public bool isAuthenticated(string userID, string password)
{
if (conn.State.ToString() == "Closed")
{
conn.Open();
}
SqlCommand newCmd = conn.CreateCommand();
newCmd.Connection = conn;
newCmd.CommandType = CommandType.Text;
newCmd.CommandText = "SELECT [UserID] ,[Department] ,[UserName] ,[Password] ,[Active] FROM [Traveller].[dbo].[User_Details] where [UserID]= '" + userID + "' and [Password]= '" + Security.Encrypt(password) + "'";
SqlDataReader dr = newCmd.ExecuteReader();
if (dr.HasRows)
{
while (dr.Read())
{
UserInfo ui = new UserInfo(dr["UserID"].ToString(), dr["UserName"].ToString());
}
newCmd.Dispose();
conn.Close();
return true;
}
else
{
newCmd.Dispose();
conn.Close();
return false;
}
}
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
class UserInfo
{
private static string _userId;
private static string _fullName;
public UserInfo(string userId ,string fullName)
{
_userId = userId;
_fullName = fullName;
}
public UserInfo()
{
}
public string UserId
{
get
{
return _userId;
}
}
public string FullName()
{
return _fullName;
}
public string userID()
{
return _userId;
}
}