public bool sendSMSDetails(string username)
{
try
{
//generate random string
string otpstr = RandomString(6);
SMSRequest smsObj = new SMSRequest();
DatabaseLayer dbObj = new DatabaseLayer();
string mobileno = getuserMobileNo(username);
SSAErrorLog logObj = new SSAErrorLog();
if (mobileno != null)
{
string query = "delete from userotp where username='******'";
logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "query delete " + query);
dbObj.deleteTableData(query);
string str = String.Format("{0:yyyy-MM-dd HH:mm:ss}", DateTime.Now);
dbObj.insertTableData("insert into userotp (username,otp,otpcreatedatetime,otpactivate) values ('" + QASecurity.Encryptdata(username) + "','" + otpstr + "','" + String.Format("{0:yyyy-MM-dd HH:mm:ss}", DateTime.Now) + "' , 0) ");
//insert into db
//send SMS
smsObj.sendSMS(mobileno, ConfigurationManager.AppSettings["otpmessage"].ToString() + " " + otpstr);
return(true);
}
else
{
return(false);
}
}
catch (Exception er)
{
return(false);
}
}
public void getUserData(string queryoption)
{
DataSet data = null;
string query = "";
try
{
DatabaseLayer dataObj = new DatabaseLayer();
if (queryoption.Equals("all"))
{
query = "select id as 'S.No',username as 'User Name' from userquestionanswers";
}
else
{
string liekquery = QASecurity.Encryptdata(queryoption);
query = "select id as 'S.No',username as 'User Name' from userquestionanswers where username like '%" + liekquery + "%'";
}
data = dataObj.getTableDataGrid(query);
if (data != null)
{
GridView1.DataSource = data;
GridView1.DataBind();
}
else
{
GridView1.DataSource = data;
GridView1.DataBind();
}
}
catch (Exception er)
{
}
}
protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
{
if (e.Row.RowType == DataControlRowType.DataRow)
{
if (e.Row.DataItem != null)
{
DataRowView rdr = (DataRowView)e.Row.DataItem;
string username = rdr["User Name"].ToString();
//Label Label1 = (Label)e.Row.FindControl("username")
string usernamestr = QASecurity.Decryptdata(username.ToString());
e.Row.Cells[2].Text = usernamestr;
//Label1.Text = QASecurity.Decryptdata(username.ToString()); ; //SymmetricEncryptionUtility.DecryptData(Address, EncryptionKeyFile);
}
}
}
protected void updateQA()
{
Hashtable userOwnHash = null;
DatabaseLayer dataObj = null;
try
{
userOwnHash = new Hashtable();
dataObj = new DatabaseLayer();
userOwnHash.Add("question1", "18");
userOwnHash.Add("answer1", QASecurity.Encryptdata(answer1.Text));
userOwnHash.Add("question2", "19");
userOwnHash.Add("answer2", QASecurity.Encryptdata(answer2.Text));
userOwnHash.Add("question3", questionSet1.SelectedValue);
userOwnHash.Add("answer3", QASecurity.Encryptdata(answer3.Text));
userOwnHash.Add("question4", questionSet2.SelectedValue);
userOwnHash.Add("answer4", QASecurity.Encryptdata(answer4.Text));
userOwnHash.Add("question5", QASecurity.Encryptdata(question5.Text));
userOwnHash.Add("answer5", QASecurity.Encryptdata(answer5.Text));
userOwnHash.Add("question6", QASecurity.Encryptdata(question6.Text));
userOwnHash.Add("answer6", QASecurity.Encryptdata(answer6.Text));
string username = QASecurity.Encryptdata(Session["userid"].ToString());
userOwnHash.Add("username", username);
if (dataObj.updateTableDataStatus("userquestionanswers", userOwnHash, "username='******'"))
{
Response.Redirect("SSAHome.aspx");
}
else
{
}
}
catch (Exception er)
{
}
}
protected void save_Click(object sender, ImageClickEventArgs e)
{
string update = Session["update"].ToString();
DatabaseLayer dataObj = new DatabaseLayer();
string userName2 = Session["userid"].ToString();
string userName = QASecurity.Encryptdata(userName2);
if (questionSet1.SelectedValue.Equals(questionSet2.SelectedValue))
