/// <summary>
/// Calculating hash and submitting form after the send button is clicked
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnSend_Click(object sender, EventArgs e)
{
string formScript = "<script language=\"javascript\" type=\"text/javascript\">" +
"document.getElementById('{0}').submit();" +
"</script>";
string formName = "form1";
string formAction = "https://test.ipg-online.com/connect/gateway/processing";
//if timezone isn't specified, will get local timezone and put it into textbox in the web form
if (this.timezone.Text.Equals(String.Empty))
{
String[] TimeZoneDispNameSplit = TimeZoneInfo.Local.DisplayName.Split(' ');
this.timezone.Text = Regex.Replace(TimeZoneDispNameSplit[0], @"[)(]", String.Empty);;
}
//if date and time isn't specified, will get actual date and time and put it into textbox in the web form
if (this.txndatetime.Text.Equals(String.Empty))
{
this.txndatetime.Text = DateTime.Now.ToString(@"yyyy\:MM\:dd-HH\:mm\:ss");
}
//hash
var StringToHash = this.storename.Text + this.txndatetime.Text + this.chargetotal.Text + this.currency.Text + this.sharedsecret.Text;
//calculate hash value and put it into textbox in the web form
string hash = CalculateHash.calculateHashFromString(new StringBuilder(StringToHash), this.hash_algorithm.Text);
this.hash.Text = hash;
ltrForm.Text = string.Format("<form id=\"{0}\" name=\"{0}\" method=\"post\" action=\"{1}\">", formName, formAction) + AllInputTagsString() + "</form>";
ltrScript.Text = string.Format(formScript, formName);
}
/// <summary>
/// Calculating extended hash and submitting form after the send button is clicked
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnSend_Click(object sender, EventArgs e)
{
string formScript = "<script language=\"javascript\" type=\"text/javascript\">" +
"document.getElementById('{0}').submit();" +
"</script>";
string formName = "form1";
string formAction = "https://test.ipg-online.com/connect/gateway/processing";
//if timezone isn't specified, will get local timezone and put it into textbox in the web form
if (this.timezone.Text.Equals(String.Empty))
{
String[] TimeZoneDispNameSplit = TimeZoneInfo.Local.DisplayName.Split(' ');
this.timezone.Text = Regex.Replace(TimeZoneDispNameSplit[0], @"[)(]", String.Empty);;
}
//if date and time isn't specified, will get actual date and time and put it into textbox in the web form
if (this.txndatetime.Text.Equals(String.Empty))
{
this.txndatetime.Text = DateTime.Now.ToString(@"yyyy\:MM\:dd-HH\:mm\:ss");
}
//get dictionary containing all fields from web form (ID,value)
var allComponents = GetAllFormComponents();
//calcualte extended hash from sorted web form fields and update hashExtended value in web form and dictionary
string hashExtended = CalculateHash.calculateHashFromString(new StringBuilder(StringToHashExtended(allComponents)), this.hash_algorithm.Text);
this.hashExtended.Text = hashExtended;
allComponents["hashExtended"] = hashExtended;
ltrForm.Text = string.Format("<form id=\"{0}\" name=\"{0}\" method=\"post\" action=\"{1}\">", formName, formAction) + AllInputTagstring(allComponents) + "</form>";
ltrScript.Text = string.Format(formScript, formName);
}
protected void Page_Load(object sender, EventArgs e)
{
if ((Session["BESTUDENT"].ToString()) != null)
{
BusinessEntities.BEStudent objBEStudent = (BusinessEntities.BEStudent)Session["BESTUDENT"];
Amount = objBEStudent.decAmount.ToString();
fActionPage = System.Configuration.ConfigurationManager.AppSettings["ActionPage"].ToString();
xlogin = System.Configuration.ConfigurationManager.AppSettings["xlogin"].ToString();
TransactionKey = System.Configuration.ConfigurationManager.AppSettings["TransactionKey"].ToString();
SequenceNumber = System.Configuration.ConfigurationManager.AppSettings["SequenceNumber"].ToString();
DateTime unixStart = DateTime.SpecifyKind(new DateTime(1970, 1, 1), DateTimeKind.Utc);
Timestamp = (long)Math.Floor((DateTime.UtcNow - unixStart).TotalSeconds);
Hashcode = CalculateHash.GenerateHash(TransactionKey, xlogin, SequenceNumber, Timestamp.ToString(), Amount, "");
objBEStudent = null;
objBEStudent = new BusinessEntities.BEStudent();
BLL.BStudent objBStudent = new BLL.BStudent();
objBEStudent.IntUserID = Convert.ToInt32(Session[BaseClass.EnumPageSessions.USERID].ToString());
objBStudent.BGetStudentName(objBEStudent);
strFirstName = objBEStudent.DtResult.Rows[0]["FirstName"].ToString();
strLastName = objBEStudent.DtResult.Rows[0]["LastName"].ToString();
objBEStudent = null;
objBStudent = null;
}
else
{
Response.Redirect("ScheduleAnExam.aspx");
}
}
public ActionResult <InterfaceUtilizador> Authenticate([Bind] UserAuthenticationDto userDto)
{
lock (_system)
{
InterfaceUtilizador user = null;
int typeOfUser = _system.TypeUser(userDto.email);
string token = CalculateHash.GetHashString(userDto.email + DateTime.Now);
if (typeOfUser != -1)
{
switch (typeOfUser)
{
case 0:
{
user = (Cliente)_system.Authenticate(userDto.email, userDto.password, token);
break;
}
case 1:
{
user = (Instrutor)_system.Authenticate(userDto.email, userDto.password, token);
break;
}
case 2:
{
user = (Rececionista)_system.Authenticate(userDto.email, userDto.password, token);
break;
}
}
}
if (user == null || typeOfUser == -1)
{
return(Unauthorized(new
{
message = "Credentials are wrong..."
