ASP.NET: How to customize login control – SQL Role manager

SQL Role Manager – Roles stored in SQL Table

Login.aspx file:
<%@ Control Language=”C#” AutoEventWireup=”true” CodeFile=”Login.ascx.cs” Inherits=”UserControls_Login” %>
<span class=”AdminTitle”>If already member:</span><br />
<asp:Login ID=”Login1″ runat=”server” onauthenticate=”Login1_Authenticate”>
</asp:Login>
<br />
<span class=”AdminTitle”>Create new user wizard:</span><br />
<asp:Panel ID=”Panel1″ runat=”server” BackColor=”White” BorderStyle=”Dashed”
    BorderWidth=”1px” Width=”400px”>
<table border=”0″ style=”margin30pxfont-size10ptfont-familyVerdana”
        width=”400″>
    <tr>
        <td align=”center” colspan=”2″
            style=”font-weightboldcolorwhitebackground-color#6b696b”>
            Create Your UserID         </td>
    </tr>
    <tr>
        <td align=”right”>
            <asp:Label ID=”UserNameLabel” runat=”server”
                AssociatedControlID=”userNameTextBox”>UserID:</asp:Label>
        </td>
        <td>
            <asp:TextBox ID=”userNameTextBox” runat=”server”></asp:TextBox>
            <asp:RequiredFieldValidator ID=”UserNameRequired” runat=”server”
                ControlToValidate=”userNameTextBox” ErrorMessage=”User Name is required.”
                ToolTip=”User Name is required.” ValidationGroup=”CreateUserWizard1″> *</asp:RequiredFieldValidator>
        </td>
    </tr>
    <tr>
        <td align=”right”>
            <asp:Label ID=”PasswordLabel0″ runat=”server”
                AssociatedControlID=”passwordTextBox”>Password:</asp:Label>
        </td>
        <td>
            <asp:TextBox ID=”passwordTextBox” runat=”server” TextMode=”Password”></asp:TextBox>
            <asp:RequiredFieldValidator ID=”PasswordRequired” runat=”server”
                ControlToValidate=”passwordTextBox” ErrorMessage=”Password is required.”
                ToolTip=”Password is required.” ValidationGroup=”CreateUserWizard1″> *</asp:RequiredFieldValidator>
        </td>
    </tr>
    <tr>
        <td align=”right”>
            <asp:Label ID=”ConfirmPasswordLabel” runat=”server”
                AssociatedControlID=”emailTextBox”>Re-Type Password:</asp:Label>
        </td>
        <td>
            <asp:TextBox ID=”confirmPasswordTextBox” runat=”server” TextMode=”Password”></asp:TextBox>
            <asp:RequiredFieldValidator ID=”ConfirmPasswordRequired” runat=”server”
                ControlToValidate=”confirmPasswordTextBox”
                ErrorMessage=”Confirm Password is required.”
                ToolTip=”Confirm Password is required.”
                ValidationGroup=”CreateUserWizard1″> *</asp:RequiredFieldValidator>
        </td>
    </tr>
    <tr>
        <td align=”right”>
            <asp:Label ID=”EmailLabel” runat=”server” AssociatedControlID=”emailTextBox”>Email:</asp:Label>
        </td>
        <td>
            <asp:TextBox ID=”emailTextBox” runat=”server”></asp:TextBox>
            <asp:RequiredFieldValidator ID=”EmailRequired” runat=”server”
                ControlToValidate=”emailTextBox” ErrorMessage=”Email is required.”