{
}
else
{
if (dataObj.getTablerowCount("userquestionanswers", "username='******'"))
{
updateQA();
}
else
{
insertQA();
}
}
}
public Boolean getUserQAs(string userid)
{
//string userid = null;
try
{
//if (Session["userid"] != null)
//{
// userid = Session["userid"].ToString();
// displayuser.Text = "User: "******"username"].ToString();
// ;
//}
//else if (Session["forgetpwduser"] != null)
//{
// userid = Session["forgetpwduser"].ToString();
//}
// userid = "ss0087061";
userid = QASecurity.Encryptdata(userid);
DatabaseLayer dbObj = new DatabaseLayer();
string q1 = " userquestionanswers.id as id,userquestionanswers.question1 as questionid,ssaquestions.question as question,userquestionanswers.answer1 as answer from userquestionanswers,ssaquestions where userquestionanswers.question1 = ssaquestions.qid and username='******' and ssaquestions.qid=18";
string q2 = " userquestionanswers.id as id,userquestionanswers.question2 as questionid,ssaquestions.question as question,userquestionanswers.answer2 as answer from userquestionanswers,ssaquestions where userquestionanswers.question2 = ssaquestions.qid and username='******' and ssaquestions.qid=19";
//string q3 = "select userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
string q3 = " userquestionanswers.id as id,userquestionanswers.question3 as questionid,ssaquestions.question as question,userquestionanswers.answer3 as answer from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
//string q3 = " userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
string q4 = " userquestionanswers.id as id,userquestionanswers.question4 as questionid,ssaquestions.question as question,userquestionanswers.answer4 as answer from userquestionanswers,ssaquestions where userquestionanswers.question4 = ssaquestions.qid and username='******'";
//string q5 = " userquestionanswers.question5 as question5, " +
// "userquestionanswers.answer5 as answer5, " +
// " userquestionanswers.question6 as question6,userquestionanswers.answer6 as answer6 from userquestionanswers "+
// "where username ='******'";
string q5 = "userquestionanswers.id as id, userquestionanswers.question5 as question5, " +
"userquestionanswers.answer5 as answer5, 'ANSWER5' as ANSWER5 from userquestionanswers " +
"where username ='******'";
string q6 = "userquestionanswers.id as id, userquestionanswers.question6 as question6, " +
"userquestionanswers.answer6 as answer6, 'ANSWER6' as ANSWER6 from userquestionanswers " +
"where username ='******'";
//string q6 = " userquestionanswers.id as id,userquestionanswers.question6 as question6,ssaquestions.question as question,userquestionanswers.answer6 as answer6 from userquestionanswers,ssaquestions where userquestionanswers.question6 = ssaquestions.qid and username='******'";
// ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id");
ArrayList colNames = new ArrayList();
colNames.Add("id");
colNames.Add("questionid");
colNames.Add("question");
colNames.Add("answer");
ArrayList q3hash = dbObj.getTableDataQuery(q3, null, "id", colNames);
if (q3hash.Count == 0)
{
return(false);
}
else
{
return(true);
}
}
catch (Exception er)
{
return(false);
}
}
public void getUserQAs()
{
string userid = null;
try
{
if (Session["userid"] != null)
{
userid = Session["userid"].ToString();
displayuser.Text = "User: "******"username"].ToString();
;
}
else if (Session["forgetpwduser"] != null)
{
userid = Session["forgetpwduser"].ToString();
}
if (userid == null)
{
Response.Redirect("SelfServiceLogin.aspx", false);
}
// userid = "ss0087061";
userid = QASecurity.Encryptdata(userid);
DatabaseLayer dbObj = new DatabaseLayer();
