HomeController.cs (Controller)
[HttpGet]
public ActionResult Admin()
{
//ViewBag.Message = "Welcome to Login Page";
//var v = ViewData.Model = _db.Employee.ToList();
// return View(v);
return View();
}
[HttpPost]
public ActionResult Admin(CabAutomationSystem.Models.LoginModel model)
{
if (ModelState.IsValid)
{
if (model.IsValid(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
return RedirectToAction("Home", "Admin");
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
return View(model);
}
LoginModel.cs (Model)
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.ComponentModel.DataAnnotations;
using System.Web.Mvc;
using System.Data.SqlClient;
using System.Data;
using System.Configuration;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Net;
using System.Net.Mail;
namespace CabAutomationSystem.Models
{
public class LoginModel
{
[Required]
[Display(Name = "User name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Remember me?")]
public bool RememberMe { get; set; }
public bool IsValid(string _username, string _pwd)
{
string _sql = "Select uname From Login Where uname='" + _username + "' And pwd='" + _pwd + "'";
SqlConnection cn = new SqlConnection(ConfigurationManager.ConnectionStrings["SLMFConnection"].ToString());
cn.Open();
SqlCommand cmd = new SqlCommand(_sql, cn);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
return true;
else
return false;
}
}
}
Admin.cshtml (View)
@model CabAutomationSystem.Models.LoginModel
@{
Layout = null;
}
<!DOCTYPE html>
<html>
<head>
<title></title>
<link href="@Url.Content("~/Content/admin_style.css")" rel="stylesheet" type="text/css" />
<link href="@Url.Content("~/Content/Mystyle.css")" rel="stylesheet" type="text/css" />
<script src="@Url.Content("~/Scripts/jquery-1.4.4.min.js")" type="text/javascript"></script>
</head>
<body>
<div>
<div>
<div id="OuterContainer">
<div id="LogoContainer"></div>
</div>
<div id="HeaderContainer">
</div>
<div id="BannerContainer">
<div id="BannerArea">
</div>
</div>
<div id="MenuContainer">
<div id="MenuArea">
<div id="Menu" >
</div>
</div>
</div>
<div id="ConetntAreaContainer" class="clear">
<div id="CategoryContainer" style="height:100px">
<div style="clear:both">
<a href="@Url.Action("Default", "Shared")" title="Branch">
<img src="../../Content/images/back.jpg" />
</a>
</div>
</div>
<div id="ContentContainer" style="width:98%">
<div id="Welcomecontent">
<p>
<br />
<table align="center" border="0" cellpadding="0" cellspacing="0" width="300">
<tr>
<td valign="top" width="16">
<img alt="" height="14" src="../../Content/images/whitebox_01.jpg" width="16" /></td>
<td background="../../Content/images/whitebox-topbg.jpg" valign="top">
<img height="14" src="../../Content/images/whitebox-topbg.jpg" width="1" /></td>
<td valign="top" width="19">
<img alt="" height="14" src="../../Content/images/whitebox_03.jpg" width="19" /></td>
</tr>
<tr>
<td background="../../Content/images/whitebox-left-bg.jpg" height="56" valign="top">
</td>
<td valign="top">
@Html.ValidationSummary(true, "Login was unsuccessful. Please correct the errors and try again.")
@using (Html.BeginForm())
{
<table align="center" bgcolor="#0066CC" cellpadding="2" cellspacing="2"
width="300">
<tr>
<td colspan="2" height="35" style="font-size: 14px; color: #006600;
text-align: left">
<strong class="adminhead">Administrator Login</strong></td>
</tr>
<tr>
<td align="right" class="style1" >
<strong> @Html.LabelFor(m => m.UserName)</strong></td>
<td class="admin_txt" style="text-align: left">
@Html.TextBoxFor(m => m.UserName)
@Html.ValidationMessageFor(m => m.UserName)
</td>
</tr>
<tr>
<td align="right" class="style1" >
<strong>@Html.LabelFor(m => m.Password)</strong></td>
<td class="admin_txt" style="text-align: left">
@Html.PasswordFor(m => m.Password)
@Html.ValidationMessageFor(m => m.Password)
</td>
</tr>
<tr>
<td class="admin_txt" style="width: 100px; text-align: left"> </td>
<td class="admin_txt">
@Html.CheckBoxFor(m => m.RememberMe)
@Html.LabelFor(m => m.RememberMe)
</td>
</tr>
<tr>
<td> </td>
<td class="style2" style="text-align: center">
<input type="submit" value="Login" />
</td>
</tr>
</table>
}
</td>
<td background="../../Content/images/whitebox-right-bg.jpg" valign="top">
<img height="1" src="../../Content/images/whitebox-right-bg.jpg" width="19" /></td>
</tr>
<tr>
<td valign="top">
<img alt="" height="18" src="../../Content/images/whitebox_07.jpg" width="16" /></td>
<td background="../../Content/images/whitebox-bottom-bg.jpg" valign="top">
<img height="18" src="../../Content/images/whitebox-bottom-bg.jpg" width="1" /></td>
<td valign="top">
<img alt="" height="18" src="../../Content/images/whitebox_09.jpg" width="19" /></td>
</tr>
</table>
<br />
</p>
</div>
</div>
<div style="clear:both"></div>
</div>
<div id="FooterConatiner" style="height:25px"></div>
</div>
</div>
</body>
</html>
[HttpGet]
public ActionResult Admin()
{
//ViewBag.Message = "Welcome to Login Page";
//var v = ViewData.Model = _db.Employee.ToList();
// return View(v);
return View();
}
[HttpPost]
public ActionResult Admin(CabAutomationSystem.Models.LoginModel model)
{
if (ModelState.IsValid)
{
if (model.IsValid(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
return RedirectToAction("Home", "Admin");
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
return View(model);
}
LoginModel.cs (Model)
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.ComponentModel.DataAnnotations;
using System.Web.Mvc;
using System.Data.SqlClient;
using System.Data;
using System.Configuration;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Net;
using System.Net.Mail;
namespace CabAutomationSystem.Models
{
public class LoginModel
{
[Required]
[Display(Name = "User name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Remember me?")]
