?using System;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class BackDesk_Login_Login : System.Web.UI.Page
{
    DataCon myCon = new DataCon();
    ValidateCode code = new ValidateCode();
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            labValidateCode.Text = code.validateCode().ToString();
        }
    }
    protected void btnLogin_Click(object sender, EventArgs e)
    {
        Session["UserID"] = txtUserID.Text;//給DeliverCard.aspx頁傳值
        Session["Name"] = txtUserName.Text;//給Index.aspx頁傳值
        if(txtValidateCode.Text.Trim()!=labValidateCode.Text.Trim())
        {
            Response.Write("<script lanuage=javascript>alert('驗證碼錯誤');location='javascript:history.go(-1)'</script>");
        }
        else
        {
            SqlConnection sqlconn = myCon.getCon();
            sqlconn.Open();
            SqlCommand sqlcom = sqlconn.CreateCommand();
            if (cbAdminLogin.Checked == true)
            {
                sqlcom.CommandText = "select count(*) from tb_Admin where AdminID='" + txtUserID.Text 
                    + "' and AdminName='" + txtUserName.Text + "' and AdminPwd='" + txtPassword.Text + "'";
                int countAdmin = Convert.ToInt32(sqlcom.ExecuteScalar());//獲取SQL語句的值 強制轉換成數值類型
                if (countAdmin > 0)
                {
                    Page.Response.Redirect("AdminLogined.aspx");
                }
                else
                {
                    Response.Write("<script lanuage=javascript>alert('用戶名或密碼有誤！');location='javascript:history.go(-1)'</script>");
                    return;
                }
            }
            else
            {
                sqlcom.CommandText = "select count(*) from tb_User where UserID='" + txtUserID.Text 
                    + "'and UserLoginName='" + txtUserName.Text + "'and UserPwd='" + txtPassword.Text + "'";
                int countUser = Convert.ToInt32(sqlcom.ExecuteScalar());
                if (countUser > 0)
                {
                   Page.Response.Redirect("UserLogined.aspx");
                }
                else
                {
                    Response.Write("<script lanuage=javascript>alert('用戶名或密碼有誤！');location='javascript:history.go(-1)'</script>");
                    return;
                }
            } 
            sqlconn.Close();
        }
    }
    protected void btnCancel_Click(object sender, EventArgs e)
    {
        txtUserID.Text = "";
        txtUserName.Text = "";
        txtPassword.Text = "";
        txtValidateCode.Text = "";
        txtUserID.Focus();
    }
}