string q1 = " userquestionanswers.id as id,userquestionanswers.question1 as questionid,ssaquestions.question as question,userquestionanswers.answer1 as answer from userquestionanswers,ssaquestions where userquestionanswers.question1 = ssaquestions.qid and username='******' and ssaquestions.qid=18";
string q2 = " userquestionanswers.id as id,userquestionanswers.question2 as questionid,ssaquestions.question as question,userquestionanswers.answer2 as answer from userquestionanswers,ssaquestions where userquestionanswers.question2 = ssaquestions.qid and username='******' and ssaquestions.qid=19";
//string q3 = "select userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
string q3 = " userquestionanswers.id as id,userquestionanswers.question3 as questionid,ssaquestions.question as question,userquestionanswers.answer3 as answer from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
//string q3 = " userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
string q4 = " userquestionanswers.id as id,userquestionanswers.question4 as questionid,ssaquestions.question as question,userquestionanswers.answer4 as answer from userquestionanswers,ssaquestions where userquestionanswers.question4 = ssaquestions.qid and username='******'";
//string q5 = " userquestionanswers.question5 as question5, " +
// "userquestionanswers.answer5 as answer5, " +
// " userquestionanswers.question6 as question6,userquestionanswers.answer6 as answer6 from userquestionanswers "+
// "where username ='******'";
string q5 = "userquestionanswers.id as id, userquestionanswers.question5 as question5, " +
"userquestionanswers.answer5 as answer5, 'ANSWER5' as ANSWER5 from userquestionanswers " +
"where username ='******'";
string q6 = "userquestionanswers.id as id, userquestionanswers.question6 as question6, " +
"userquestionanswers.answer6 as answer6, 'ANSWER6' as ANSWER6 from userquestionanswers " +
"where username ='******'";
//string q6 = " userquestionanswers.id as id,userquestionanswers.question6 as question6,ssaquestions.question as question,userquestionanswers.answer6 as answer6 from userquestionanswers,ssaquestions where userquestionanswers.question6 = ssaquestions.qid and username='******'";
// ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id");
ArrayList colNames = new ArrayList();
colNames.Add("id");
colNames.Add("questionid");
colNames.Add("question");
colNames.Add("answer");
ArrayList colNames2 = new ArrayList();
colNames2.Add("id");
colNames2.Add("question5");
colNames2.Add("answer5");
// colNames2.Add("ANSWER5");
// colNames2.Add("question6");
//colNames2.Add("answer6");
ArrayList colNames3 = new ArrayList();
colNames3.Add("id");
colNames3.Add("question6");
colNames3.Add("answer6");
//colNames2.Add("ANSWER6");
ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id", colNames);
q1hash.Add("not encrypted");
ArrayList q2hash = dbObj.getTableDataQuery(q2, null, "id", colNames);
q2hash.Add("not encrypted");
ArrayList q3hash = dbObj.getTableDataQuery(q3, null, "id", colNames);
if (q3hash.Count == 0)
{
resultlable.Text = "Please register with Security questions and answers";
return;
}
q3hash.Add("not encrypted");
ArrayList q4hash = dbObj.getTableDataQuery(q4, null, "id", colNames);
q4hash.Add("not encrypted");
ArrayList q5hash = dbObj.getTableDataQuery(q5, null, "id", colNames2);
q5hash.Add("ANSWER5");
q5hash.Add("encrypted");
ArrayList q6hash = dbObj.getTableDataQuery(q6, null, "id", colNames3);
q5hash.Add("encrypted");
//dbObj.getTableDataQuery(q6, null, "id", colNames);
// q6hash.Add(q5hash[3].ToString());
q6hash.Add("ANSWER6");
q6hash.Add("encrypted");
//Label1.Text = "What is your Mother Maiden Name?";
//Label2.Text = "In what town were you born?";
