Beispiel #1
0
        public bool sendSMSDetails(string username)
        {
            try
            {
                //generate random string
                string        otpstr   = RandomString(6);
                SMSRequest    smsObj   = new SMSRequest();
                DatabaseLayer dbObj    = new DatabaseLayer();
                string        mobileno = getuserMobileNo(username);
                SSAErrorLog   logObj   = new SSAErrorLog();

                if (mobileno != null)
                {
                    string query = "delete from userotp where username='******'";
                    logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "query delete " + query);
                    dbObj.deleteTableData(query);

                    string str = String.Format("{0:yyyy-MM-dd HH:mm:ss}", DateTime.Now);
                    dbObj.insertTableData("insert into userotp (username,otp,otpcreatedatetime,otpactivate) values ('" + QASecurity.Encryptdata(username) + "','" + otpstr + "','" + String.Format("{0:yyyy-MM-dd HH:mm:ss}", DateTime.Now) + "' , 0) ");
                    //insert into db
                    //send SMS
                    smsObj.sendSMS(mobileno, ConfigurationManager.AppSettings["otpmessage"].ToString() + " " + otpstr);
                    return(true);
                }
                else
                {
                    return(false);
                }
            }
            catch (Exception er)
            {
                return(false);
            }
        }
        public void getUserData(string queryoption)
        {
            DataSet data  = null;
            string  query = "";

            try
            {
                DatabaseLayer dataObj = new DatabaseLayer();
                if (queryoption.Equals("all"))
                {
                    query = "select id as 'S.No',username as 'User Name' from userquestionanswers";
                }
                else
                {
                    string liekquery = QASecurity.Encryptdata(queryoption);
                    query = "select id as 'S.No',username as 'User Name' from userquestionanswers where username like '%" + liekquery + "%'";
                }
                data = dataObj.getTableDataGrid(query);
                if (data != null)
                {
                    GridView1.DataSource = data;
                    GridView1.DataBind();
                }
                else
                {
                    GridView1.DataSource = data;
                    GridView1.DataBind();
                }
            }
            catch (Exception er)
            {
            }
        }
        protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
        {
            if (e.Row.RowType == DataControlRowType.DataRow)
            {
                if (e.Row.DataItem != null)
                {
                    DataRowView rdr = (DataRowView)e.Row.DataItem;

                    string username = rdr["User Name"].ToString();
                    //Label Label1 = (Label)e.Row.FindControl("username")
                    string usernamestr = QASecurity.Decryptdata(username.ToString());
                    e.Row.Cells[2].Text = usernamestr;
                    //Label1.Text = QASecurity.Decryptdata(username.ToString()); ;   //SymmetricEncryptionUtility.DecryptData(Address, EncryptionKeyFile);
                }
            }
        }
        protected void updateQA()
        {
            Hashtable     userOwnHash = null;
            DatabaseLayer dataObj     = null;

            try
            {
                userOwnHash = new Hashtable();
                dataObj     = new DatabaseLayer();

                userOwnHash.Add("question1", "18");
                userOwnHash.Add("answer1", QASecurity.Encryptdata(answer1.Text));

                userOwnHash.Add("question2", "19");
                userOwnHash.Add("answer2", QASecurity.Encryptdata(answer2.Text));

                userOwnHash.Add("question3", questionSet1.SelectedValue);
                userOwnHash.Add("answer3", QASecurity.Encryptdata(answer3.Text));

                userOwnHash.Add("question4", questionSet2.SelectedValue);
                userOwnHash.Add("answer4", QASecurity.Encryptdata(answer4.Text));


                userOwnHash.Add("question5", QASecurity.Encryptdata(question5.Text));
                userOwnHash.Add("answer5", QASecurity.Encryptdata(answer5.Text));

                userOwnHash.Add("question6", QASecurity.Encryptdata(question6.Text));
                userOwnHash.Add("answer6", QASecurity.Encryptdata(answer6.Text));


                string username = QASecurity.Encryptdata(Session["userid"].ToString());
                userOwnHash.Add("username", username);

                if (dataObj.updateTableDataStatus("userquestionanswers", userOwnHash, "username='******'"))
                {
                    Response.Redirect("SSAHome.aspx");
                }
                else
                {
                }
            }
            catch (Exception er)
            {
            }
        }
        protected void save_Click(object sender, ImageClickEventArgs e)
        {
            string update = Session["update"].ToString();


