Dim cn As New SqlClient.SqlConnection()
cn.ConnectionString = "Integrated Security=True;" & _
"Data Source=202.101.8.227;Initial Catalog=Problem Tracking;" & _
"user id=;password=;"
cn.Open()
Dim commSQL As New SqlClient.SqlCommand
commSQL.CommandTimeout = 500
commSQL.Connection = cn
Dim datRead As SqlClient.SqlDataReader
commSQL.CommandText = "Select * From Employee_View Where LoginName = '" & _
txtUserName.Text & "'"
datRead = commSQL.ExecuteReader
Dim letter As Char
Dim strCode, st, strPassword, strEncryptedPass As String
Dim i, charsInFile, Code As Short
strCode = 19
Code = CShort(strCode)
strEncryptedPass = ""
strPassword = LCase(Trim(txtPassword.Text))
charsInFile = strPassword.Length
st = ""
For i = 0 To charsInFile - 1
letter = strPassword.Substring(i, 1)
st = (Asc(letter) Xor Code)
strEncryptedPass += Double.Parse(st).ToString("000")
Next
If datRead.Read() Then
Dim strSysPass As String = datRead.Item("EncryptPass")
Dim strLoginName, strPrivilege, strStores As String
If LCase(strSysPass.Trim()) = LCase(strEncryptedPass.Trim()) Then
strLoginName = datRead.Item("LoginName")
strPrivilege = datRead.Item("Priveledge")
If strPrivilege = "Manager" Then
datRead.Close()
commSQL.CommandText = "Select * From EmpStores_View " & _
"Where LoginName = '" & strLoginName.Trim() & "'"
datRead = commSQL.ExecuteReader
If datRead.Read() Then
strStores = datRead.Item("Stores")
Response.Cookies("Store").Value = strStores.Trim()
Response.Cookies("Store").Expires = Now.AddDays(1)
End If
End If
Response.Cookies("LoginName").Value = strLoginName.Trim()
Response.Cookies("LoginName").Expires = Now.AddDays(1)
Response.Cookies("Privilege").Value = strPrivilege.Trim()
Response.Cookies("Privilege").Expires = Now.AddDays(1)
Response.Cookies("EmpID").Value = datRead.Item("EmpID")
Response.Cookies("EmpID").Expires = Now.AddDays(1)
Response.Cookies("EmpName").Value = Trim(datRead.Item("Employee"))
Response.Cookies("EmpName").Expires = Now.AddDays(1)
Response.Redirect("Menu.aspx")
Else
Response.Cookies("LoginName").Value = Nothing
Response.Cookies("Privilege").Value = Nothing
Response.Cookies("Store").Value = Nothing
Response.Cookies("EmpID").Value = Nothing
Response.Cookies("EmpName").Value = Nothing
Response.Redirect("LoginErr.aspx")
End If
End If
datRead.Close()
commSQL.Dispose()
cn.Close()
cn.Dispose()