protected void Page_LoadComplete(object sender, EventArgs e)
{
if (IsPostBack)
{
if (emailid.Value.Length == 0)
{
ltrMsg.Text = "EMail address can not be blank.";
}
else
{
BestUser bsUser = new BestUser();
bsUser.LoadRows("emailid=?", "emailid", emailid.Value, "username");
bsUser.currentRowId = 0;
try
{
if (!bsUser.CurrentRow.IsNew)
{
bsUser.overrideEdit = true;
string randPwd = RandomString(8);
bsUser.password = Utils.GetMD5Hash(randPwd);
bsUser.passwordExpiration = DateTime.Today.AddDays(7);
CurrentUser CUser = new CurrentUser(bsUser.userName);
if (bsUser.CurrentRow.Save())
{
ltrMsg.Text = "Password Reset done and an email sent to you. <a href=\"Login.aspx\">Please Login</a>" ;
CUser.emailUtil.Send(bsUser.emailId, "BLC Login Information", @"<h2>Password Reset</h2><br><h3>Your login information is enclosed.</h3>
<b>Accessing Your Account</b><br>
Step 1:<br>
Click the link below or enter the URL below into your web browser<br>
Address: <a href=""http://best.vasbal.com"">Bali Learning Center Login</a><br><br>
Step 2:<br>
Enter the following user name and temporary password.<br>
User Name: <b>" + bsUser.userName + @"</b><br>
Password: <b>" + randPwd + @"</b><br><br>
<h3>This temporary password expires in 24 hours.</h3><br><br>
You will be prompted to change your user name and password during your initial log in as well as answer a few security related questions. <br>
<br>
<br>
<br>
Thank you,<br>
Bali Learning Center", bsUser.firstName + " " + bsUser.lastName);
}
}
}
catch (Exception ex)
{
ltrMsg.Text = ex.Message;
}
}
}
}
protected void Page_LoadComplete(object sender, EventArgs e)
{
if (IsPostBack)
{
if (string.IsNullOrEmpty(txtUserName.Text))
{
ltrValidateMsg.Text = Utils.WarningMessage("User Name is Required.");
}
else if (string.IsNullOrEmpty(txtPassword.Text))
{
ltrValidateMsg.Text = Utils.WarningMessage("Password is Required.");
}
else
{
// validate the password
CurrentUser cu = new CurrentUser(txtUserName.Text);
if (txtPassword.Text.Trim() != "") //Distributed password attack mitigation
{
BestSuspicion bsusp = new BestSuspicion();
Int32 passScore = bsusp.GetScore(txtPassword.Text);
cu.SleepWithMax(passScore * 5, 20000);
}
if (cu.loginIsValid(txtPassword.Text))
{
Guid sessguid = Guid.NewGuid();
HttpContext.Current.Session["SessionGuid"] = sessguid;
logLogin(txtUserName.Text, true, sessguid);
HttpContext.Current.Session["CurrentUser"] = cu;
if (cu.BestUser.initialPassword)
{
Response.Redirect("InitialPasswordChage.aspx");
}
else
{
cu.BestUser.IsLoggedIn = true;
Response.Redirect("Dashboard.aspx?ms=1");
}
}
else
{
logLogin(txtUserName.Text, false, null);
ltrValidateMsg.Text = Utils.WarningMessage(cu.Error.Message);
}
}
}
else
{
txtPassword.Text = "";
txtUserName.Text = "";
}
}