protected void btnSavePassword_Click(object sender, EventArgs e) { try { GetSession session = new GetSession(); RijndaelEncryption encryption = new RijndaelEncryption(); string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string newPassword = encryption.EncryptText(txtNewPassord.Text, encryptionKey); string oldPassword = encryption.EncryptText(txtOldPassword.Text, encryptionKey); CommonFunction cmSaveData = new CommonFunction(); string updatePassword = "******" + newPassword + "' where(UserID='" + session.UserName + " ' and AccountNumber='" + session.AccountNumber + "')"; cmSaveData.InsertQuery(updatePassword); ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Password change successfully');window.location='FundWithdeawRequest.aspx';</script>'"); } catch (Exception ex) { Response.Redirect("../../LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace)); } }
protected void btnPasswordChange_Click(object sender, EventArgs e) { GetSession session = new GetSession(); try { RijndaelEncryption encryption = new RijndaelEncryption(); string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string newPassword = encryption.EncryptText(txtNewPassord.Text, encryptionKey); string oldPassword = encryption.EncryptText(txtOldPassword.Text, encryptionKey); CommonFunction cmSaveData = new CommonFunction(); string updatePassword = "******" + newPassword + "' where(UserID='" + session.UserName + " ' )"; cmSaveData.InsertQuery(updatePassword); ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Password change successfully');</script>'"); } catch (Exception ex) { throw ex; } }
/// <summary> /// Reset Password Operation /// </summary> private void ResetPassword() { try { //Random rnd = new Random(); //string rndPassword = rnd.Next(10000000, 99990000).ToString(); var chars = "0123456ABCDEFG6789HIJKLMNOPQR456STUVWXYZa234bcdefghijklmno789pqrstuvwxyz"; var stringChars = new char[8]; var random = new Random(); for (int i = 0; i < stringChars.Length; i++) { stringChars[i] = chars[random.Next(chars.Length)]; } var rndPassword = new String(stringChars); RijndaelEncryption decreption = new RijndaelEncryption(); string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string encriptedPassword = decreption.EncryptText(rndPassword, encryptionKey); //string Email = decreption.DecryptText((Request.QueryString["e"].ToString()), encryptionKey); //string accountNumber = decreption.DecryptText((Request.QueryString["a"].ToString()), encryptionKey); string Email = Request.Form["Email"].ToString(); string accountNumber = Request.Form["AccountNumber"]; //if (string.IsNullOrEmpty(Email)) // return; if (Email != null) { SendMailWithPassword(rndPassword, Email, accountNumber); } CommonFunction cmAcctivation = new CommonFunction(); string acctivationQuery = "update ApplicationUser set Password='******' where(UserID='" + Email + " ' and AccountNumber='" + accountNumber + "' )"; cmAcctivation.InsertQuery(acctivationQuery); ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Password Has Reset Successfully, Please Check Your Email For New Password.');window.location='../../Default.aspx';</script>'"); } catch (Exception) { ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Mail server is currently unavailable. Please contact with your broker');window.location='../../Default.aspx';</script>'"); } }
protected void btnCheckPin_Click(object sender, EventArgs e) { try { GetSession session = new GetSession(); if (txtPin.Text == string.Empty) { ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please enter your pin number');window.location='FundWithdeawRequest.aspx';</script>'"); } else { RijndaelEncryption encryption = new RijndaelEncryption(); string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string pinNumber = encryption.EncryptText(txtPin.Text, encryptionKey); CommonFunction cm = new CommonFunction(); string matchPin = "select Password from ApplicationUser where UserId='" + session.UserName + "' and AccountNumber='" + session.AccountNumber + "' and Password='******' "; DataTable dtmatchPin = cm.GetDatatable(matchPin); if (dtmatchPin.Rows.Count > 0) { //ScriptManager.RegisterStartupScript(this, this.GetType(), "Pop", "closeModal();", true); ScriptManager.RegisterStartupScript(this, this.GetType(), "Pop", "openModal();", true); } else { ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Pin number is incorrect. Please enter the correct one');window.location='FundWithdeawRequest.aspx';</script>'"); //lblMessage.ForeColor = System.Drawing.Color.Red; //lblMessage.Text = "Pin number do not match"; } } } catch (Exception ex) { Response.Redirect("../../LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace)); } }
