using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data.OleDb;

namespace Reservation
{
	/// <summary>
	/// Login form.
	/// Methods created or modified:<ul>
	/// <li>Page_Load</li>
	/// <li>OnLogin</li></ul>
	/// <p>Copyright (c) 2002 Alexis Grandemange<br/>
	/// Mail: alexis.grandemange@pagebox.net</p>
	/// <pre>This program is free software; you can redistribute it and/or
	/// modify it under the terms of the GNU Lesser General Public
	/// License as published by the Free Software Foundation; version
	/// 2.1 of the License.
	/// This library is distributed in the hope that it will be useful,
	/// but WITHOUT ANY WARRANTY; without even the implied warranty of
	/// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	/// GNU Lesser General Public License for more details.
	/// A copy of the GNU Lesser General Public License lesser.txt should be
	/// included in the distribution.</pre>
	/// </summary>
	public class Login : System.Web.UI.Page
	{
		protected System.Web.UI.WebControls.TextBox tbId;
		protected System.Web.UI.WebControls.Button btnLogin;
		protected System.Web.UI.WebControls.Label lblStatus;
		protected System.Web.UI.WebControls.TextBox tbNewPassword;
		protected System.Web.UI.WebControls.TextBox tbNewPasswordV;
		protected System.Web.UI.WebControls.TextBox tbPassword;
	
		public Login()
		{
			Page.Init += new System.EventHandler(Page_Init);
		}

		/// <summary>
		/// Populates the form from the current Session.
		/// </summary>
		private void Page_Load(object sender, System.EventArgs e)
		{
			if (!IsPostBack) 
			{
				string id = (string)Context.Session["userid"];
				if (id != null) 
					tbId.Text = id;
				string msg = (string)Context.Session["status"];
				if (msg != null) 
				{
					lblStatus.Text = msg;
					Context.Session.Remove("status");
				}
			}
		}

		private void Page_Init(object sender, EventArgs e)
		{
			//
			// CODEGEN: This call is required by the ASP.NET Web Form Designer.
			//
			InitializeComponent();
		}

		#region Web Form Designer generated code
		/// <summary>
		/// Required method for Designer support - do not modify
		/// the contents of this method with the code editor.
		/// </summary>
		private void InitializeComponent()
		{    
			this.btnLogin.Click += new System.EventHandler(this.OnLogin);
			this.Load += new System.EventHandler(this.Page_Load);

		}
		#endregion

		/// <summary>
		/// Event fired when the user clicks on the Login button.
		/// Checks credentials (configuration and users accounts) and redirect to the originating form.
		/// </summary>
		private void OnLogin(object sender, System.EventArgs e)
		{
			if (!Global.isInitialized) 
			{
				lblStatus.Text = "Reservation not yet initialized";
				return;
			}
			bool succeeded = false;
			bool preserveMsg = false;
			short type = -1;
			if (Global.user.Equals(tbId.Text)) 
			{
				if (Global.password.Equals(tbPassword.Text))
					succeeded = true;
				else
					succeeded = false;
				type = 2;
				if (tbNewPassword.Text.Length > 0) 
				{
					lblStatus.Text = "You cannot change the password of this account";
					preserveMsg = true;
				}
			} 
			else 
			{
				OleDbConnection odc = new OleDbConnection(Global.connectionString);
				odc.Open();
				OleDbCommand odcmd = new OleDbCommand("select type, password from users where id='" +
					tbId.Text.PadRight(10, ' ') + "' and deltime=0", odc);
				OleDbDataReader odr = odcmd.ExecuteReader();
				if (odr.Read())
				{

					string password = ((string)odr["password"]).TrimEnd(new char[] { ' ' });
					if (password.Equals(tbPassword.Text)) 
					{
						succeeded = true;
						type = (short)odr["type"];
						odr.Close();
						if (tbNewPassword.Text.Length > 0) 
						{
							if (!tbNewPassword.Text.Equals(tbNewPasswordV.Text)) 
							{
								lblStatus.Text = "Re-enter the new password";
								succeeded = false;
								preserveMsg = true;
							}
							else 
							{
								odcmd.CommandText = "update users set password='" + tbNewPassword.Text +
									"' where id='" + tbId.Text.PadRight(10, ' ') + "'";
								odcmd.ExecuteNonQuery();
								tbPassword.Text = tbNewPassword.Text;
								tbNewPassword.Text = "";
								tbNewPasswordV.Text = "";
							}
						}
					}
				} else
					odr.Close();
				odc.Close();
			}
			if (succeeded) 
			{
				string fromPage = (string)Context.Session["from"];
				Context.Session.Clear();
				Context.Session.Add("userid", tbId.Text);
				Context.Session.Add("password", tbPassword.Text);
				Context.Session.Add("type", type);
				if (fromPage != null)
					Context.Response.Redirect(fromPage);
				else
					if (!preserveMsg)
						lblStatus.Text = "You are logged in";
			} 
			else 
				if (!preserveMsg)
					lblStatus.Text = "Invalid user or password";
		}
	}
}