using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using ButterfieldGardens.Web;
using MySql.Data.MySqlClient;


public partial class admin_index : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["USERID"] != null)
        {
            Response.Redirect("/admin/dashboard.aspx");
        }

        Navigation objNav = new Navigation();
        header.InnerHtml = objNav.GetHeader();
        nav.InnerHtml = objNav.GetMainNavSideMenu();
        slideshow.InnerHtml = objNav.GetRandomSlideShowImage();
        subnav.InnerHtml = objNav.GetSubNavUnderMainImage();
        secondary.InnerHtml = objNav.GetPageSubNavMenu("about");
        footer.InnerHtml = objNav.GetFooter(true, false);

        Page.MaintainScrollPositionOnPostBack = true;
        txtEmail.Focus();
    }

    protected void AuthenticateUser(object sender, EventArgs e) 
    {
        if (ValidateUserCredentials())
        {
            Response.Redirect("/admin/dashboard.aspx");
        }
        else
        {
            Literal lit = new Literal();
            lit.Text = "Your username and password are invalid.  Please try again.";
            lblError.Controls.Add(lit);
            lblError.CssClass = "error";
            lblError.Visible = true;

        }
    }

    public Boolean ValidateUserCredentials() 
    {
        Boolean isValid = true;

        if (txtEmail.Text.Equals("")) 
        {
            isValid = false;
        }

        if (txtPassword.Text.Equals("")) 
        {
            isValid = false;
        }

        if (isValid.Equals(true)) 
        {
            MySqlConnection objConn = new MySqlConnection();
            MySqlCommand objCmd = new MySqlCommand();
            MySqlDataAdapter objDA = new MySqlDataAdapter();
            DataSet objDS = new DataSet();
            String strSql = "";
            int hasRows = 0;

            strSql += "SELECT USERID FROM TBL_USER ";
            strSql += "WHERE PASSWORD = MD5('" + txtPassword.Text.Trim() + "') AND ";
            strSql += "EMAIL_ADDRESS = '" + txtEmail.Text.Trim() + "' AND ISACTIVE = 1;";

            objConn.ConnectionString = ConfigurationManager.ConnectionStrings["ConnStr"].ConnectionString;
            objConn.Open();

            objCmd.Connection = objConn;
            objCmd.CommandText = strSql;
            objDA.SelectCommand = objCmd;
            objDA.Fill(objDS);

            hasRows = objDS.Tables[0].Rows.Count;

            objConn.Close();
            objConn.Dispose();
            objCmd.Dispose();
            objDA.Dispose();
            objDS.Dispose();

            if (hasRows.Equals(1))
            {
                this.Context.Session.Add("USERID", objDS.Tables[0].Rows[0][0].ToString());
                Response.Redirect("/admin/dashboard.aspx");
            }
            else
            {
                isValid = false;
            }
        }       

        return isValid;
    }
}