//question3.Text= q3hash[2].ToString();
//question4.Text = q4hash[2].ToString();
//question5.Text = QASecurity.Decryptdata( q5hash[1].ToString());
//question6.Text = QASecurity.Decryptdata( q5hash[3].ToString());
ArrayList[] qhash = new ArrayList[6];
qhash[0] = q1hash;
qhash[1] = q2hash;
qhash[2] = q3hash;
qhash[3] = q4hash;
qhash[4] = q5hash;
qhash[5] = q6hash;
RandomQs qobj = new RandomQs();
ArrayList randomQs = qobj.PickRandom(qhash, 3);
ArrayList firstq = (ArrayList)randomQs[0];
ArrayList secondq = (ArrayList)randomQs[1];
ArrayList thirdq = (ArrayList)randomQs[2];
if (firstq.Contains("not encrypted"))
{
Label1.Text = firstq[2].ToString();
Label1.Attributes["answer1"] = firstq[3].ToString();
Session.Add("answer1", firstq[3].ToString());
Label1.Attributes["encrypt"] = "no";
}
else if (firstq.Contains("encrypted"))
{
Label1.Text = QASecurity.Decryptdata(firstq[1].ToString());
Label1.Attributes["answer1"] = firstq[2].ToString();
Session.Add("answer1", firstq[2].ToString());
Label1.Attributes["encrypt"] = "yes";
}
if (secondq.Contains("not encrypted"))
{
Label2.Text = secondq[2].ToString();
// Label2.Attributes["answer1"] = secondq[3].ToString();
Label2.Attributes["answer1"] = secondq[3].ToString();
Session.Add("answer2", secondq[3].ToString());
Label2.Attributes["encrypt"] = "no";
}
else if (secondq.Contains("encrypted"))
{
Label2.Text = QASecurity.Decryptdata(secondq[1].ToString());
Label2.Attributes["answer1"] = secondq[2].ToString();
Session.Add("answer2", secondq[2].ToString());
Label2.Attributes["encrypt"] = "yes";
}
if (thirdq.Contains("not encrypted"))
{
Label3.Text = thirdq[2].ToString();
Label3.Attributes["answer1"] = thirdq[3].ToString();
Session.Add("answer3", thirdq[3].ToString());
Label3.Attributes["encrypt"] = "no";
}
else if (thirdq.Contains("encrypted"))
{
Label3.Text = QASecurity.Decryptdata(thirdq[1].ToString());
Label3.Attributes["answer1"] = thirdq[2].ToString();
Session.Add("answer3", thirdq[2].ToString());
Label3.Attributes["encrypt"] = "yes";
}
//Label1.Text =
}
catch (Exception er)
{
}
}
protected void validateUserQAsOld()
{
string userid = null;
try
{
if (Session["userid"] != null)
{
userid = Session["userid"].ToString();
displayuser.Text = Session["username"].ToString();
}
else if (Session["forgetpwduser"] != null)
{
userid = Session["forgetpwduser"].ToString();
}
userid = QASecurity.Encryptdata(userid);
DatabaseLayer dbObj = new DatabaseLayer();
string q1 = " userquestionanswers.id as id,userquestionanswers.question1 as questionid,ssaquestions.question as question,userquestionanswers.answer1 as answer from userquestionanswers,ssaquestions where userquestionanswers.question1 = ssaquestions.qid and username='******' and ssaquestions.qid=18";
string q2 = " userquestionanswers.id as id,userquestionanswers.question2 as questionid,ssaquestions.question as question,userquestionanswers.answer2 as answer from userquestionanswers,ssaquestions where userquestionanswers.question2 = ssaquestions.qid and username='******' and ssaquestions.qid=19";
//string q3 = "select userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
string q3 = " userquestionanswers.id as id,userquestionanswers.question3 as questionid,ssaquestions.question as question,userquestionanswers.answer3 as answer from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
//string q3 = " userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
string q4 = " userquestionanswers.id as id,userquestionanswers.question4 as questionid,ssaquestions.question as question,userquestionanswers.answer4 as answer from userquestionanswers,ssaquestions where userquestionanswers.question4 = ssaquestions.qid and username='******'";
