Hi micah,
I have modified the code and query. Refer the below code.
SQL
ALTER PROCEDURE [dbo].[Validate_User]
@Email NVARCHAR(100),
@Password NVARCHAR(MAX)
AS
BEGIN
SET NOCOUNT ON;
DECLARE @UserId INT
SELECT @UserId = UserId FROM User3 WHERE Email = @Email AND [Password] = @Password
IF @UserId IS NOT NULL
BEGIN
IF NOT EXISTS(SELECT UserId FROM UserActivation WHERE UserId = @UserId)
BEGIN
SELECT UserName,Location FROM User3 WHERE UserId = @UserId
END
ELSE
BEGIN
SELECT -2 -- User not activated.
END
END
ELSE
BEGIN
SELECT -1 -- User invalid.
END
END
HTML
<asp:Login ID="LoginINNOVATION" runat="server" OnAuthenticate="ValidateUser">
</asp:Login>
C#
protected void ValidateUser(object sender, EventArgs e)
{
string location = "", userName = "";
string constr = ConfigurationManager.ConnectionStrings["DB"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Validate_User"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Email", LoginINNOVATION.UserName);
cmd.Parameters.AddWithValue("@Password", Encrypt(LoginINNOVATION.Password));
cmd.Connection = con;
con.Open();
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
con.Close();
if (dt.Rows.Count > 0)
{
userName = dt.Rows[0]["UserName"].ToString();
location = dt.Rows[0]["Location"].ToString();
if (!string.IsNullOrEmpty(location) && location != "-1" && location != "-2")
{
Session["userName"] = userName;
switch (location)
{
case "Texas":
Response.Redirect("~/Texas/" + location + "Page.aspx");
break;
case "Washinton":
Response.Redirect("~/Washinton/" + location + "Page.aspx");
break;
case "Maryland":
Response.Redirect("~/Maryland/" + location + "Page.aspx");
break;
}
}
else
{
switch (location)
{
case "-1":
LoginINNOVATION.FailureText = "Username or password not correct.";
break;
case "-2":
LoginINNOVATION.FailureText = "Account has not been activated.";
break;
}
}
}
}
}
}
private string Encrypt(string clearText)
{
string EncryptionKey = "MAKV2SPBNI99212";
byte[] clearBytes = System.Text.Encoding.Unicode.GetBytes(clearText);
using (System.Security.Cryptography.Aes encryptor = System.Security.Cryptography.Aes.Create())
{
System.Security.Cryptography.Rfc2898DeriveBytes pdb =
new System.Security.Cryptography.Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (System.IO.MemoryStream ms = new System.IO.MemoryStream())
{
using (System.Security.Cryptography.CryptoStream cs =
new System.Security.Cryptography.CryptoStream(ms, encryptor.CreateEncryptor(), System.Security.Cryptography.CryptoStreamMode.Write))
{
cs.Write(clearBytes, 0, clearBytes.Length);
cs.Close();
}
clearText = Convert.ToBase64String(ms.ToArray());
}
}
return clearText;
}