using System;
using System.Data;
using System.Data.Sql;
using System.Data.SqlClient;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.SessionState;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class MasterPageLogIn : System.Web.UI.MasterPage
{
    public string connectionString = "Data Source=THIS-9110C42D72\\SQLEXPRESS;Initial Catalog=webproms;Integrated Security=True";

    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["id"] == null)
        {
            PanelContent.Visible = false;
            PanelLogin.Visible = true;
            LabelError.Visible = false;
        }
        else
        {
            PanelContent.Visible = true;
            PanelLogin.Visible = false;
            LabelError.Visible = false;
        }
    }

    protected void btnLogin_Click(object sender, EventArgs e)
    {
        int usermatch = 0;
        SqlConnection conn = new SqlConnection(connectionString);
        conn.Open();
        String sqlstring;
        SqlCommand checkUsername;
        SqlDataReader usernames;

        string fileName = this.Page.Request.Url.ToString();
        fileName = fileName.Remove(0, fileName.LastIndexOf("/") + 1);

        sqlstring = "SELECT accountID, accountUsername, accountPassword FROM accounts WHERE (accountUsername = '" + txtUsername.Text + "')";
        checkUsername = new SqlCommand(sqlstring, conn);
        usernames = checkUsername.ExecuteReader();

        while (usernames.Read())
        {
            if (usernames["accountUsername"].ToString() == txtUsername.Text)
            {
                if (usernames["accountPassword"].ToString() == txtPassword.Text)
                {
                    Session["username"] = usernames["accountUsername"].ToString();
                    Session["password"] = usernames["accountPassword"].ToString();
                    Session["id"] = usernames["accountID"].ToString();
                    usermatch = 1;
                    break;
                }
                else
                {
                    usermatch = -1;
                    break;
                }
            }
        }

        switch (usermatch)
        {
            case (1):
                //Session["username"] = tempUser;
                //Session["password"] = tempPass;
                //Session.Add("username", tempUser);
                //Session.Add("password", tempPass);
                PanelContent.Visible = true;
                PanelLogin.Visible = false;
                break;
            case (-1):
                Session["username"] = "";
                Session["password"] = "";
                PanelContent.Visible = false;
                PanelLogin.Visible = true;
                LabelError.Visible = true;
                break;
            case (0):
            default:
                PanelContent.Visible = false;
                PanelLogin.Visible = true;
                LabelError.Visible = false;
                break;
        }
        usernames.Close();
        conn.Close();
    }
}