string q5 = " userquestionanswers.id as id,userquestionanswers.question5 as question5, " +
"userquestionanswers.answer5 as answer5, " +
" userquestionanswers.question6 as question6,userquestionanswers.answer6 as answer6 from userquestionanswers " +
"where username ='******'";
string q6 = " userquestionanswers.id as id,userquestionanswers.question6 as questionid,ssaquestions.question as question,userquestionanswers.answer6 as answer6 from userquestionanswers,ssaquestions where userquestionanswers.question6 = ssaquestions.qid and username='******'";
// ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id");
ArrayList colNames = new ArrayList();
colNames.Add("id");
colNames.Add("questionid");
colNames.Add("question");
colNames.Add("answer");
ArrayList colNames2 = new ArrayList();
colNames2.Add("id");
colNames2.Add("question5");
colNames2.Add("answer5");
colNames2.Add("question6");
colNames2.Add("answer6");
ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id", colNames);
ArrayList q2hash = dbObj.getTableDataQuery(q2, null, "id", colNames);
ArrayList q3hash = dbObj.getTableDataQuery(q3, null, "id", colNames);
ArrayList q4hash = dbObj.getTableDataQuery(q4, null, "id", colNames);
ArrayList q5hash = dbObj.getTableDataQuery(q5, null, "id", colNames2);
if (q3hash.Count == 0)
{
resultlable.Text = "Please register with Security questions and answers";
return;
}
int j = 0;
//if (answer1.Text.Equals(QASecurity.Decryptdata(q1hash[3].ToString())))
//{
// j++;
//}
//if (answer2.Text.Equals(QASecurity.Decryptdata(q2hash[3].ToString())))
//{
// j++;
//}
//if (answer3.Text.Equals(QASecurity.Decryptdata(q3hash[3].ToString())))
//{
// j++;
//}
//if (answer4.Text.Equals(QASecurity.Decryptdata(q4hash[3].ToString())))
//{
// j++;
//}
//if (answer5.Text.Equals(QASecurity.Decryptdata(q5hash[2].ToString())))
//{
// j++;
//}
//if (answer6.Text.Equals(QASecurity.Decryptdata(q5hash[4].ToString())))
//{
// j++;
//}
if (j >= 3)
{
Response.Redirect("wer.aspx");
}
else
{
resultlable.Text = "Minimum 3 Answers should match, Please verify again";
return;
}
/*
* if (answer1.Text.Equals(q1hash[3].ToString()) && answer2.Text.Equals(q2hash[3].ToString()) && answer3.Text.Equals(q3hash[3].ToString()) && answer4.Text.Equals(q4hash[3].ToString()) && answer5.Text.Equals(q5hash[2].ToString()) && answer6.Text.Equals(q5hash[4].ToString()))
* {
* Response.Redirect("wer.aspx");
* }
* else
* {
* resultlable.Text = "Answers are not matching, Please verify again";
* return;
* }
*
*/
}
catch (Exception er)
{
}
}
protected void validateUserQAs()
{
string userid = null;
try
{
if (Session["userid"] != null)
{
userid = Session["userid"].ToString();
// displayuser.Text = "User: "******"username"].ToString();
}
else if (Session["forgetpwduser"] != null)
{
userid = Session["forgetpwduser"].ToString();
}
displayuser.Text = "User: "******"";
String str2 = "";
//if (QASecurity.Decryptdata(Label1.Attributes["answer1"].ToString()).Equals(answer1.Text, StringComparison.InvariantCultureIgnoreCase))
// {
// j++;
// }
// if (QASecurity.Decryptdata(Label2.Attributes["answer1"].ToString()).Equals(answer2.Text,StringComparison.InvariantCultureIgnoreCase))
// {
// j++;
// }
// if (QASecurity.Decryptdata(Label3.Attributes["answer1"].ToString()).Equals(answer3.Text, StringComparison.InvariantCultureIgnoreCase))
// {
// j++;
// }
if (QASecurity.Decryptdata(Session["answer1"].ToString()).Equals(answer1.Text, StringComparison.InvariantCultureIgnoreCase))
{
j++;
}
if (QASecurity.Decryptdata(Session["answer2"].ToString()).Equals(answer2.Text, StringComparison.InvariantCultureIgnoreCase))
{
j++;
}
