Profiles.Login.Utilities.DataIO.UserLogin C# (CSharp) Méthode

        public bool UserLogin(ref User user)
        {
            bool loginsuccess = false;

            try
            {
                SessionManagement sm = new SessionManagement();
                string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;

                SqlConnection dbconnection = new SqlConnection(connstr);

                SqlParameter[] param = new SqlParameter[4];

                dbconnection.Open();

                param[0] = new SqlParameter("@UserName", user.UserName);
                param[1] = new SqlParameter("@Password", user.Password);

                param[2] = new SqlParameter("@UserID", null);
                param[2].DbType = DbType.Int32;
                param[2].Direction = ParameterDirection.Output;

                param[3] = new SqlParameter("@PersonID", null);
                param[3].DbType = DbType.Int32;
                param[3].Direction = ParameterDirection.Output;

                //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
                ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));

                dbconnection.Close();
                try
                {
                    user.UserID = Convert.ToInt32(param[2].Value.ToString());

                    if (param[3].Value != DBNull.Value)
                        user.PersonID = Convert.ToInt32(param[3].Value.ToString());
                }
                catch { }
                if (user.UserID != 0)
                {
                    loginsuccess = true;
                    sm.Session().UserID = user.UserID;
                    sm.Session().PersonID = user.PersonID;
                    sm.Session().LoginDate = DateTime.Now;
                    Session session = sm.Session();
                    SessionUpdate(ref session);
                    SessionActivityLog();
                }

            }
            catch (Exception ex)
            {

                throw ex;
            }

            return loginsuccess;
        }

        protected void cmdSubmit_Click(object sender, EventArgs e)
        {
            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

            Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
            user.UserName = txtUserName.Text.Trim();
            user.Password = txtUserName.Text.Trim();  // works on dev just now, need to change!

            if (user.UserName.Length == 0 && user.Password.Length == 0)
            {
                // Allow anonymous access.  Do not log in person.
                // Add the gadgets
                Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
                Session[OpenSocialManager.OPENSOCIAL_DEBUG]   = chkDebug.Checked;
                Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
                Response.Redirect(Root.Domain);
            }
            else if (sandboxPassword.Equals(txtPassword.Text.Trim()) && data.UserLogin(ref user))
            {
                // User logged in, now add the gadgets
                // add the gadgets
                Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
                Session[OpenSocialManager.OPENSOCIAL_DEBUG]   = chkDebug.Checked;
                Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
                Response.Redirect(Root.Domain);
            }
            else
            {
                lblError.Text    = "Login failed, please try again";
                txtPassword.Text = "";
                txtPassword.Focus();
            }
        }