LOGIN .ASPX
Default page consists of a login screen. This page
authenticates a customers username and password against a database. Click on
login button to authenticate yourself ,but is not really required unless you
are buying some items and checking out. You can act as causal visitor and
browse for the items.
User controls have been provided at the top (header.ascx)
and and the left (usermenu.ascx)
. Validation has also been provided .It prompt the user to enter the
proper emai lid lest he enters a wrong id. If the user is not registered then
the application prompts him to register first.
If the users are not logged in a temporary id for
shopping cart is created. When a user
has been authenticated a cookie is created that maintains authentication
information for the current user and the current session. Form based
authentication is provided by making a <security>entry in web.config file.
<system.web>
<authentication mode="Forms">
<forms name="authorize" loginUrl="login.aspx" protection="All" path="/"/>
</authentication>
</system.web>
loginUrl attribute specifies which page the application should redirect to
any time a user attempts to access an application resource that does not allow
anonymous access.
For eg if u take a closer look at web config….we
have
<location path="addtocart.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
it is given as
deny users “?” which means any user
attempting to access this page by any means will be redirected to login page.
# region Clientsidevalidation
private
bool valid()
{
bool
blnStatus= true;
string
strErr ="";
if(email.Text.CompareTo("")==0)
{
strErr = " Please enter
the email Id.\\n";
blnStatus = false;
}
if(password.Text.CompareTo("")==0)
{
strErr +="Please enter the
password.\\n";
blnStatus = false;
}
if(email.Text.CompareTo("")==1)
{
string
em = email.Text;
RegisterClientScriptBlock("email","<script>checkemailid(em);</script>");
}
if(strErr.CompareTo("")==1)
{
strErr = " The following
errors occured:\\n" + strErr;
RegisterStartupScript("Popup","<script>ShowMessage('"+
strErr + "');</script>");
}
return
blnStatus;
}
#endregion
private
void LoginBtn_Click(object
sender, System.EventArgs e)
{
if(valid())// validating test user input.
{
//
Instantiate an object of shoppingfunct class and use the method of
getshoppingcart
//which
gives the user a temporary id.
prjstart.Components.Shoppingfunct
id = new prjstart.Components.Shoppingfunct();
string
tempuserid = id.getshoppingcart();
//Instantiate
a object of Employee class and use the method of login which is defined in that
class.
//which
validates the user according to existing database.
prjstart.Employeedb validuser =
new Employeedb();//
Here the users credentials are validated
int userid=
validuser.login(email.Text,prjstart.Components.encryptpass.protectpassword(password.Text));
//
Basically two parameters are passed the email text,password.The password is
encrypted using MD5 HASH Algorithm.
if(userid!=0)
{
id.MigrateCart(tempuserid,userid);//migrates the cart from old to new id.
//Calls
the method getemployee details to get the details of the customer used later.
prjstart.Employee employeedet
= validuser.getemployeedetail(userid);//id the userid
exists the it gets the users details for personization purposes useful later.
Session["fullname"]=employeedet.FullName; //Users details
are stored in Cookies.
Response.Cookies["fullname"].Value
= employeedet.FullName;
Session["result"]="";
if(chkRemember.Checked
== true)
{
// This keeps the cookie stored in the cookie folder so as
to remember ur details stored in a text
file
Response.Cookies["fullname"].Expires
= DateTime.Now.AddMonths(1);
}
FormsAuthentication.RedirectFromLoginPage(userid.ToString(),chkRemember.Checked);
//
Form Authentication is a special class present in
system.Web.security.Redirectfromloginpage is a static method which takes two
paramaters.
//It
redrects the authenticated user back to originally requested url.The first
parameter represents the userid for cookie authentication purposes and the next
parameter specifies whether or not
//a
durable cookie should be issued.if in any case the user tries to go to
unauthorized page a return key is issued ...if the return key is not issued
this method redirect to default page.
}
else
{
RegisterStartupScript("Usererror","<script>ShowMessage(\"You
Don't seem to be registered.Please register
yourself\");</script>");
//This
method does client side validation.
}
}
}
private
void cmdRegister_Click(object
sender, System.EventArgs e)
{
Response.Redirect("register.aspx");// Whenthe user clicks on register he is redirected to
register page
}
}
}