if (QASecurity.Decryptdata(Session["answer3"].ToString()).Equals(answer3.Text, StringComparison.InvariantCultureIgnoreCase))
{
j++;
}
if (j >= 2)
{
//this is where SMS need to be send
ADUserDetails adObj = new ADUserDetails();
if (adObj.sendSMSDetails(userid))
{
Response.Redirect("ValidateOTP.aspx");
}
else
{
resultlable.Text = "Mobile number not available/configured, Please contact Administrator";
resultlable.ForeColor = System.Drawing.Color.Red;
}
//getuserMobileNo
}
else
{
// resultlable.Text = "Atleast 2 answers should match, Please verify again";
// ScriptManager.RegisterClientScriptBlock(this, this.GetType(), "alertMessage", "alert('Atleast 2 answers should match, Please verify again')", true);
//this.Page.EnableViewState = true;
Session.Add("answermismatch", "true");
Response.Redirect("RestPasswordQA.aspx", false);
//return;
}
/*
* if (answer1.Text.Equals(q1hash[3].ToString()) && answer2.Text.Equals(q2hash[3].ToString()) && answer3.Text.Equals(q3hash[3].ToString()) && answer4.Text.Equals(q4hash[3].ToString()) && answer5.Text.Equals(q5hash[2].ToString()) && answer6.Text.Equals(q5hash[4].ToString()))
* {
* Response.Redirect("wer.aspx");
* }
* else
* {
* resultlable.Text = "Answers are not matching, Please verify again";
* return;
* }
*
*/
}
catch (Exception er)
{
}
}
protected void validateUserQAs()
{
string username = null;
try
{
if (Session["userid"] != null)
{
username = Session["userid"].ToString();
}
String userid = QASecurity.Encryptdata(username);
DatabaseLayer dbObj = new DatabaseLayer();
string q1 = " userquestionanswers.id as id,userquestionanswers.question1 as questionid,ssaquestions.question as question,userquestionanswers.answer1 as answer from userquestionanswers,ssaquestions where userquestionanswers.question1 = ssaquestions.qid and username='******' and ssaquestions.qid=18";
string q2 = " userquestionanswers.id as id,userquestionanswers.question2 as questionid,ssaquestions.question as question,userquestionanswers.answer2 as answer from userquestionanswers,ssaquestions where userquestionanswers.question2 = ssaquestions.qid and username='******' and ssaquestions.qid=19";
//string q3 = "select userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
string q3 = " userquestionanswers.id as id,userquestionanswers.question3 as questionid,ssaquestions.question as question,userquestionanswers.answer3 as answer from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
//string q3 = " userquestionanswers.id,userquestionanswers.question3,ssaquestions.question,ssaquestions.question from userquestionanswers,ssaquestions where userquestionanswers.question3 = ssaquestions.qid and username='******'";
string q4 = " userquestionanswers.id as id,userquestionanswers.question4 as questionid,ssaquestions.question as question,userquestionanswers.answer4 as answer from userquestionanswers,ssaquestions where userquestionanswers.question4 = ssaquestions.qid and username='******'";
string q5 = " userquestionanswers.id as id,userquestionanswers.question5 as question5, " +
"userquestionanswers.answer5 as answer5, " +
" userquestionanswers.question6 as question6,userquestionanswers.answer6 as answer6 from userquestionanswers " +
"where username ='******'";
string q6 = " userquestionanswers.id as id,userquestionanswers.question6 as questionid,ssaquestions.question as question,userquestionanswers.answer6 as answer6 from userquestionanswers,ssaquestions where userquestionanswers.question6 = ssaquestions.qid and username='******'";
// ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id");
ArrayList colNames = new ArrayList();
colNames.Add("id");
colNames.Add("questionid");
colNames.Add("question");
