protected void changePasswordButton_Click(object sender, EventArgs e)
{
string pass = enterNewPasswordTB.Text;
// This is where the database password change would be made
InputValidation iv = new InputValidation();
bool vPass = iv.VAlphaNum(pass);
if (pass != confirmNewPasswordTB.Text)
{
errorPassU1.Text = "The passwords do not match";
}
else if (pass == String.Empty)
{
errorPassU1.Text = "All fields are required";
}
else if (pass.Length < 6)
{
errorPassU1.Text = "Password must be at least 6 characters";
}
else if (!vPass)
{
errorPassU1.Text = "a-Z and 0-9 only";
}
else if (pass.Length > 6 && vPass && pass == confirmNewPasswordTB.Text)
{
ShowNewUser();
string constr = ConfigurationManager.ConnectionStrings["CS414_FasTestConnectionString"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Update_Password"))
{
// Pass the values entered to the database procedure
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@pUserID", ViewState["userID"]);
cmd.Parameters.AddWithValue("@pSalt", CryptoService.GenerateSalt());
cmd.Parameters.AddWithValue("@pNewPassword", CryptoService.ComputePasswordHash(pass));
cmd.Connection = con;
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
}
errorPassU1.Text = string.Empty;
ShowNewUser();
}
}
protected void btnAddNewUser_Click(object sender, EventArgs e)
{
string pass = tbPassword.Text;
string fName = tbFirstName.Text;
string lName = tbLastName.Text;
InputValidation iv = new InputValidation();
bool vPass = iv.VAlphaNum(pass);
bool vfName = iv.VAlpha(fName);
bool vlName = iv.VAlpha(lName);
if (pass == String.Empty || fName == String.Empty || lName == String.Empty || pass.Length < 6)
{
if (pass == String.Empty || fName == String.Empty || lName == String.Empty)
{
error1.Text = "All fields are required";
}
else if (pass.Length < 6)
{
error3.Text = "Password must be at least 6 characters";
}
}
else if (!vPass || vfName || vlName)
{
if (vPass)
{
error3.Text = string.Empty;
}
else if (!vPass)
{
error3.Text = "a-Z and 0-9 only";
}
if (vfName)
{
error1.Text = "Names can only be alphabetic";
}
if (vlName)
{
error1.Text = "Names can only be alphabetic";
}
}
else if (vPass && !vlName && !vfName)
{
string constr = ConfigurationManager.ConnectionStrings["CS414_FasTestConnectionString"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Add_User"))
{
// Pass the values entered to the database procedure
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@pPassword", CryptoService.ComputePasswordHash(pass));
cmd.Parameters.AddWithValue("@pSalt", CryptoService.GenerateSalt());
int credentialLevel = Convert.ToInt32(sctCredentialLevel.SelectedValue);
cmd.Parameters.AddWithValue("@pCredentialLevel", credentialLevel);
cmd.Parameters.AddWithValue("@pFirstName", fName);
cmd.Parameters.AddWithValue("@pLastName", lName);
cmd.Connection = con;
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
}
error1.Text = String.Empty;
Response.Redirect("Users.aspx");
}
else
{
error1.Text = "Alpha numeric characters only";
}
}