            DatabaseLayer dataObj   = new DatabaseLayer();
            string        userName2 = Session["userid"].ToString();
            string        userName  = QASecurity.Encryptdata(userName2);

            if (questionSet1.SelectedValue.Equals(questionSet2.SelectedValue))
            {
            }
            else
            {
                if (dataObj.getTablerowCount("userquestionanswers", "username='******'"))
                {
                    updateQA();
                }
                else
                {
                    insertQA();
                }
            }
        }
Beispiel #6
0
        public Boolean getUserQAs(string userid)
        {
            //string userid = null;
            try
            {
                //if (Session["userid"] != null)
                //{
                //    userid = Session["userid"].ToString();
                //    displayuser.Text = "User: "******"username"].ToString();
                //    ;

                //}
                //else if (Session["forgetpwduser"] != null)
                //{
                //    userid = Session["forgetpwduser"].ToString();
                //}

                // userid = "ss0087061";
                userid = QASecurity.Encryptdata(userid);
                DatabaseLayer dbObj = new DatabaseLayer();
                string        q1    = " userquestionanswers.id as id,userquestionanswers.question1 as questionid,ssaquestions.question as question,userquestionanswers.answer1 as answer from userquestionanswers,ssaquestions where userquestionanswers.question1 = ssaquestions.qid and username='******' and ssaquestions.qid=18";
                string        q2    = " userquestionanswers.id as id,userquestionanswers.question2 as questionid,ssaquestions.question as question,userquestionanswers.answer2 as answer from userquestionanswers,ssaquestions where userquestionanswers.question2 = ssaquestions.qid and username='******' and ssaquestions.qid=19";
                //string q3 = "select userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid  and username='******'";
                string q3 = " userquestionanswers.id as id,userquestionanswers.question3 as questionid,ssaquestions.question as question,userquestionanswers.answer3 as answer from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
                //string q3 = " userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid  and username='******'";
                string q4 = " userquestionanswers.id as id,userquestionanswers.question4 as questionid,ssaquestions.question as question,userquestionanswers.answer4 as answer from userquestionanswers,ssaquestions where userquestionanswers.question4 = ssaquestions.qid and username='******'";
                //string q5 = " userquestionanswers.question5 as question5, " +
                //    "userquestionanswers.answer5 as answer5, " +
                //    " userquestionanswers.question6 as question6,userquestionanswers.answer6 as answer6 from userquestionanswers  "+
                //    "where username ='******'";

                string q5 = "userquestionanswers.id as id, userquestionanswers.question5 as question5, " +
                            "userquestionanswers.answer5 as answer5, 'ANSWER5' as ANSWER5  from userquestionanswers  " +
                            "where username ='******'";

                string q6 = "userquestionanswers.id as id, userquestionanswers.question6 as question6, " +
                            "userquestionanswers.answer6 as answer6, 'ANSWER6' as ANSWER6  from userquestionanswers  " +
                            "where username ='******'";

                //string q6 = " userquestionanswers.id as id,userquestionanswers.question6 as question6,ssaquestions.question as question,userquestionanswers.answer6 as answer6 from userquestionanswers,ssaquestions where userquestionanswers.question6 = ssaquestions.qid and username='******'";
                //  ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id");


                ArrayList colNames = new ArrayList();
                colNames.Add("id");
                colNames.Add("questionid");
                colNames.Add("question");
                colNames.Add("answer");



                ArrayList q3hash = dbObj.getTableDataQuery(q3, null, "id", colNames);

                if (q3hash.Count == 0)
                {
                    return(false);
                }
                else
                {
                    return(true);
                }
            }
            catch (Exception er)
            {
                return(false);
            }
        }
Beispiel #7
0
        public void getUserQAs()
        {
            string userid = null;