protected void textBox_TextChanged(object sender, EventArgs e) { GetSession session = new GetSession(); RijndaelEncryption encryption = new RijndaelEncryption(); string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string pass = txtOldPassword.Text; string oldPassword = encryption.EncryptText(txtOldPassword.Text, encryptionKey); try { CommonFunction cm = new CommonFunction(); string password = "******" + session.UserName + "' and BONumber='" + session.BoNumber + "' and password='******'"; DataTable dtpassword = cm.GetDatatable(password); if (dtpassword.Rows.Count > 0) { txtOldPassword.Text = pass; txtNewPassord.ReadOnly = false; txtConfirmPassword.ReadOnly = false; lblMessage.Text = ""; } else { txtNewPassord.ReadOnly = true; txtConfirmPassword.ReadOnly = true; lblMessage.ForeColor = System.Drawing.Color.Red; lblMessage.Text = "Password does not match"; } } catch (Exception ex) { Response.Redirect("LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace)); } }
private void Registration(string email, string accNumber, string bo, string status) { Random rnd = new Random(); string number = rnd.Next(1000, 9999).ToString(); CommonFunction cmRegistration = new CommonFunction(); RijndaelEncryption encryption = new RijndaelEncryption(); string userId = email; string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string accountNumber = accNumber; string boNumber = bo; string encriptedUserId = encryption.EncryptText(userId, encryptionKey); string encriptedAccount = encryption.EncryptText(accountNumber, encryptionKey); string pinNumber = encryption.EncryptText(number, encryptionKey); try { string userName = ""; //string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber," //+"SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsLogin,IsRegistered,UserType,PinNumber)" //+"Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','false','Investor','" + pinNumber + "')"; string cmdUserName = "******" + accountNumber + "'"; DataTable dtUserName = cmRegistration.GetDatatable(cmdUserName); if (dtUserName.Rows.Count > 0) { foreach (DataRow dr in dtUserName.Rows) { userName = dr["Name"].ToString(); } } BOSLEmailer3 sendEmail = new BOSLEmailer3(); string siteUrl = ConfigurationManager.AppSettings["SiteUrl"]; string emailMessage = "Hi " + userName + ",<br/>" + "One more step to activate your account on iTradeX. Just click on the link below:<br/>"; string message = emailMessage + "<a href='" + siteUrl + "Default.aspx?" + "e=" + encriptedUserId + "&a=" + encriptedAccount + "&n=" + pinNumber + "'>Registration Acctivation</a>" + "<br/> Your secret PIN number for Fund Withdraw Request is " + number + ""; //sendEmail.AttachmentPath=; sendEmail.AuthenticationMode = 1; sendEmail.Body = message; //sendEmail.Cc=; sendEmail.From = ConfigurationManager.AppSettings["From"]; //sendEmail.id=userId; sendEmail.IsHtml = Convert.ToBoolean(ConfigurationManager.AppSettings["IsHtml"]); //System.Configuration.ConfigurationManager.AppSettings.Get("IsHtml"); sendEmail.IsUseSSL = Convert.ToBoolean(ConfigurationManager.AppSettings["IsUseSSL"]); sendEmail.Password = ConfigurationManager.AppSettings["Password"]; sendEmail.PortNum = Convert.ToInt32(ConfigurationManager.AppSettings["PortNum"]); sendEmail.SendUsing = Convert.ToInt32(ConfigurationManager.AppSettings["SendUsing"]); sendEmail.SMTPServer = ConfigurationManager.AppSettings["SMTPServer"]; sendEmail.Subject = ConfigurationManager.AppSettings["EmailSubjectForRegistration"]; sendEmail.To = userId; sendEmail.UserName = ConfigurationManager.AppSettings["UserName"]; sendEmail.SendEmail(); //sconRegistration.Close(); CommonFunction cmActiveInvestor = new CommonFunction(); string query = "UPDATE ApplicationUser SET PinNumber ='" + pinNumber + "' WHERE AccountNumber='" + accountNumber + "'"; cmActiveInvestor.InsertQuery(query); ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('An email has sent to the investor.');window.location='Active.aspx';</script>'"); //Response.Redirect("LoginPage.aspx"); } catch (Exception ex) { throw ex; } }
