protected void btnEncrypt_Click(object sender, EventArgs e)
{
string input = txtEncryptDecrypt.Text;
if (input != "")
{
AllServices.ServiceSOAPClient myProxy = new AllServices.ServiceSOAPClient("SOAPEndpoint");
string result = myProxy.Encrypt(input);
myProxy.Close();
txtEncryptDecrypt.Text = result;
}
else
{
txtEncryptDecrypt.Text = "Error: Invalid Input";
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
// Invalidate any current login.
Session["name"] = null;
Session["username"] = null;
Session["admin"] = null;
Session["staff"] = null;
string membersPath = Path.Combine(HttpContext.Current.Request.PhysicalApplicationPath, @"App_Data\Members.xml");
XmlDocument membersDoc = new XmlDocument();
try
{
membersDoc.Load(membersPath);
}
catch (Exception ex)
{
return;
}
string username = txtUsername.Text;
string password = txtPassword.Text;
AllServices.ServiceSOAPClient myProxy = new AllServices.ServiceSOAPClient("SOAPEndpoint");
string encryptedUsername = myProxy.Encrypt(username);
string encryptedPassword = myProxy.Encrypt(password);
myProxy.Close();
XmlNodeList members = membersDoc.SelectNodes("Members/Member");
// Check if member exists and password is valid.
Boolean exists = false;
for (int i = 0; i < members.Count; i++)
{
string user = members[i].ChildNodes.Item(1).InnerText;
if (user.Equals(encryptedUsername))
{
exists = true;
if (members[i].ChildNodes.Item(2).InnerText == encryptedPassword)
{
/* PERFORM LOGIN STUFF HERE. USERNAME AND PASSWORD MATCHES. */
myProxy = new AllServices.ServiceSOAPClient("SOAPEndpoint");
string name = myProxy.Decrypt(members[i].ChildNodes.Item(0).InnerText);
Session["name"] = (object) name;
Session["username"] = (object) username;
// Load staff XML and see if user is staff member.
string staffPath = Path.Combine(HttpContext.Current.Request.PhysicalApplicationPath, @"App_Data\Staff.xml");
XmlDocument staffDoc = new XmlDocument();
try
{
staffDoc.Load(staffPath);
}
catch (Exception ex)
{
return;
}
XmlNodeList staff = staffDoc.SelectNodes("Staff/Member");
for (int j = 0; j < staff.Count; j++)
{
if (staff[j].ChildNodes.Item(0).InnerText.Equals(encryptedUsername))
{
if (staff[j].ChildNodes.Item(1).InnerText == "true")
{
Session["admin"] = (object) true;
}
if (staff[j].ChildNodes.Item(2).InnerText == "true")
{
Session["staff"] = (object) true;
}
break;
}
}
Update();
statusMessage.Text = "Successful Login!";
Server.Transfer("~/Members/Members.aspx");
}
else
{
statusMessage.Text = "Error: Password incorrect.";
}
break;
}
}
if (!exists)
{
statusMessage.Text = "Error: Username does not exist.";
}
}
protected void submit_Click(object sender, EventArgs e)
{
string username = txtUsername.Text;
if (username == "admin")
{
lblResult.Text = "Error: Cannot edit Admin permissions.";
}
else if (username == (string)Session["username"])
{
lblResult.Text = "Error: Cannot edit your own permissions.";
}
else
{
string membersPath = Path.Combine(HttpContext.Current.Request.PhysicalApplicationPath, @"App_Data\Members.xml");
string staffPath = Path.Combine(HttpContext.Current.Request.PhysicalApplicationPath, @"App_Data\Staff.xml");
XmlDocument membersDoc = new XmlDocument();
XmlDocument staffDoc = new XmlDocument();
try
{
membersDoc.Load(membersPath);
staffDoc.Load(staffPath);
}
catch (Exception ex)
{
lblResult.Text = "Error: Could not load members/staff XML files.";
return;
}
AllServices.ServiceSOAPClient myProxy = new AllServices.ServiceSOAPClient("SOAPEndpoint");
string encryptedUsername = myProxy.Encrypt(username);
myProxy.Close();
XmlNodeList members = membersDoc.SelectNodes("Members/Member");
bool memberExists = false;
bool isStaff = false;
for (int i = 0; i < members.Count; i++)
{
string user = members[i].ChildNodes.Item(1).InnerText;
if (user.Equals(encryptedUsername))
{
memberExists = true;
XmlNodeList staff = staffDoc.SelectNodes("Staff/Member");
for (int j = 0; j < staff.Count; j++)
{
if (staff[j].ChildNodes.Item(0).InnerText.Equals(encryptedUsername))
{
isStaff = true;
// Staff member should be deleted.
if (!checkAdmin.Checked && !checkStaff.Checked)
{
XmlNode node = staffDoc.SelectSingleNode("Staff/Member[Username='******']");
node.ParentNode.RemoveChild(node);
staffDoc.Save(staffPath);
lblResult.Text = "Staff member removed.";
}
// Staff member should be updated.