            try
            {
                if (Session["userid"] != null)
                {
                    userid           = Session["userid"].ToString();
                    displayuser.Text = "User: "******"username"].ToString();
                    ;
                }
                else if (Session["forgetpwduser"] != null)
                {
                    userid = Session["forgetpwduser"].ToString();
                }
                if (userid == null)
                {
                    Response.Redirect("SelfServiceLogin.aspx", false);
                }
                // userid = "ss0087061";
                userid = QASecurity.Encryptdata(userid);
                DatabaseLayer dbObj = new DatabaseLayer();
                string        q1    = " userquestionanswers.id as id,userquestionanswers.question1 as questionid,ssaquestions.question as question,userquestionanswers.answer1 as answer from userquestionanswers,ssaquestions where userquestionanswers.question1 = ssaquestions.qid and username='******' and ssaquestions.qid=18";
                string        q2    = " userquestionanswers.id as id,userquestionanswers.question2 as questionid,ssaquestions.question as question,userquestionanswers.answer2 as answer from userquestionanswers,ssaquestions where userquestionanswers.question2 = ssaquestions.qid and username='******' and ssaquestions.qid=19";
                //string q3 = "select userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid  and username='******'";
                string q3 = " userquestionanswers.id as id,userquestionanswers.question3 as questionid,ssaquestions.question as question,userquestionanswers.answer3 as answer from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
                //string q3 = " userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid  and username='******'";
                string q4 = " userquestionanswers.id as id,userquestionanswers.question4 as questionid,ssaquestions.question as question,userquestionanswers.answer4 as answer from userquestionanswers,ssaquestions where userquestionanswers.question4 = ssaquestions.qid and username='******'";
                //string q5 = " userquestionanswers.question5 as question5, " +
                //    "userquestionanswers.answer5 as answer5, " +
                //    " userquestionanswers.question6 as question6,userquestionanswers.answer6 as answer6 from userquestionanswers  "+
                //    "where username ='******'";

                string q5 = "userquestionanswers.id as id, userquestionanswers.question5 as question5, " +
                            "userquestionanswers.answer5 as answer5, 'ANSWER5' as ANSWER5  from userquestionanswers  " +
                            "where username ='******'";

                string q6 = "userquestionanswers.id as id, userquestionanswers.question6 as question6, " +
                            "userquestionanswers.answer6 as answer6, 'ANSWER6' as ANSWER6  from userquestionanswers  " +
                            "where username ='******'";

                //string q6 = " userquestionanswers.id as id,userquestionanswers.question6 as question6,ssaquestions.question as question,userquestionanswers.answer6 as answer6 from userquestionanswers,ssaquestions where userquestionanswers.question6 = ssaquestions.qid and username='******'";
                //  ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id");


                ArrayList colNames = new ArrayList();
                colNames.Add("id");
                colNames.Add("questionid");
                colNames.Add("question");
                colNames.Add("answer");


                ArrayList colNames2 = new ArrayList();
                colNames2.Add("id");
                colNames2.Add("question5");
                colNames2.Add("answer5");
                // colNames2.Add("ANSWER5");

                // colNames2.Add("question6");
                //colNames2.Add("answer6");


                ArrayList colNames3 = new ArrayList();
                colNames3.Add("id");
                colNames3.Add("question6");
                colNames3.Add("answer6");
                //colNames2.Add("ANSWER6");


                ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id", colNames);
                q1hash.Add("not encrypted");
                ArrayList q2hash = dbObj.getTableDataQuery(q2, null, "id", colNames);
                q2hash.Add("not encrypted");
                ArrayList q3hash = dbObj.getTableDataQuery(q3, null, "id", colNames);

                if (q3hash.Count == 0)
                {
                    resultlable.Text = "Please register with Security questions and answers";
                    return;
                }

                q3hash.Add("not encrypted");
                ArrayList q4hash = dbObj.getTableDataQuery(q4, null, "id", colNames);
                q4hash.Add("not encrypted");
                ArrayList q5hash = dbObj.getTableDataQuery(q5, null, "id", colNames2);
                q5hash.Add("ANSWER5");
                q5hash.Add("encrypted");

                ArrayList q6hash = dbObj.getTableDataQuery(q6, null, "id", colNames3);
                q5hash.Add("encrypted");

                //dbObj.getTableDataQuery(q6, null, "id", colNames);
                // q6hash.Add(q5hash[3].ToString());
                q6hash.Add("ANSWER6");
                q6hash.Add("encrypted");


                //Label1.Text = "What is your Mother Maiden Name?";
                //Label2.Text = "In what town were you born?";
                //question3.Text= q3hash[2].ToString();
                //question4.Text = q4hash[2].ToString();
                //question5.Text = QASecurity.Decryptdata( q5hash[1].ToString());
                //question6.Text = QASecurity.Decryptdata( q5hash[3].ToString());