                ToolTip=”Email is required.” ValidationGroup=”CreateUserWizard1″> *</asp:RequiredFieldValidator>
        </td>
    </tr>
</table>
<br />
<br />
<table border=”0″ style=”font-size10ptfont-familyVerdana” width=”400″>
    <tr>
        <td align=”center” colspan=”2″
            style=”font-weightboldcolorwhitebackground-color#6b696b”>
            If You Forget Your Password
        </td>
    </tr>
    <tr>
        <td align=”right”>
            Security Question:
        </td>
        <td>
            <asp:DropDownList ID=”questionDropDownBox” runat=”server” Width=”200″>
                <asp:ListItem Text=”[Select a Question]” />
                <asp:ListItem Text=”Favorite Pet” />
                <asp:ListItem Text=”Mother’s Maiden Name” />
                <asp:ListItem Text=”Who was your childhood hero?” />
                <asp:ListItem Text=”Your favorite pasttime?” />
            </asp:DropDownList>
            <asp:RequiredFieldValidator ID=”QuestionRequired” runat=”server”
                ControlToValidate=”questionDropDownBox” ErrorMessage=”Select a Security Question”
                InitialValue=”[Select a Question]” ValidationGroup=”CreateUserWizard1″>*</asp:RequiredFieldValidator>
        </td>
    </tr>
    <tr>
        <td align=”right” width=”170″>
            Your Answer:
        </td>
        <td>
            <asp:TextBox ID=”answerDropDownBox” runat=”server”></asp:TextBox>
            <asp:RequiredFieldValidator ID=”AnswerRequired” runat=”server”
                ControlToValidate=”answerDropDownBox” ErrorMessage=”RequiredFieldValidator”
                ValidationGroup=”CreateUserWizard1″>*</asp:RequiredFieldValidator>
        </td>
    </tr>
</table>
<br />
<table border=”0″ style=”font-size10ptfont-familyVerdana” width=”400″>
    <tr>
        <td align=”center” colspan=”2″
            style=”font-weightboldcolorwhitebackground-color#6b696b”>
            Help Us Customize Your Experience         </td>
    </tr>
    <tr>
        <td align=”right” width=”170″>
            Country:</td>
        <td>
            <asp:DropDownList ID=”countryDropDownBox” runat=”server”>
                <asp:ListItem Text=”[Select a Country]” />
                <asp:ListItem Text=”United States of America” />
                <asp:ListItem Text=”United Kingdom” />
                <asp:ListItem Text=”Portugal” />
                <asp:ListItem Text=”Europe” />
                <asp:ListItem Text=”Other” />
            </asp:DropDownList>
            <asp:RequiredFieldValidator ID=”RequiredFieldValidator1″ runat=”server”
                ControlToValidate=”countryDropDownBox” ErrorMessage=”Select a Country”
                InitialValue=”[Select a Country]” ValidationGroup=”CreateUserWizard1″>*</asp:RequiredFieldValidator>
        </td>
    </tr>
    <tr>
        <td align=”right”>
            Gender:</td>
        <td>
            <asp:DropDownList ID=”genderDropDownBox” runat=”server”>
                <asp:ListItem Text=”[Select Gender]” />
                <asp:ListItem Text=”Male” />
                <asp:ListItem Text=”Female” />
            </asp:DropDownList>
            <asp:RequiredFieldValidator ID=”RequiredFieldValidator2″ runat=”server”
                ControlToValidate=”genderDropDownBox” ErrorMessage=”Select Gender”
                InitialValue=”[Select Gender]” ValidationGroup=”CreateUserWizard1″>*</asp:RequiredFieldValidator>
        </td>
    </tr>
    <tr>
        <td align=”right”>
            Age:</td>
        <td>
            <asp:TextBox ID=”ageTextBox” runat=”server”></asp:TextBox>
            <asp:RequiredFieldValidator ID=”RequiredFieldValidator3″ runat=”server”
                ControlToValidate=”ageTextBox” ErrorMessage=”Enter Age”
                ValidationGroup=”CreateUserWizard1″>*</asp:RequiredFieldValidator>
            <asp:RangeValidator ID=”RangeValidator1″ runat=”server” ControlToValidate=”ageTextBox”
                ErrorMessage=”Not a valid number” MaximumValue=”120″ MinimumValue=”1″
                Type=”Integer” ValidationGroup=”CreateUserWizard1″>*</asp:RangeValidator>
        </td>
    </tr>
    <tr>
        <td align=”center” colspan=”2″>
            <asp:CompareValidator ID=”PasswordCompare” runat=”server”
                ControlToCompare=”passwordTextBox” ControlToValidate=”confirmPasswordTextBox”
                Display=”Dynamic”
                ErrorMessage=”The Password and Confirmation Password must match.”
                ValidationGroup=”CreateUserWizard1″></asp:CompareValidator>
        </td>
    </tr>
    <tr>
        <td align=”center” colspan=”2″ style=”colorred”>
            <asp:Literal ID=”ErrorMessage” runat=”server” EnableViewState=”False”></asp:Literal>
        </td>
    </tr>
    <tr>
        <td></td>
        <td>
            <asp:Button ID=”createNewUserButton” runat=”server” Text=”Create user”
                ValidationGroup=”CreateUserWizard1″ onclick=”createNewUserButton_Click” />
        </td>
    </tr>
</table>
</asp:Panel>
Login.aspx.cs file:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class UserControls_Login : System.Web.UI.UserControl
{
    protected void Page_Load(object sender, EventArgs e)
    {
    }
    protected void createNewUserButton_Click(object sender, EventArgs e)
    {
        string userName, password, email, securityQuestoin, securityAnswer, country, gender;
        userName = userNameTextBox.Text.ToString();
        password = passwordTextBox.Text.ToString();
        email = emailTextBox.Text.ToString();
        securityQuestoin = questionDropDownBox.Text.ToString();
        securityAnswer = answerDropDownBox.Text.ToString();
        country = countryDropDownBox.Text.ToString();
        gender = genderDropDownBox.Text.ToString();
        int age = Int16.Parse( ageTextBox.Text.ToString());
        UserDetailsAccess.UserAdd(userName, password, email, securityQuestoin, securityAnswer, country, gender, age);