/// <summary> /// genarate digit random number as password and send user mail /// </summary> protected void Resetpassword_click(object sender, EventArgs e) { GetSession session = new GetSession(); //string finalString = ""; string AccountNumber = ""; string UserId = ""; try { foreach (RepeaterItem rpt in rptShowBrokerData.Items) { CheckBox chkAll = (CheckBox)rpt.FindControl("chkAll"); CheckBox chkChecked = (CheckBox)rpt.FindControl("chkChecked"); if (chkChecked.Checked == true) { //Random rnd = new Random(); //string rndPin = rnd.Next(1000, 9999).ToString(); //string rndPassword = rnd.Next(10000000, 99990000).ToString(); var chars = "0123456ABCDEFG6789HIJKLMNOPQR456STUVWXYZa234bcdefghijklmno789pqrstuvwxyz"; var stringChars = new char[8]; var random = new Random(); for (int i = 0; i < stringChars.Length; i++) { stringChars[i] = chars[random.Next(chars.Length)]; } var rndPassword = new String(stringChars); RijndaelEncryption decreption = new RijndaelEncryption(); string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string encriptedPassword = decreption.EncryptText(rndPassword, encryptionKey); //string Email = decreption.DecryptText((Request.QueryString["e"].ToString()), encryptionKey); //string accountNumber = decreption.DecryptText((Request.QueryString["a"].ToString()), encryptionKey); Label accountNumber = (Label)rpt.FindControl("lblAccountNumber"); Label userId = (Label)rpt.FindControl("lblUserId"); UserId = userId.Text; AccountNumber = accountNumber.Text.ToString(); //string Email = Request.Form["Email"].ToString(); //string accountNumber = Request.Form["AccountNumber"]; //if (string.IsNullOrEmpty(Email)) //// return; //if (UserId != null) //{ // SendMailWithPassword(rndPassword,accountNumber,UserId); //} CommonFunction cmAcctivation = new CommonFunction(); string acctivationQuery = "update ApplicationUser set Password='******' where(UserID='" + UserId + " ' and AccountNumber='" + AccountNumber + "' )"; cmAcctivation.InsertQuery(acctivationQuery); SendMailWithPassword(rndPassword, AccountNumber, UserId); } else { continue; } } } catch (Exception ex) { Response.Redirect("LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace)); } }
/// <summary> /// Code For Login /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnLogin_Click(object sender, EventArgs e) { ApplicationUser loggedUser = new ApplicationUser(); RijndaelEncryption passwordEncription = new RijndaelEncryption(); string userEmail = Request.Form["Email"].ToString(); string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string userPassword = passwordEncription.EncryptText(Request.Form["password"].ToString(), encryptionKey); try { CommonFunction cm = new CommonFunction(); //SqlConnection conLogin = DatabaseConnection.GetConnection(); string loginCommand = "select UserId,AccountNumber,BONumber,Password,IsActive, IsRegistered,UserType,BrokerRef from ApplicationUser where UserId='" + userEmail + "' and password='******' "; //SqlCommand cmdCommand = new SqlCommand(loginCommand, conLogin); DataTable dtLogin = cm.GetDatatable(loginCommand); if (dtLogin.Rows.Count > 0) { //foreach (DataRow dr in dtsLogin.Tables[0].Rows) foreach (DataRow dr in dtLogin.Rows) { if (Convert.ToBoolean(dr["IsRegistered"]) == true) { if (Convert.ToBoolean(dr["IsActive"]) == true) { if (userPassword == dr["Password"].ToString()) { CommonFunction cmLogin = new CommonFunction(); //string loginTimeQuery = "Update ApplicationUser set LastLoginTime='" + DateTime.Now + "',IsLogin='******' where (UserId='" + userEmail + "')"; string loginTimeQuery = "Update ApplicationUser set LastLoginTime='" + DateTime.Now + "' where (UserId='" + userEmail + "')"; cmLogin.InsertQuery(loginTimeQuery); loggedUser.UserID = dr["UserID"].ToString(); loggedUser.AccountNumber = dr["AccountNumber"].ToString(); loggedUser.BoNumber = dr["BONumber"].ToString(); loggedUser.UserType = dr["UserType"].ToString(); loggedUser.BrokerRef = dr["BrokerRef"].ToString(); Session["AccountNumber"] = loggedUser.AccountNumber; Session["UserID"] = loggedUser.UserID; Session["BOID"] = loggedUser.BoNumber; Session["UserType"] = loggedUser.UserType; Session["BrokerRef"] = loggedUser.BrokerRef; string