                ArrayList[] qhash = new ArrayList[6];
                qhash[0] = q1hash;
                qhash[1] = q2hash;
                qhash[2] = q3hash;
                qhash[3] = q4hash;
                qhash[4] = q5hash;
                qhash[5] = q6hash;

                RandomQs  qobj     = new RandomQs();
                ArrayList randomQs = qobj.PickRandom(qhash, 3);

                ArrayList firstq = (ArrayList)randomQs[0];

                ArrayList secondq = (ArrayList)randomQs[1];
                ArrayList thirdq  = (ArrayList)randomQs[2];

                if (firstq.Contains("not encrypted"))
                {
                    Label1.Text = firstq[2].ToString();
                    Label1.Attributes["answer1"] = firstq[3].ToString();
                    Session.Add("answer1", firstq[3].ToString());
                    Label1.Attributes["encrypt"] = "no";
                }
                else if (firstq.Contains("encrypted"))
                {
                    Label1.Text = QASecurity.Decryptdata(firstq[1].ToString());
                    Label1.Attributes["answer1"] = firstq[2].ToString();
                    Session.Add("answer1", firstq[2].ToString());
                    Label1.Attributes["encrypt"] = "yes";
                }

                if (secondq.Contains("not encrypted"))
                {
                    Label2.Text = secondq[2].ToString();
                    //  Label2.Attributes["answer1"] = secondq[3].ToString();
                    Label2.Attributes["answer1"] = secondq[3].ToString();
                    Session.Add("answer2", secondq[3].ToString());
                    Label2.Attributes["encrypt"] = "no";
                }
                else if (secondq.Contains("encrypted"))
                {
                    Label2.Text = QASecurity.Decryptdata(secondq[1].ToString());
                    Label2.Attributes["answer1"] = secondq[2].ToString();
                    Session.Add("answer2", secondq[2].ToString());
                    Label2.Attributes["encrypt"] = "yes";
                }


                if (thirdq.Contains("not encrypted"))
                {
                    Label3.Text = thirdq[2].ToString();
                    Label3.Attributes["answer1"] = thirdq[3].ToString();
                    Session.Add("answer3", thirdq[3].ToString());
                    Label3.Attributes["encrypt"] = "no";
                }
                else if (thirdq.Contains("encrypted"))
                {
                    Label3.Text = QASecurity.Decryptdata(thirdq[1].ToString());
                    Label3.Attributes["answer1"] = thirdq[2].ToString();
                    Session.Add("answer3", thirdq[2].ToString());
                    Label3.Attributes["encrypt"] = "yes";
                }



                //Label1.Text =
            }
            catch (Exception er)
            {
            }
        }
Beispiel #8
0
        protected void validateUserQAsOld()
        {
            string userid = null;

            try
            {
                if (Session["userid"] != null)
                {
                    userid           = Session["userid"].ToString();
                    displayuser.Text = Session["username"].ToString();
                }
                else if (Session["forgetpwduser"] != null)
                {
                    userid = Session["forgetpwduser"].ToString();
                }
                userid = QASecurity.Encryptdata(userid);
                DatabaseLayer dbObj = new DatabaseLayer();
                string        q1    = " userquestionanswers.id as id,userquestionanswers.question1 as questionid,ssaquestions.question as question,userquestionanswers.answer1 as answer from userquestionanswers,ssaquestions where userquestionanswers.question1 = ssaquestions.qid and username='******' and ssaquestions.qid=18";
                string        q2    = " userquestionanswers.id as id,userquestionanswers.question2 as questionid,ssaquestions.question as question,userquestionanswers.answer2 as answer from userquestionanswers,ssaquestions where userquestionanswers.question2 = ssaquestions.qid and username='******' and ssaquestions.qid=19";
                //string q3 = "select userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid  and username='******'";
                string q3 = " userquestionanswers.id as id,userquestionanswers.question3 as questionid,ssaquestions.question as question,userquestionanswers.answer3 as answer from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
                //string q3 = " userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid  and username='******'";
                string q4 = " userquestionanswers.id as id,userquestionanswers.question4 as questionid,ssaquestions.question as question,userquestionanswers.answer4 as answer from userquestionanswers,ssaquestions where userquestionanswers.question4 = ssaquestions.qid and username='******'";
                string q5 = " userquestionanswers.id as id,userquestionanswers.question5 as question5, " +
                            "userquestionanswers.answer5 as answer5, " +
                            " userquestionanswers.question6 as question6,userquestionanswers.answer6 as answer6 from userquestionanswers  " +
                            "where username ='******'";
                string q6 = " userquestionanswers.id as id,userquestionanswers.question6 as questionid,ssaquestions.question as question,userquestionanswers.answer6 as answer6 from userquestionanswers,ssaquestions where userquestionanswers.question6 = ssaquestions.qid and username='******'";
                //  ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id");