    }
    protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
    {
        Boolean bauthenticated = false;
        bauthenticated = UserDetailsAccess.IsValidUser(Login1.UserName, Login1.Password);
        if (bauthenticated)
        {
            e.Authenticated = true;
            //save the productId into session variable to use it later on
            Session[“loggedInUserName”] = Login1.UserName;
        }
        else
        {
            e.Authenticated = false;
        }
    }
}
UserDetailsAccess.cs file:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data;
using System.Data.Common;
///
/// Summary description for CreateCustomerWizard
/// 

public class UserDetailsAccess
{
    public UserDetailsAccess()
   {
            //
            // TODO: Add constructor logic here
            //
    }
    //get all user
    public static DataTable GetAllUser()
    {
        DbCommand comm = GenericDataAccess.CreateCommand();//create command
        comm.CommandText = “GetUsers”//set stored procedure
        return GenericDataAccess.ExecuteSelectCommand(comm);
    }
    // Remove a shopping cart item
    public static bool DeleteUser(int userID)
    {
        // get a configured DbCommand object
        DbCommand comm = GenericDataAccess.CreateCommand();
        // set the stored procedure name
        comm.CommandText = “UserDelete”;
        // create a new parameter
        DbParameter param = comm.CreateParameter();
        param.ParameterName = “@UserID”;
        param.Value = userID;
        param.DbType = DbType.Int32;
        comm.Parameters.Add(param);
        // returns true in case of success or false in case of an error
        try
        {
            // execute the stored procedure and return true if it executes
            // successfully, or false otherwise
            return (GenericDataAccess.ExecuteNonQuery(comm) != -1);
        }
        catch
        {
            // prevent the exception from propagating, but return false to
            // signal the error
            return false;
        }
    }
    // Add a new customer
    public static bool UserAdd(string userName, string password, string email, string securityQuestion, string securityAnswer, string country, string Gender, int Age)
    {
        // get a configured DbCommand object
        DbCommand comm = GenericDataAccess.CreateCommand();
        // set the stored procedure name
        comm.CommandText = “UserAdd”;
        // create a new parameter
        DbParameter param = comm.CreateParameter();
        param.ParameterName = “@UserName”;
        param.Value = userName;
        param.DbType = DbType.String;
        param.Size = 36;
        comm.Parameters.Add(param);
        // create a new parameter
        param = comm.CreateParameter();
        param.ParameterName = “@Password”;
        param.Value = password;
        param.DbType = DbType.String;
        comm.Parameters.Add(param);
        // create a new parameter
        param = comm.CreateParameter();
        param.ParameterName = “@Email”;
        param.Value = email;
        param.DbType = DbType.String;
        comm.Parameters.Add(param);
        // create a new parameter
        param = comm.CreateParameter();
        param.ParameterName = “@SecurityQuestion”;
        param.Value = securityQuestion;
        param.DbType = DbType.String;
        comm.Parameters.Add(param);
        // create a new parameter
        param = comm.CreateParameter();
        param.ParameterName = “@SecurityAnswer”;
        param.Value = securityAnswer;
        param.DbType = DbType.String;
        comm.Parameters.Add(param);
        // create a new parameter
        param = comm.CreateParameter();
        param.ParameterName = “@Country”;
        param.Value = country;
        param.DbType = DbType.String;
        comm.Parameters.Add(param);
        // create a new parameter
        param = comm.CreateParameter();
        param.ParameterName = “@Gender”;
        param.Value = Gender;
        param.DbType = DbType.String;
        comm.Parameters.Add(param);
        // create a new parameter
        param = comm.CreateParameter();
        param.ParameterName = “@Age”;
        param.Value = Age;
        param.DbType = DbType.Int32;
        comm.Parameters.Add(param);
    
        // returns true in case of success or false in case of an error
        try
        {
            // execute the stored procedure and return true if it executes
            // successfully, or false otherwise
            return (GenericDataAccess.ExecuteNonQuery(comm) != -1);
        }
        catch
        {
            // prevent the exception from propagating, but return false to
            // signal the error
            return false;
        }
    }
    // verify users against existing database
    public static bool IsValidUser(string userName, string password)
    {
        // get a configured DbCommand object
        DbCommand comm = GenericDataAccess.CreateCommand();
        // set the stored procedure name
        comm.CommandText = “UserIsExist”;
        // create a new parameter
        DbParameter param = comm.CreateParameter();
        param.ParameterName = “@UserName”;
        param.Value = userName;
        param.DbType = DbType.String;
        param.Size = 36;
        comm.Parameters.Add(param);
        // create a new parameter
        param = comm.CreateParameter();
        param.ParameterName = “@Password”;
        param.Value = password;
        param.DbType = DbType.String;
        comm.Parameters.Add(param);
        // return the result table
        DataTable table = GenericDataAccess.ExecuteSelectCommand(comm);
        if (table.Rows.Count > 0)
        {
            return true;
        }
        else
        {
            return false;
        }
    }
}
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s