name = RegionInfo.CurrentRegion.DisplayName; string strClientIP = HttpContext.Current.Request.UserHostAddress; //Store session informations GetSession.accountNumber = loggedUser.AccountNumber; GetSession.boNumber = loggedUser.BoNumber; GetSession.brokerRef = loggedUser.BrokerRef; GetSession.userName = loggedUser.UserID; GetSession.userType = loggedUser.UserType; CommonFunction cpAppLog = new CommonFunction(); String insertQuery = "insert into ApplicationLog (Id,LogTime,LogType,LogDetails) values ('" + loggedUser.AccountNumber + "','" + DateTime.Now + "','Information','" + strClientIP + "')"; cpAppLog.InsertQuery(insertQuery); if (chkCookie.Checked == true) { HttpCookie loginCookies = new HttpCookie("loginCookies"); Response.Cookies["loginCookies"]["Email"] = userEmail; Response.Cookies["loginCookies"]["Password"] = userPassword; Response.Cookies["loginCookies"].Expires = DateTime.Now.AddDays(1); } //Session["USER"] = loggedUser; if (dr["UserType"].ToString() == "Broker") { Response.Redirect("BrokerInformation.aspx", false); } else if (dr["UserType"].ToString() == "SystemAdmin") { Response.Redirect("SystemAdmin.aspx", false); } else { Response.Redirect("Dashboard.aspx", false); //Response.Redirect("Transaction.aspx",false); } } else { ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please Enter The Correct Password');window.location='LoginPage.aspx';</script>'"); } } else { ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account Is Not acctivated Yet, Please Contact With Your Broker');window.location='LoginPage.aspx';</script>'"); } } else { ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account is Not Still Registered, Please Visit Registration Page For Being Registered');window.location='LoginPage.aspx';</script>'"); } } } else { ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Invalid Email Address, Please Enter The Correct One');window.location='LoginPage.aspx';</script>'"); } } catch (Exception ex) { throw ex; } }
/// <summary> /// Registration /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnRegistration_Click(object sender, EventArgs e) { try { RijndaelEncryption encryption = new RijndaelEncryption(); //string userId = Request.Form["Email"].ToString(); string userId = txtEmail.Text; string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string password = encryption.EncryptText((Request.Form["password"].ToString()), encryptionKey); string boNumber = txtPrefix.Text + txtBONumber.Text; string accountNumber = txtAccountNumber.Text; string secreteAnswer = txtSecretAnswer.Text; //CommonFunction cmEmailCheck = new CommonFunction(); ////string emailCheckQuery = "select UserID from ApplicationUser where(UserID='" + userId + "' and AccountNumber='" + accountNumber + "' and BONumber='" + boNumber + "' AND Password='******')"; //string emailCheckQuery = "select UserID from ApplicationUser where" // +"(UserID='" + userId + "' and AccountNumber='" + accountNumber + "' and BONumber='" + boNumber + "')"; //DataTable dtEmailCheck = cmEmailCheck.GetDatatable(emailCheckQuery); //if (dtEmailCheck.Rows.Count > 0) //{ // //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert(' This account is already exist. Please contact with System Admin');window.location='RegAndLogin.aspx';</script>'"); // pnlMessage.Visible = true; // lblShowMessage.Text = "This account is already exist. Please contact with System Admin"; //} //else //{ // if (ddlBroker.SelectedIndex > 0) // { // CommonFunction cmCheckBoAndAccountNo = new CommonFunction(); // string boAndAccountCheck = "select BONumber,AccountNumber,Email from InvestorProfile where" // +"(BONumber='" + boNumber + "' and AccountNumber='" + accountNumber + "' and Email='" + userId + "' )"; // DataTable dtCheck = cmCheckBoAndAccountNo.GetDatatable(boAndAccountCheck); // if (dtCheck.Rows.Count > 0) // { // Registration(); // } // else // { // //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Information Does not Match');window.location='RegAndLogin.aspx';</script>'"); // pnlMessage.Visible = true; // lblShowMessage.Text = "Information does not match. Please enter the correct one"; // } // } // else // { // //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please Select Broker