                ArrayList colNames = new ArrayList();
                colNames.Add("id");
                colNames.Add("questionid");
                colNames.Add("question");
                colNames.Add("answer");


                ArrayList colNames2 = new ArrayList();
                colNames2.Add("id");
                colNames2.Add("question5");
                colNames2.Add("answer5");
                colNames2.Add("question6");
                colNames2.Add("answer6");


                ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id", colNames);
                ArrayList q2hash = dbObj.getTableDataQuery(q2, null, "id", colNames);
                ArrayList q3hash = dbObj.getTableDataQuery(q3, null, "id", colNames);
                ArrayList q4hash = dbObj.getTableDataQuery(q4, null, "id", colNames);
                ArrayList q5hash = dbObj.getTableDataQuery(q5, null, "id", colNames2);

                if (q3hash.Count == 0)
                {
                    resultlable.Text = "Please register with Security questions and answers";
                    return;
                }
                int j = 0;


                //if (answer1.Text.Equals(QASecurity.Decryptdata(q1hash[3].ToString())))
                //{
                //    j++;
                //}
                //if (answer2.Text.Equals(QASecurity.Decryptdata(q2hash[3].ToString())))
                //{
                //    j++;
                //}
                //if (answer3.Text.Equals(QASecurity.Decryptdata(q3hash[3].ToString())))
                //{
                //    j++;
                //}
                //if (answer4.Text.Equals(QASecurity.Decryptdata(q4hash[3].ToString())))
                //{
                //    j++;
                //}
                //if (answer5.Text.Equals(QASecurity.Decryptdata(q5hash[2].ToString())))
                //{
                //    j++;
                //}
                //if (answer6.Text.Equals(QASecurity.Decryptdata(q5hash[4].ToString())))
                //{
                //    j++;
                //}

                if (j >= 3)
                {
                    Response.Redirect("wer.aspx");
                }
                else
                {
                    resultlable.Text = "Minimum 3 Answers should match, Please verify again";
                    return;
                }

                /*
                 * if (answer1.Text.Equals(q1hash[3].ToString()) && answer2.Text.Equals(q2hash[3].ToString()) && answer3.Text.Equals(q3hash[3].ToString()) && answer4.Text.Equals(q4hash[3].ToString()) && answer5.Text.Equals(q5hash[2].ToString()) && answer6.Text.Equals(q5hash[4].ToString()))
                 * {
                 *  Response.Redirect("wer.aspx");
                 * }
                 * else
                 * {
                 *  resultlable.Text = "Answers are not matching, Please verify again";
                 *  return;
                 * }
                 *
                 */
            }
            catch (Exception er)
            {
            }
        }
Beispiel #9
0
        protected void validateUserQAs()
        {
            string userid = null;

            try
            {
                if (Session["userid"] != null)
                {
                    userid = Session["userid"].ToString();
                    //  displayuser.Text = "User: "******"username"].ToString();
                }
                else if (Session["forgetpwduser"] != null)
                {
                    userid = Session["forgetpwduser"].ToString();
                }
                displayuser.Text = "User: "******"";
                String str2 = "";

                //if (QASecurity.Decryptdata(Label1.Attributes["answer1"].ToString()).Equals(answer1.Text, StringComparison.InvariantCultureIgnoreCase))
                //    {
                //        j++;
                //    }

                //    if (QASecurity.Decryptdata(Label2.Attributes["answer1"].ToString()).Equals(answer2.Text,StringComparison.InvariantCultureIgnoreCase))
                //    {
                //        j++;
                //    }