else
{
if (checkAdmin.Checked)
{
staff[j].ChildNodes.Item(1).InnerText = "true";
}
else
{
staff[j].ChildNodes.Item(1).InnerText = "false";
}
if (checkStaff.Checked)
{
staff[j].ChildNodes.Item(2).InnerText = "true";
}
else
{
staff[j].ChildNodes.Item(2).InnerText = "false";
}
staffDoc.Save(staffPath);
lblResult.Text = "Staff member permissions updated.";
}
break;
} // end if (staff member found)
} // End staff for loop
}// end if (member was found)
} // End members for loop
if (!memberExists)
{
lblResult.Text = "Error: Username does not exist and cannot be modified.";
}
if (memberExists && !isStaff)
{
if (checkAdmin.Checked || checkStaff.Checked)
{
XmlNode root = staffDoc.SelectSingleNode("Staff");
XmlElement newStaff = staffDoc.CreateElement("Member");
XmlElement newUsername = staffDoc.CreateElement("Username");
XmlText usernameText = staffDoc.CreateTextNode(encryptedUsername);
newUsername.AppendChild(usernameText);
XmlElement adminAuthorized = staffDoc.CreateElement("AdminAuthorized");
XmlText adminText = staffDoc.CreateTextNode(checkAdmin.Checked.ToString().ToLower());
adminAuthorized.AppendChild(adminText);
XmlElement staffAuthorized = staffDoc.CreateElement("StaffAuthorized");
XmlText staffText = staffDoc.CreateTextNode(checkStaff.Checked.ToString().ToLower());
staffAuthorized.AppendChild(staffText);
newStaff.AppendChild(newUsername);
newStaff.AppendChild(adminAuthorized);
newStaff.AppendChild(staffAuthorized);
root.AppendChild(newStaff);
staffDoc.Save(staffPath);
lblResult.Text = "Member promoted to staff and permissions set.";
}
else
{
lblResult.Text = "No permissions selected.";
}
}
}
Update();
}
protected void btnCreateAccount_Click(object sender, EventArgs e)
{
string path = Path.Combine(HttpContext.Current.Request.PhysicalApplicationPath, @"App_Data\Members.xml");
XmlDocument doc = new XmlDocument();
try
{
doc.Load(path);
}
catch (Exception ex)
{
return;
}
string name = txtFullName.Text;
string username = txtUsername.Text;
string password = txtPassword.Text;
if (username.Length < 6 || password.Length < 6 || name.Length == 0)
{
statusMessage.Text = "Error: Username/Password must be at least 6 characters, and name must not be empty.";
return;
}
AllServices.ServiceSOAPClient myProxy = new AllServices.ServiceSOAPClient("SOAPEndpoint");
string encryptedName = myProxy.Encrypt(name);
string encryptedUsername = myProxy.Encrypt(username);
string encryptedPassword = myProxy.Encrypt(password);
myProxy.Close();
XmlNodeList members = doc.SelectNodes("Members/Member");
Boolean exists = false;
for (int i = 0; i < members.Count; i++)
{
string user = members[i].ChildNodes.Item(1).InnerText;
if (user.Equals(encryptedUsername))
{
exists = true;
break;
}
}
if (!exists)
{
XmlNode root = doc.SelectSingleNode("Members");
XmlElement newMember = doc.CreateElement("Member");
XmlElement newName = doc.CreateElement("Name");
XmlText nameText = doc.CreateTextNode(encryptedName);
newName.AppendChild(nameText);
XmlElement newUsername = doc.CreateElement("Username");
XmlText usernameText = doc.CreateTextNode(encryptedUsername);
newUsername.AppendChild(usernameText);
XmlElement newPassword = doc.CreateElement("Password");
XmlText passwordText = doc.CreateTextNode(encryptedPassword);
newPassword.AppendChild(passwordText);
newMember.AppendChild(newName);
newMember.AppendChild(newUsername);
newMember.AppendChild(newPassword);
root.AppendChild(newMember);
doc.Save(path);
statusMessage.Text = "Success. Now go Home and login.";
Server.Transfer("./Login.aspx");
}
else
{
statusMessage.Text = "Username already exists. Please choose another.";
}
}
protected void remove_Click(object sender, EventArgs e)
{
bool memberRemoved = false;
string username = txtUsername.Text;
if (username == "admin")
{
lblResult.Text = "ERROR: Cannot remove Admin account.";
return;
}
else if (username == (string)Session["username"])
{
lblResult.Text = "ERROR: Cannot remove your own account.";
return;
}
else
{
string membersPath = Path.Combine(HttpContext.Current.Request.PhysicalApplicationPath, @"App_Data\Members.xml");
string staffPath = Path.Combine(HttpContext.Current.Request.PhysicalApplicationPath, @"App_Data\Staff.xml");
XmlDocument membersDoc = new XmlDocument();
XmlDocument staffDoc = new XmlDocument();
try
{
membersDoc.Load(membersPath);
staffDoc.Load(staffPath);
}
catch (Exception ex)
{
lblResult.Text = "Error: Could not load members/staff XML files.";
return;
}
AllServices.ServiceSOAPClient myProxy = new AllServices.ServiceSOAPClient("SOAPEndpoint");
string encryptedUsername = myProxy.Encrypt(username);
myProxy.Close();
XmlNodeList staff = staffDoc.SelectNodes("Staff/Member");
XmlNodeList members = membersDoc.SelectNodes("Members/Member");
for (int i = 0; i < staff.Count; i++)
{
if (staff[i].ChildNodes.Item(0).InnerText == encryptedUsername)
{
lblResult.Text = "Error: Cannot remove another Staff account. Edit permissions (Staff page 1) then remove.";
return;
}
}
for (int i = 0; i < members.Count; i++)
{
if (members[i].ChildNodes.Item(1).InnerText == encryptedUsername)
{
XmlNode node = membersDoc.SelectSingleNode("Members/Member[Username='******']");
node.ParentNode.RemoveChild(node);
membersDoc.Save(membersPath);
memberRemoved = true;
}
}
}
if (memberRemoved)
{
lblResult.Text = "Member Removed.";
}
else
{
lblResult.Text = "Member not found.";
}
Update();
}