}));
}
StringBuilder a = new StringBuilder()
.Append("{")
.Append("\"token\":\"")
.Append(token)
.Append("\",\"user\":")
.Append(JsonSerializer.Serialize(user, user.GetType()))
.Append("}");
return(Ok(a.ToString()));
}
}
public InterfaceUtilizador LogIn(string email, string passInserida, string token)
{
DateTime today = DateTime.Now;
DateTime time_to_expire = today.AddDays(5);
int typeUser = TypeUser(email); // 0 - Cliente, 1 - Instrutor, 2 - Rececionista
if (typeUser == -1)
{
return(null);
}
try
{
if (connection.State == ConnectionState.Closed)
{
connection.Open();
}
string hashPass = CalculateHash.GetHashString(passInserida);
MySqlCommand command;
string sqlCommand;
switch (typeUser)
{
// Cliente
case 0:
{
sqlCommand = "select * from Cliente where email = @EMAIL";
command = new MySqlCommand(sqlCommand, connection);
command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar));
command.Parameters["@EMAIL"].Value = email;
MySqlDataReader reader = command.ExecuteReader();
reader.Read();
string hashUser = reader.GetString(3);
if (hashUser.Equals(hashPass))
{
Cliente user = new Cliente(email, reader.GetInt32(1), reader.GetString(2),
reader.GetInt16(5),
reader.GetDateTime(4), reader.GetString(7), reader.GetString(6));
// Adicionar o Cliente à tabela de utilizadores online...
reader.Close();
sqlCommand = "insert into UtilizadoresOnline values (@EMAIL, @TIME_TO_EXPIRE, @TOKEN)";
command = new MySqlCommand(sqlCommand, connection);
command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar));
command.Parameters["@EMAIL"].Value = email;
command.Parameters.Add(new MySqlParameter("@TIME_TO_EXPIRE", MySqlDbType.DateTime));
command.Parameters["@TIME_TO_EXPIRE"].Value = time_to_expire;
command.Parameters.Add(new MySqlParameter("@TOKEN", MySqlDbType.VarChar));
command.Parameters["@TOKEN"].Value = token;
command.ExecuteScalar();
return(user);
}
reader.Close();
break;
}
// Instrutor
case 1:
{
sqlCommand = "select * from Instrutor where email = @EMAIL";
command = new MySqlCommand(sqlCommand, connection);
command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar));
command.Parameters["@EMAIL"].Value = email;
MySqlDataReader reader = command.ExecuteReader();
reader.Read();
string hashUser = reader.GetString(3);
if (hashUser.Equals(hashPass))
{
Instrutor user = new Instrutor(email, reader.GetInt32(1), reader.GetString(2),
reader.GetInt16(5), reader.GetDateTime(4), reader.GetString(6));
reader.Close();
// Adicionar o Cliente à tabela de utilizadores online...
sqlCommand = "insert into UtilizadoresOnline values (@EMAIL, @TIME_TO_EXPIRE, @TOKEN)";
command = new MySqlCommand(sqlCommand, connection);
command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar));
command.Parameters["@EMAIL"].Value = email;
command.Parameters.Add(new MySqlParameter("@TIME_TO_EXPIRE", MySqlDbType.DateTime));
command.Parameters["@TIME_TO_EXPIRE"].Value = time_to_expire;
command.Parameters.Add(new MySqlParameter("@TOKEN", MySqlDbType.VarChar));
command.Parameters["@TOKEN"].Value = token;
command.ExecuteScalar();
return(user);
}
reader.Close();
break;
}
// Rececionista
case 2:
{
sqlCommand = "select * from Rececionista where email = @EMAIL";
command = new MySqlCommand(sqlCommand, connection);
command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar));
command.Parameters["@EMAIL"].Value = email;
MySqlDataReader reader = command.ExecuteReader();
reader.Read();
string hashUser = reader.GetString(3);
if (hashUser.Equals(hashPass))
{
Rececionista user = new Rececionista(email, reader.GetInt32(1), reader.GetString(2),
reader.GetInt16(5), reader.GetDateTime(4), reader.GetString(6));
reader.Close();
// Adicionar o Cliente à tabela de utilizadores online...
sqlCommand = "insert into UtilizadoresOnline values (@EMAIL, @TIME_TO_EXPIRE, @TOKEN)";
command = new MySqlCommand(sqlCommand, connection);
command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar));
command.Parameters["@EMAIL"].Value = email;
command.Parameters.Add(new MySqlParameter("@TIME_TO_EXPIRE", MySqlDbType.DateTime));
command.Parameters["@TIME_TO_EXPIRE"].Value = time_to_expire;
command.Parameters.Add(new MySqlParameter("@TOKEN", MySqlDbType.VarChar));
command.Parameters["@TOKEN"].Value = token;
command.ExecuteScalar();
return(user);
}
reader.Close();
break;
}
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
connection.Close();
}
return(null);
}