                //    if (QASecurity.Decryptdata(Label3.Attributes["answer1"].ToString()).Equals(answer3.Text, StringComparison.InvariantCultureIgnoreCase))
                //    {
                //        j++;
                //    }

                if (QASecurity.Decryptdata(Session["answer1"].ToString()).Equals(answer1.Text, StringComparison.InvariantCultureIgnoreCase))
                {
                    j++;
                }

                if (QASecurity.Decryptdata(Session["answer2"].ToString()).Equals(answer2.Text, StringComparison.InvariantCultureIgnoreCase))
                {
                    j++;
                }

                if (QASecurity.Decryptdata(Session["answer3"].ToString()).Equals(answer3.Text, StringComparison.InvariantCultureIgnoreCase))
                {
                    j++;
                }



                if (j >= 2)
                {
                    //this is where SMS need to be send

                    ADUserDetails adObj = new ADUserDetails();
                    if (adObj.sendSMSDetails(userid))
                    {
                        Response.Redirect("ValidateOTP.aspx");
                    }
                    else
                    {
                        resultlable.Text      = "Mobile number not available/configured, Please contact Administrator";
                        resultlable.ForeColor = System.Drawing.Color.Red;
                    }
                    //getuserMobileNo
                }
                else
                {
                    // resultlable.Text = "Atleast 2 answers should match, Please verify again";
                    // ScriptManager.RegisterClientScriptBlock(this, this.GetType(), "alertMessage", "alert('Atleast 2 answers should match, Please verify again')", true);
                    //this.Page.EnableViewState = true;
                    Session.Add("answermismatch", "true");
                    Response.Redirect("RestPasswordQA.aspx", false);
                    //return;
                }

                /*
                 * if (answer1.Text.Equals(q1hash[3].ToString()) && answer2.Text.Equals(q2hash[3].ToString()) && answer3.Text.Equals(q3hash[3].ToString()) && answer4.Text.Equals(q4hash[3].ToString()) && answer5.Text.Equals(q5hash[2].ToString()) && answer6.Text.Equals(q5hash[4].ToString()))
                 * {
                 *  Response.Redirect("wer.aspx");
                 * }
                 * else
                 * {
                 *  resultlable.Text = "Answers are not matching, Please verify again";
                 *  return;
                 * }
                 *
                 */
            }
            catch (Exception er)
            {
            }
        }
        protected void validateUserQAs()
        {
            string username = null;

            try
            {
                if (Session["userid"] != null)
                {
                    username = Session["userid"].ToString();
                }

                String        userid = QASecurity.Encryptdata(username);
                DatabaseLayer dbObj  = new DatabaseLayer();
                string        q1     = " userquestionanswers.id as id,userquestionanswers.question1 as questionid,ssaquestions.question as question,userquestionanswers.answer1 as answer from userquestionanswers,ssaquestions where userquestionanswers.question1 = ssaquestions.qid and username='******' and ssaquestions.qid=18";
                string        q2     = " userquestionanswers.id as id,userquestionanswers.question2 as questionid,ssaquestions.question as question,userquestionanswers.answer2 as answer from userquestionanswers,ssaquestions where userquestionanswers.question2 = ssaquestions.qid and username='******' and ssaquestions.qid=19";
                //string q3 = "select userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid  and username='******'";
                string q3 = " userquestionanswers.id as id,userquestionanswers.question3 as questionid,ssaquestions.question as question,userquestionanswers.answer3 as answer from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
                //string q3 = " userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid  and username='******'";
                string q4 = " userquestionanswers.id as id,userquestionanswers.question4 as questionid,ssaquestions.question as question,userquestionanswers.answer4 as answer from userquestionanswers,ssaquestions where userquestionanswers.question4 = ssaquestions.qid and username='******'";
                string q5 = " userquestionanswers.id as id,userquestionanswers.question5 as question5, " +
                            "userquestionanswers.answer5 as answer5, " +
                            " userquestionanswers.question6 as question6,userquestionanswers.answer6 as answer6 from userquestionanswers  " +
                            "where username ='******'";
                string q6 = " userquestionanswers.id as id,userquestionanswers.question6 as questionid,ssaquestions.question as question,userquestionanswers.answer6 as answer6 from userquestionanswers,ssaquestions where userquestionanswers.question6 = ssaquestions.qid and username='******'";
                //  ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id");


                ArrayList colNames = new ArrayList();
                colNames.Add("id");
                colNames.Add("questionid");
                colNames.Add("question");
                colNames.Add("answer");


