0

I have these classes, which i want to use it to login, to check if the email and password is the same, then it will redirect to the respective page. 

public class Account
  {
    public Account(){}
    public int accID { get; set; }
    public string emailAddress { get; set; }
    public string password { get; set; }
    public string name { get; set; }
    public string company { get; set; }
    public string position { get; set; }
    public string department { get; set; }
    public string mobileNo { get; set; }
    public string officeNo { get; set; }
   }
 public static SADataReader DoSelectQuery(String sql)
    {
        SAConnection myConnection = new SAConnection(DB_STR);
        //open the connection 
        myConnection.Open();
        //Create a command object. 
        SACommand myCommand = myConnection.CreateCommand();

        //Specify a query. 
        myCommand.CommandText = sql;

        //Create a DataReader for the command 
        SADataReader reader = myCommand.ExecuteReader();

        return reader;
    }
 public static List<Account> getAllAccountFromReader(SADataReader reader){
        List<Account> results = new List<Account>();

        while (reader.Read())
        {
            int accID = reader.GetInt32(0);
            string emailAddress = reader.GetString(1);
            string password = reader.GetString(2);
            string name = reader.GetString(3);
            string company = reader.GetString(4);
            string position = reader.GetString(5);
            string department = reader.GetString(6);
            string mobileNo = reader.GetString(7);
            string officeNo = reader.GetString(8);


            Account Accounts = new Account();
            Accounts.accID = accID;
            Accounts.emailAddress = emailAddress;
            Accounts.password = password;
            Accounts.name = name;
            Accounts.company = company;
            Accounts.position = position;
            Accounts.department = department;
            Accounts.mobileNo = mobileNo;
            Accounts.officeNo = officeNo;
            results.Add(Accounts);
        }
        return results;
    }
 public static List<Account> getAllAccounts()
    {
        //Specify a query. 
        string sql = "SELECT accountID,emailAddress,password,name,company,position,department,mobileNo,officeNo FROM account";

        SADataReader reader = DoSelectQuery(sql);
        List<Account> results = getAllAccountFromReader(reader);
        return results;
  }

.CS file to check for fields

protected void btnSubmit_Click(object sender, EventArgs e)
    {
        string email = tbEmail.Text;
        string password = tbPW.Text;
        List<Account> getAccounts = MinuteDB.getAllAccounts();

       // Session["getAllAccount"] = getAccounts;

      if(email ==?? && password == ??)
            {

                       //Session["name"] = name.ToString();
                       //Session["ID"] = Convert.ToInt32(accID.ToString());
                      Response.Redirect("HomePage.aspx");
            }

            else if (email == "" && password == "")
            {
                ScriptManager.RegisterStartupScript(this, GetType(), "error", "alert('Please enter Login and Password!');", true);
            }
            else
            {
                ScriptManager.RegisterStartupScript(this, GetType(), "error", "alert('Wrong Login Or Password!');", true);
            }

    }

How do i retrieve the email and password from the List getAccounts so that i can check for if (email == email from the list account && password == password from list account) ??

KV Prajapati
  • 93,659
  • 19
  • 148
  • 186
melvg
  • 57
  • 1
  • 2
  • 12
  • 5
    Please don't store passwords. – Damien_The_Unbeliever Jul 04 '12 at 06:38
  • Yep, but its a small project anyway.. i just want to get the field and compare it with the textboxes. – melvg Jul 04 '12 at 06:40
  • 3
    Even for a small project, don't do it. At least hash them, and while you're hashing them, add a salt to it. And if you don't know which hashing algorithm you need to use, [read this](http://stackoverflow.com/questions/10948994/secure-hashing-in-net). – Steven Jul 04 '12 at 06:46

2 Answers2

0

Are you wanting to find the email in the list of accounts and check the password entered matches? If so, superficially you just loop through each along the lines of:

private bool isPasswordValid(string email, string password)
{
  foreach (Account account in Accounts)
  {
    if (account.emailAddress != email)
      continue;
    return (account.password == password);
  }
  return false;
}

You could alternatively return a Dictionary<string, Account> to simplify and speed up the search.

Update

So instead of the following line:

  if(email ==?? && password == ??)

Insert

 if (isPasswordValid(email, password))
   // it is valid
 else
   // it is not valid, redirect

This assumes the getAccounts variable is accessible to isPasswordValid. In your current code it would not be visible, so you might want to pass it in as a parameter.

Michael
  • 8,891
  • 3
  • 29
  • 42
  • I don't really know how to explain it but er.. i just want to retrieve all the properties, eg : accID,email,password,etc from the List which have been made, and from that List, get the email and password values, and compare it to the textbox. If the textbox value is the same as the one gotten, then it will redirect. – melvg Jul 04 '12 at 06:58
0

Try LINQ/extension methods. 

var account = MinuteDB.getAllAccounts()
               .Where(p=> p.emailAddress==email && p.password==password)
               .FirstOrDefault();


if(account!=null)
{
  Session["id"]=account.accID;
  Session["name"]=account.name;
  Response.Redirect("~/other_page.aspx");
}

Write following code in other_page.aspx to read session key-value.

int id=0;
string name="";
if(Session["id"]!=null)
   id=int.Parse(Session["id"].ToString());
if(Session["name"]!=null)
   name=Session["name"];

PS: Do not store password in the List<T>. You may assign Account object reference to the Session.

e.g

 if(account!=null)
    {
      Session["account"]=account;
      Response.Redirect("~/other_page.aspx");
    }

and to retrieve the account value from session:

Account account=Session["account"] as Account;
if(account!=null)
 {
   //read the property value of Account
 }
KV Prajapati
  • 93,659
  • 19
  • 148
  • 186
  • Hey AVD, now I want to make retrieve the ID and name, so that i can display the name on another page, and that i can use the ID to retrieve the specific things that i want from the Database, how should i do it?? I know there is a way to do it using session, but I don't know how to store the whole session from the login and redirect to another page, and display the name and keep the ID on the other page. – melvg Jul 04 '12 at 07:37