public bool RememberMe { get; set; }
public bool IsValid(string _username, string _pwd)
{
string _sql = "Select uname From Login Where uname='" + _username + "' And pwd='" + _pwd + "'";
SqlConnection cn = new SqlConnection(ConfigurationManager.ConnectionStrings["SLMFConnection"].ToString());
cn.Open();
SqlCommand cmd = new SqlCommand(_sql, cn);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
return true;
else
return false;
}
}
}
Admin.cshtml (View)
@model CabAutomationSystem.Models.LoginModel
@{
Layout = null;
}
<!DOCTYPE html>
<html>
<head>
<title></title>
<link href="@Url.Content("~/Content/admin_style.css")" rel="stylesheet" type="text/css" />
<link href="@Url.Content("~/Content/Mystyle.css")" rel="stylesheet" type="text/css" />
<script src="@Url.Content("~/Scripts/jquery-1.4.4.min.js")" type="text/javascript"></script>
</head>
<body>
<div>
<div>
<div id="OuterContainer">
<div id="LogoContainer"></div>
</div>
<div id="HeaderContainer">
</div>
<div id="BannerContainer">
<div id="BannerArea">
</div>
</div>
<div id="MenuContainer">
<div id="MenuArea">
<div id="Menu" >
</div>
</div>
</div>
<div id="ConetntAreaContainer" class="clear">
<div id="CategoryContainer" style="height:100px">
<div style="clear:both">
<a href="@Url.Action("Default", "Shared")" title="Branch">
<img src="../../Content/images/back.jpg" />
</a>
</div>
</div>
<div id="ContentContainer" style="width:98%">
<div id="Welcomecontent">
<p>
<br />
<table align="center" border="0" cellpadding="0" cellspacing="0" width="300">
<tr>
<td valign="top" width="16">
<img alt="" height="14" src="../../Content/images/whitebox_01.jpg" width="16" /></td>
<td background="../../Content/images/whitebox-topbg.jpg" valign="top">
<img height="14" src="../../Content/images/whitebox-topbg.jpg" width="1" /></td>
<td valign="top" width="19">
<img alt="" height="14" src="../../Content/images/whitebox_03.jpg" width="19" /></td>
</tr>
<tr>
<td background="../../Content/images/whitebox-left-bg.jpg" height="56" valign="top">
</td>
<td valign="top">
@Html.ValidationSummary(true, "Login was unsuccessful. Please correct the errors and try again.")
@using (Html.BeginForm())
{
<table align="center" bgcolor="#0066CC" cellpadding="2" cellspacing="2"
width="300">
<tr>
<td colspan="2" height="35" style="font-size: 14px; color: #006600;
text-align: left">
<strong class="adminhead">Administrator Login</strong></td>
</tr>
<tr>
<td align="right" class="style1" >
<strong> @Html.LabelFor(m => m.UserName)</strong></td>
<td class="admin_txt" style="text-align: left">
@Html.TextBoxFor(m => m.UserName)
@Html.ValidationMessageFor(m => m.UserName)
</td>
</tr>
<tr>
<td align="right" class="style1" >
<strong>@Html.LabelFor(m => m.Password)</strong></td>
<td class="admin_txt" style="text-align: left">
@Html.PasswordFor(m => m.Password)
@Html.ValidationMessageFor(m => m.Password)
</td>
</tr>
<tr>
<td class="admin_txt" style="width: 100px; text-align: left"> </td>
<td class="admin_txt">
@Html.CheckBoxFor(m => m.RememberMe)
@Html.LabelFor(m => m.RememberMe)
</td>
</tr>
<tr>
<td> </td>
<td class="style2" style="text-align: center">
<input type="submit" value="Login" />
</td>
</tr>
</table>
}
</td>
<td background="../../Content/images/whitebox-right-bg.jpg" valign="top">
<img height="1" src="../../Content/images/whitebox-right-bg.jpg" width="19" /></td>
</tr>
<tr>
<td valign="top">
<img alt="" height="18" src="../../Content/images/whitebox_07.jpg" width="16" /></td>
<td background="../../Content/images/whitebox-bottom-bg.jpg" valign="top">
<img height="18" src="../../Content/images/whitebox-bottom-bg.jpg" width="1" /></td>
<td valign="top">
<img alt="" height="18" src="../../Content/images/whitebox_09.jpg" width="19" /></td>
</tr>
</table>
<br />
</p>
</div>
</div>
<div style="clear:both"></div>
</div>
<div id="FooterConatiner" style="height:25px"></div>
</div>
</div>
</body>
</html>
1 comment:
LoginModel.IsValid has potiential for SQL Injection. Use SQL Parameters.
Post a Comment