public PageInfo(string Title, string Name, bool fNewPage = false)
{
this.Title = Title;
this.Name = Name;
this.fNewPage = fNewPage;
this.AccessLevel = PageAccess.AccessLevel(Name);
}
private void LeftMenuItem(String ItemName, String WebPage, PageAccess.AccessLevels AccessLevel = PageAccess.AccessLevels.General, bool fNewPage = false)
{
if (g.UserAccessLevel >= AccessLevel)
{
string ClassName = "MenuButton";
string Target = (fNewPage ? " target=availability" : "");
Response.Write(
Tabs(6) + "<tr><td class=\"" + ClassName + "\" onMouseOver=\"ClassOver(this);\" " +
"onMouseOut=\"ClassOut(this);\" onClick=\"OpenPage('" + WebPage + "');\" nowrap>" +
"<a href=\"" + WebPage + "\" onclick=\"fSkipOpen = true;\"" + Target + ">" + ItemName + "</a></td></tr>\n");
}
}
protected void GetData(string userNameLabel)
{
string userName = getUserNameFromListFormatStyle(userNameLabel);
string Sql = string.Format("Select * From Users Where UserName = {0}", DB.PutStr(userName));
ClearData();
try
{
DataRow dr = db.DataRow(Sql);
if (dr != null)
{
txtCurrUser.Value = listFormatStyle(DB.Str(dr["UserCommonName"]), DB.Str(dr["UserName"]));
txtUserCommonName.Text = DB.Str(dr["UserCommonName"]);
txtUserName.Text = DB.Str(dr["UserName"]);
PageAccess.AccessLevels AccessLevel = (PageAccess.AccessLevels)DB.Int32(dr["AccessLevel"]);
switch (AccessLevel)
{
case PageAccess.AccessLevels.General:
rdoGeneral.Checked = true;
break;
case PageAccess.AccessLevels.OfficeStaff:
rdoOfficeStaff.Checked = true;
break;
case PageAccess.AccessLevels.Everything:
rdoEverything.Checked = true;
break;
case PageAccess.AccessLevels.Admin:
rdoAdmin.Checked = true;
break;
}
chkDisabled.Checked = DB.Bool(dr["DisabledFlg"]);
txtCreatedDt.Text = Fmt.DtTm(DB.DtTm(dr["CreatedDtTm"]));
txtCreatedUser.Text = DB.Str(dr["CreatedUser"]);
txtUpdatedDt.Text = Fmt.DtTm(DB.DtTm(dr["UpdatedDtTm"]));
txtUpdatedUser.Text = DB.Str(dr["UpdatedUser"]);
}
btnDelete.Enabled = true;
btnDelete.ToolTip = "";
}
catch (Exception Ex)
{
Err Err = new Err(Ex, Sql);
Response.Write(Err.Html());
}
}
protected void SaveData()
{
string listUserFormat = txtCurrUser.Value;
string userName = string.IsNullOrEmpty(listUserFormat) ? "" : getUserNameFromListFormatStyle(listUserFormat);
string Sql = string.Empty;
bool editingSelf = userName.Equals(g.User) ? true : false;
try
{
Sql = string.Format("Select Count(*) From Users Where UserName = {0}", DB.PutStr(txtUserName.Text));
DateTime Tm = DateTime.Now;
if (txtUserName.Text != userName)
{
if (db.SqlNum(Sql) > 0)
{
fError = true;
ErrorMsg = string.Format("There is already a user named <b>{0}</b>. Please choose another name.", txtUserName.Text);
}
else
{
if (userName.Length == 0)
{
string salt = UserHelper.GeneratePasswordSalt();
string passwordHashed = UserHelper.Generate256HashOnString(txtPassword.Text + salt);
Sql = string.Format(
"Insert Into Users (UserName, PasswordSalt, Password, CreatedDtTm, CreatedUser) Values ({0}, {1}, {2}, {3}, {4})",
DB.PutStr(txtUserName.Text),
DB.PutStr(salt),
DB.PutStr(passwordHashed),
DB.PutDtTm(Tm),
DB.PutStr(g.User));
db.SqlNum(Sql);
userName = txtUserName.Text;
}
}
}
if (chkChangePassword.Checked)
{
if (string.IsNullOrEmpty(txtPassword.Text))
{
fError = true;
ErrorMsg = "New password cannot be blank.";
}
else if (txtPassword.Text != txtRetypePassword.Text)
{
fError = true;
ErrorMsg = "The new passwords do not match.";
}
}
// if there wasn't an error
if (!fError)
{
string salt = UserHelper.GetSaltForUser(userName);
string passwordKey = UserHelper.GetPasswordKeyForUser(userName);
string passwordValue = string.IsNullOrEmpty(txtPassword.Text) ? passwordKey : UserHelper.Generate256HashOnString(txtPassword.Text + salt);
PageAccess.AccessLevels AccessLevel = PageAccess.AccessLevels.General;
if (rdoGeneral.Checked)
{
AccessLevel = PageAccess.AccessLevels.General;
}
else if (rdoOfficeStaff.Checked)
{
AccessLevel = PageAccess.AccessLevels.OfficeStaff;
}
else if (rdoEverything.Checked)
{
AccessLevel = PageAccess.AccessLevels.Everything;
}
else if (rdoAdmin.Checked)
{
AccessLevel = PageAccess.AccessLevels.Admin;
}
// update the values
Sql = string.Format(
"Begin Transaction\n" +
"Update Users Set " +
"UserName = {1}, " +
"UserCommonName = {2}, " +
"Password = {3}, " +
"AccessLevel = {4}, " +
"DisabledFlg = {5}, " +
"UpdatedDtTm = {6}, " +
"UpdatedUser = {7} " +
"Where UserName = {0}\n",
DB.PutStr(userName),
DB.PutStr(txtUserName.Text),
DB.PutStr(txtUserCommonName.Text),
DB.PutStr(passwordValue),
(Int32)AccessLevel,
DB.PutBool(chkDisabled.Checked),
DB.PutDtTm(Tm),
DB.PutStr(g.User));
Sql += "Commit Transaction";
db.Exec(Sql);
if (editingSelf)
{
Session["User"] =
g.User = txtUserName.Text;
//Response.Cookies["User"].Value = txtUserName.Text;
}
chkChangePassword.Checked = false;
txtPassword.Text =
txtRetypePassword.Text = string.Empty;
StartHere = listFormatStyle(txtUserCommonName.Text, txtUserName.Text);
}
//}
}
catch (Exception Ex)
{
Err Err = new Err(Ex, Sql);
Response.Write(Err.Html());
}
}