colNames.Add("answer");
ArrayList colNames2 = new ArrayList();
colNames2.Add("id");
colNames2.Add("question5");
colNames2.Add("answer5");
colNames2.Add("question6");
colNames2.Add("answer6");
ArrayList q1hash = dbObj.getTableDataQuery(q1, null, "id", colNames);
ArrayList q2hash = dbObj.getTableDataQuery(q2, null, "id", colNames);
ArrayList q3hash = dbObj.getTableDataQuery(q3, null, "id", colNames);
ArrayList q4hash = dbObj.getTableDataQuery(q4, null, "id", colNames);
ArrayList q5hash = dbObj.getTableDataQuery(q5, null, "id", colNames2);
question5.Text = QASecurity.Decryptdata(q5hash[1].ToString());
question6.Text = QASecurity.Decryptdata(q5hash[3].ToString());
questionSet1.SelectedValue = q3hash[1].ToString();
questionSet2.SelectedValue = q4hash[1].ToString();
//answer1.Text= q1hash[3].ToString();
answer1.Attributes["value"] = QASecurity.Encryptdata(q1hash[3].ToString());
//answer2.Attributes["value"] = q2hash[3].ToString();
answer2.Attributes["value"] = QASecurity.Encryptdata(q2hash[3].ToString());
//answer2.Text= q2hash[3].ToString();
//answer3.Text = q3hash[3].ToString();
answer3.Attributes["value"] = QASecurity.Encryptdata(q3hash[3].ToString());
// answer4.Text=q4hash[3].ToString();
answer4.Attributes["value"] = QASecurity.Encryptdata(q4hash[3].ToString());
//answer5.Text=q5hash[2].ToString();
answer5.Attributes["value"] = QASecurity.Encryptdata(q5hash[2].ToString());
//answer6.Text=q5hash[4].ToString();
answer6.Attributes["value"] = QASecurity.Encryptdata(q5hash[4].ToString());
}
catch (Exception er)
{
}
}
protected bool validateOTP()
{
SSAErrorLog logObj = new SSAErrorLog();
string userid = null;
try
{
if (Session["userid"] != null)
{
userid = Session["userid"].ToString();
}
else if (Session["forgetpwduser"] != null)
{
userid = Session["forgetpwduser"].ToString();
}
DatabaseLayer dataObj = new DatabaseLayer();
userid = QASecurity.Encryptdata(userid);
ArrayList colNames = new ArrayList();
colNames.Add("iduserotp");
colNames.Add("username");
colNames.Add("otp");
colNames.Add("otpcreatedatetime");
colNames.Add("otpactivate");
Hashtable updateHash = new Hashtable();
updateHash.Add("otpactivate", 1);
ArrayList resulthash = dataObj.getTableDataQuery("iduserotp,username,otp,otpcreatedatetime,otpactivate from userotp where username='******'", null, "iduserotp", colNames);
string dbotp = resulthash[2].ToString();
logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "User idd " + userid + " << dbotp >>>" + dbotp);
DateTime otpdateObj = Convert.ToDateTime(resulthash[3].ToString());
string activate = resulthash[4].ToString();
DateTime current = DateTime.Now;
TimeSpan ts = current - otpdateObj;
int mins = ts.Minutes;
logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "difference mins " + mins);
string otpvalidation = ConfigurationManager.AppSettings["otpdurationvalidation"].ToString();
string otpdurationinmins = ConfigurationManager.AppSettings["otpdurationinmins"].ToString();
int otpduration = Convert.ToInt32(otpdurationinmins);
logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "otpduration " + otpduration);
if (otpvalidation.Equals("yes"))
{
if (mins > otpduration)
{
return(false);
}
}
if (dbotp.Equals(otpval.Text) && activate.Equals("False"))
{
//Response.Redirect("wer.aspx");
logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), "done ");
//here it shoud deactivate the OTP, update the table
//dataObj.updateTableData("userotp", updateHash, "username='******'");
return(true);
}
else
{
logObj.ErrorLog(ConfigurationManager.AppSettings["logfilepath"].ToString(), " none ");
return(false);
}
//dataObj.getTableData("",
}
catch (Exception er)
{
return(false);
}
}