Imports System.Web.Security '   |||||   Required Class for Authentication
Imports System.Data '   |||||   DB Accessing Import
Imports System.Data.Sqlclient    '   ||||||  SQL Database Required Import!
Imports System.Data.OleDb

Imports System.Configuration
Partial Class admin_add
    Inherits System.Web.UI.Page

    Protected Sub btnAdd_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnAdd.Click
        If Page.IsValid Then
            '   |||||   Connect to Database for User Validation |||||
            If DBConnection(txtUser.Text, txtPass.Text, txtFolder.Text) Then
                Response.Redirect("admin.aspx") '   |||||   default.aspx Page!

            Else
                '   |||||   Credentials are Invalid
                lblMessage.Text = "Didn't Work"
            End If
        End If
    End Sub

    Protected Sub btnCancel_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnCancel.Click
        Response.Redirect("admin.aspx")
    End Sub

    Private Function DBConnection(ByVal UserName As String, ByVal Password As String, ByVal Folder As String) As Boolean
        '   |||||   Declare Required Variables
        '   |||||   Access appSettings of Web.Config for Connection String (Constant)
        Dim LoginSQL As String
        Dim MyConn As Data.SqlClient.SqlConnection = New Data.SqlClient.SqlConnection(ConfigurationManager.ConnectionStrings("strConn").ToString)

        '   |||||   Pass in Stored procedure
        '   |||||   Set CommandType to Stored Procedure
        Dim MyCmd As New SqlCommand("sp_INSERT_User", MyConn)
        MyCmd.CommandType = CommandType.StoredProcedure

        '   |||||   Create Parameter Objects for values passed in
        Dim objParam1, objParam2 As SqlParameter
        Dim objParam3, objParam4 As New SqlParameter
        '   |||||   Add the parameters to the parameters collection of the
        '   |||||   command object, and set their datatypes (OleDbType in this case)
        objParam1 = MyCmd.Parameters.Add("@name", SqlDbType.NVarChar, 255)
        objParam2 = MyCmd.Parameters.Add("@password", SqlDbType.NVarChar, 50)
        objParam3 = MyCmd.Parameters.Add("@folder", SqlDbType.NVarChar, 50)

        objParam1.Direction = ParameterDirection.Input
        objParam2.Direction = ParameterDirection.Input
        objParam3.Direction = ParameterDirection.Input

        objParam1.SqlValue = UserName.ToString
        objParam2.SqlValue = Password.ToString
        objParam3.SqlValue = Folder.ToString
        '   |||||   Set the value(s) of the parameters to the respective source controls


        '   |||||   Try, catch block!
        Try
            '   |||||   Check if Connection to DB is already open, if not, then open    a      connection
            If MyConn.State = ConnectionState.Closed Then
                '   |||||   DB not already Open...so open it
                MyConn.Open()
            End If

            '   |||||   Create OleDb Data Reader
            Dim objReader As SqlDataReader
            objReader = MyCmd.ExecuteReader(CommandBehavior.CloseConnection)
            '   |||||   Close the Reader and the Connection Closes with it

            Return True
        Catch ex As Exception
            lblMessage.Text = "Error Connecting to Database!"
        End Try


    End Function
End Class