                ArrayList colNames2 = new ArrayList();
                colNames2.Add("id");
                colNames2.Add("question5");
                colNames2.Add("answer5");
                colNames2.Add("question6");
                colNames2.Add("answer6");


                ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id", colNames);
                ArrayList q2hash = dbObj.getTableDataQuery(q2, null, "id", colNames);
                ArrayList q3hash = dbObj.getTableDataQuery(q3, null, "id", colNames);
                ArrayList q4hash = dbObj.getTableDataQuery(q4, null, "id", colNames);
                ArrayList q5hash = dbObj.getTableDataQuery(q5, null, "id", colNames2);

                question5.Text             = QASecurity.Decryptdata(q5hash[1].ToString());
                question6.Text             = QASecurity.Decryptdata(q5hash[3].ToString());
                questionSet1.SelectedValue = q3hash[1].ToString();
                questionSet2.SelectedValue = q4hash[1].ToString();

                //answer1.Text= q1hash[3].ToString();
                answer1.Attributes["value"] = QASecurity.Encryptdata(q1hash[3].ToString());
                //answer2.Attributes["value"] = q2hash[3].ToString();
                answer2.Attributes["value"] = QASecurity.Encryptdata(q2hash[3].ToString());
                //answer2.Text= q2hash[3].ToString();
                //answer3.Text = q3hash[3].ToString();
                answer3.Attributes["value"] = QASecurity.Encryptdata(q3hash[3].ToString());
                // answer4.Text=q4hash[3].ToString();
                answer4.Attributes["value"] = QASecurity.Encryptdata(q4hash[3].ToString());
                //answer5.Text=q5hash[2].ToString();
                answer5.Attributes["value"] = QASecurity.Encryptdata(q5hash[2].ToString());

                //answer6.Text=q5hash[4].ToString();
                answer6.Attributes["value"] = QASecurity.Encryptdata(q5hash[4].ToString());
            }
            catch (Exception er)
            {
            }
        }
Beispiel #11
0
        protected bool validateOTP()
        {
            SSAErrorLog logObj = new SSAErrorLog();

            string userid = null;

            try
            {
                if (Session["userid"] != null)
                {
                    userid = Session["userid"].ToString();
                }
                else if (Session["forgetpwduser"] != null)
                {
                    userid = Session["forgetpwduser"].ToString();
                }

                DatabaseLayer dataObj = new DatabaseLayer();
                userid = QASecurity.Encryptdata(userid);

                ArrayList colNames = new ArrayList();
                colNames.Add("iduserotp");
                colNames.Add("username");
                colNames.Add("otp");
                colNames.Add("otpcreatedatetime");
                colNames.Add("otpactivate");

                Hashtable updateHash = new Hashtable();
                updateHash.Add("otpactivate", 1);
                ArrayList resulthash = dataObj.getTableDataQuery("iduserotp,username,otp,otpcreatedatetime,otpactivate from userotp where username='******'", null, "iduserotp", colNames);


                string dbotp = resulthash[2].ToString();
                logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "User idd " + userid + " << dbotp >>>" + dbotp);
                DateTime otpdateObj = Convert.ToDateTime(resulthash[3].ToString());

                string   activate = resulthash[4].ToString();
                DateTime current  = DateTime.Now;

                TimeSpan ts   = current - otpdateObj;
                int      mins = ts.Minutes;
                logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "difference mins   " + mins);
                string otpvalidation     = ConfigurationManager.AppSettings["otpdurationvalidation"].ToString();
                string otpdurationinmins = ConfigurationManager.AppSettings["otpdurationinmins"].ToString();
                int    otpduration       = Convert.ToInt32(otpdurationinmins);
                logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "otpduration    " + otpduration);
                if (otpvalidation.Equals("yes"))
                {
                    if (mins > otpduration)
                    {
                        return(false);
                    }
                }
                if (dbotp.Equals(otpval.Text) && activate.Equals("False"))
                {
                    //Response.Redirect("wer.aspx");
                    logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "done   ");
                    //here it shoud deactivate the OTP, update the table
                    //dataObj.updateTableData("userotp", updateHash, "username='******'");

                    return(true);
                }
                else
                {
                    logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), " none  ");
                    return(false);
                }

                //dataObj.getTableData("",
            }
            catch (Exception er)
            {
                return(false);
            }
        }