I have this code here for logging in:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using MSSQLConnector;
using System.Data;
namespace SoftwareAnalysisAndDesign.SAD
{
public partial class OnlineAppSyss : System.Web.UI.Page
{
private MSConnector connector = new MSConnector();
//string queries for each DataSet
string query = null;
string teacherquery = null;
string subjectquery = null;
string schoolfeequery = null;
string accountdetailsquery = null;
int rowcounter = 0;
int teachercounter = 0;
//DataSet and DataTable initialization
private DataSet studentData;
private DataSet subjectData;
private DataSet schoolfeeData;
private DataSet teacherData;
private DataSet accountdetailsData;
private DataTable subjectTable;
private DataTable schoolfeeTable;
private DataTable accountdetailsTable;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
Student();
Teacher();
}
public void Student()
{
//Connection String
connector.ConnectionString = "Data Source=keith;Initial Catalog=SAD;Integrated Security=True";
//String decleration
string username = (this.UserName.Value);
string pass = (this.Password.Value);
//query database from sql server management studio for student
query = "select studentid,password,firstname,lastname,course,year from student";
//execute query for student
studentData = connector.ExecuteQuery(query);
for (; ; )
{
try
{
//string decleration and getting each rows of the Student database
string userid = studentData.Tables[0].Rows[rowcounter]["StudentID"].ToString();
string password = studentData.Tables[0].Rows[rowcounter]["Password"].ToString();
string firstname = studentData.Tables[0].Rows[rowcounter]["FirstName"].ToString();
string lastname = studentData.Tables[0].Rows[rowcounter]["LastName"].ToString();
string course = studentData.Tables[0].Rows[rowcounter]["Course"].ToString();
string year = studentData.Tables[0].Rows[rowcounter]["Year"].ToString();
if (username == "admin" && pass == "cmpe1234")
{
Session["adminlogin"] = username;
Response.Redirect("AdministratorPage.aspx");
}
else if (username == userid && pass == password)
{
//For Student Data Sessions
Session["login"] = userid;
Session["firstname"] = firstname;
Session["lastname"] = lastname;
Session["course"] = course;
Session["year"] = year;
//For Account Details Data
accountdetailsquery = "select StudentID,FirstName,MiddleName,LastName,Age,Province,City,Course,Year,College,Department,ContactNumber,Email from student where studentid = " + username + "";
//query database from sql server management studio for student as accountDetails Information
accountdetailsData = connector.ExecuteQuery(accountdetailsquery);
accountdetailsTable = accountdetailsData.Tables[0];
Session["AccountDetails"] = accountdetailsTable;
//For SchoolFee Data
//query database from sql server management studio for schoolfee
schoolfeequery = "select DatePaid,AmountPaid,CurrentBalance,TotalBalance,Semester from schoolfee where studentid = " + username + "";
//execute query for schoolfee
schoolfeeData = connector.ExecuteQuery(schoolfeequery);
//get all data rows for SchoolFee and store it into DataTable
schoolfeeTable = schoolfeeData.Tables[0];
Session["SchoolFee"] = schoolfeeTable;
//For Subject Data
//query database from sql server management studio for subject
subjectquery = "select CourseNo,CourseDescription,Units,Day,StartTime,EndTime,Room from subject where studentid = " + username + "";
//execute query for subject
subjectData = connector.ExecuteQuery(subjectquery);
//get all data rows for Subject and store it into DataTable
subjectTable = subjectData.Tables[0];
Session["Subjects"] = subjectTable;
//Redirect the page to Student Page after the user successfully logs in.
Response.Redirect("StudentPage.aspx", true);
break;
}
else
{
rowcounter++;
}
}
catch
{
Response.Write("<script language=javascript>alert('Username and password does not match. Try again');</script>");
break;
}
}
}
public void Teacher()
{
//Connection String
connector.ConnectionString = "Data Source=keith;Initial Catalog=SAD;Integrated Security=True";
//String decleration
string teacherusername = (this.UserName.Value);
string password = (this.Password.Value);
//query database from sql server management studio for teacher
teacherquery = "select teacherid,firstname,lastname,department,position from teacher";
//execute query for student
teacherData = connector.ExecuteQuery(teacherquery);
for(;;)
{
try
{
//string decleration and getting each rows of the Student database
string teacherid = teacherData.Tables[0].Rows[teachercounter]["TeacherID"].ToString();
string teacherpassword = teacherData.Tables[0].Rows[teachercounter]["Password"].ToString();
string teacherfirstname = teacherData.Tables[0].Rows[teachercounter]["FirstName"].ToString();
string teacherlastname = teacherData.Tables[0].Rows[teachercounter]["LastName"].ToString();
string department = teacherData.Tables[0].Rows[teachercounter]["Department"].ToString();
string position = teacherData.Tables[0].Rows[teachercounter]["Position"].ToString();
if (teacherusername == "admin" && password == "cmpe1234")
{
Session["adminlogin"] = teacherusername;
Response.Redirect("AdministratorPage.aspx");
}
else if (teacherusername == teacherid && password == teacherpassword)
{
//For Student Data Sessions
Session["teacherlogin"] = teacherid;
Session["teacherfirstname"] = teacherfirstname;
Session["teacherlastname"] = teacherlastname;
Session["department"] = department;
Session["position"] = position;
//Redirect the page to Student Page after the user successfully logs in.
Response.Redirect("TeacherPage.aspx", true);
break;
}
else
{
teachercounter++;
}
}
catch
{
break;
}
}
}
}
}
My problem is I can't access the teacher page in this code, it will only access the student page. What Condition should I use in my system to avoid redundancy?
protected void Button1_Click(object sender, EventArgs e)
{
Student();
Teacher();
}
I want to have a condition that If a username and password input detects either of the 2 users, it will redirect to their specific webpage. Please Help.
Aucun commentaire:
Enregistrer un commentaire