Solutions

Thursday, 22 November 2012

How to customize login control - SQL Role manager

No comments:

Post a Comment