Name');window.location='RegAndLogin.aspx';</script>'"); // pnlMessage.Visible = true; // lblShowMessage.Text = "Please Select Broker Name from the broker list"; // } //} CommonFunction cmEmailCheck = new CommonFunction(); //string emailCheckQuery = "select UserID from ApplicationUser where(UserID='" + userId + "' and AccountNumber='" + accountNumber + "' and BONumber='" + boNumber + "' AND Password='******')"; string emailCheckQuery = "select AccountNumber from ApplicationUser where " + "AccountNumber='" + accountNumber + "' and BONumber='" + boNumber + "'"; DataTable dtEmailCheck = cmEmailCheck.GetDatatable(emailCheckQuery); if (dtEmailCheck.Rows.Count > 0) { pnlMessage.Visible = true; lblShowMessage.Text = "This account is already exist. Please contact with Your Broker"; } else { CommonFunction cmRegistration = new CommonFunction(); string checkQuery = "select UserID from ApplicationUser where (UserID='" + userId + "' AND Password='******')"; DataTable dtEmailPass = cmRegistration.GetDatatable(checkQuery); CommonFunction cm = new CommonFunction(); string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber," + "SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsRegistered,UserType,RegistrationTime,Status)" + "Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','Investor','" + DateTime.Now + "','Pending')"; cm.InsertQuery(insertQuery); pnlLoginMessage.Visible = true; lblLoginMessage.Text = "Your Account Has successfully Registered. You will get an email from your broker for activating account within 3 working days."; //if (dtEmailPass.Rows.Count > 0) //{ // //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('This Email and Password Already Exist.Please Try Another Password.');window.location='RegAndLogin.aspx';</script>'"); // pnlMessage.Visible = true; // lblShowMessage.Text = "This Email and Password already exist. Please try another password."; //} //else //{ // CommonFunction cm = new CommonFunction(); // string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber," // + "SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsRegistered,UserType,RegistrationTime,Status)" // + "Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','Investor','" + DateTime.Now + "','Pending')"; // cm.InsertQuery(insertQuery); // pnlLoginMessage.Visible = true; // lblLoginMessage.Text = "Your Account Has successfully Registered. You will get an email from your broker for activating account within 3 working days."; //} } } catch (Exception ex) { Response.Redirect("LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace)); } }
private void Registration() { Random rnd = new Random(); string number = rnd.Next(1000, 9999).ToString(); CommonFunction cmRegistration = new CommonFunction(); if (Session["CAPTCHA"].ToString().Equals(txtInput.Text)) { RijndaelEncryption encryption = new RijndaelEncryption(); //string userId = Request.Form["Email"].ToString(); string userId = txtEmail.Text; string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string password = encryption.EncryptText((Request.Form["password"].ToString()), encryptionKey); //string accountNumber = Request.Form["AccountNumber"].ToString(); string accountNumber = txtAccountNumber.Text; //string secreteAnswer = Request.Form["SecreteAnswer"].ToString(); string secreteAnswer = txtSecretAnswer.Text; //string boNumber = Request.Form["BONumber"].ToString(); string boNumber = txtPrefix.Text + txtBONumber.Text; string encriptedUserId = encryption.EncryptText(userId, encryptionKey); string encriptedAccount = encryption.EncryptText(accountNumber, encryptionKey); string pinNumber = encryption.EncryptText(number, encryptionKey); string emailCheckQuery = "select UserID from ApplicationUser where(UserID='" + userId + "' AND Password='******')"; DataTable dtEmailPass = cmRegistration.GetDatatable(emailCheckQuery); if (dtEmailPass.Rows.Count > 0) { //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('This Email and Password Already Exist.Please Try Another Password.');window.location='RegAndLogin.aspx';</script>'"); pnlMessage.Visible = true; lblShowMessage.Text = "This Email and Password already exist. Please try another password."; } try { string userName = ""; //string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber," //+"SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsLogin,IsRegistered,UserType,PinNumber)" //+"Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','false','Investor','" + pinNumber + "')"; string cmdUserName = "******" + accountNumber + "'"; DataTable dtUserName = cmRegistration.GetDatatable(cmdUserName); if (dtUserName.Rows.Count > 0) { foreach (DataRow dr in dtUserName.Rows) { userName = dr["Name"].ToString(); } } BOSLEmailer3 sendEmail = new BOSLEmailer3(); string siteUrl = ConfigurationManager.AppSettings["SiteUrl"]; string emailMessage = "Hi " + userName + ",<br/>" + "One more step to verify your email address on iTradeX. Just click on the link below:<br/>"; string message = emailMessage + "<a href='" + siteUrl + "Default.aspx?" + "e=" + encriptedUserId + "&a=" + encriptedAccount + "&n=" + pinNumber + "'>Registration Acctivation</a>" + "<br/> Your secret PIN number for Fund Withdraw Request is " + number + ""; //sendEmail.AttachmentPath=; sendEmail.AuthenticationMode = 1; sendEmail.Body = message; //sendEmail.Cc=; sendEmail.From = ConfigurationManager.AppSettings["From"]; //sendEmail.id=userId; sendEmail.IsHtml = Convert.ToBoolean(ConfigurationManager.AppSettings["IsHtml"]); //System.Configuration.ConfigurationManager.AppSettings.Get("IsHtml"); sendEmail.IsUseSSL = Convert.ToBoolean(ConfigurationManager.AppSettings["IsUseSSL"]); sendEmail.Password = ConfigurationManager.AppSettings["Password"]; sendEmail.PortNum = Convert.ToInt32(ConfigurationManager.AppSettings["PortNum"]); sendEmail.SendUsing = Convert.ToInt32(ConfigurationManager.AppSettings["SendUsing"]); sendEmail.SMTPServer = ConfigurationManager.AppSettings["SMTPServer"]; sendEmail.Subject = ConfigurationManager.AppSettings["EmailSubjectForRegistration"]; sendEmail.To = userId; sendEmail.UserName = ConfigurationManager.AppSettings["UserName"]; sendEmail.SendEmail(); //sconRegistration.Close(); //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account Has successfully Registered, Please Check Your Email For Activate Your Account');window.location='RegAndLogin.aspx';</script>'"); pnlLoginMessage.Visible = true; lblLoginMessage.Text = "Your Account Has successfully Registered, Please Check Your Email For Activate Your Account"; string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber," + "SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsRegistered,UserType,PinNumber,RegistrationTime,Status)" + "Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','Investor','" + pinNumber + "','" + DateTime.Now + "','Pending')"; cmRegistration.InsertQuery(insertQuery); //Response.Redirect("LoginPage.aspx"); } catch (Exception ex) { throw ex; } } else { //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('No Match Found From Captcha Input');window.location='RegAndLogin.aspx';</script>'"); pnlMessage.Visible = true; lblShowMessage.Text = "No match found from captcha input. Please enter the correct one"; } }
/// <summary> /// Code For Login /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnLogin_Click(object sender, EventArgs e) { ApplicationUser loggedUser = new ApplicationUser(); RijndaelEncryption passwordEncription = new RijndaelEncryption(); //string userEmail = Request.Form["Email"].ToString(); string userEmail = txtEmail.Text; string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string userPassword = passwordEncription.EncryptText(Request.Form["password"].ToString(), encryptionKey); //string userPassword = passwordEncription.EncryptText(txtPassword.Text, encryptionKey); try { CommonFunction cm = new CommonFunction(); //SqlConnection conLogin = DatabaseConnection.GetConnection(); string loginCommand = string.Empty; string[] userid = userEmail.Split('@'); if (userid.Length > 1) { loginCommand = "SELECT UserId,AccountNumber,BONumber,Password,IsActive, IsRegistered,UserType,BrokerRef,Status FROM ApplicationUser where UserId ='" + userEmail + "' and password ='******' ORDER BY LastLoginTime DESC"; } else { loginCommand = "SELECT UserId,AccountNumber,BONumber,Password,IsActive, IsRegistered,UserType,BrokerRef,Status FROM ApplicationUser where AccountNumber ='" + userEmail + "' and password ='******' "; } //SqlCommand cmdCommand = new SqlCommand(loginCommand, conLogin); DataTable dtLogin = cm.GetDatatable(loginCommand); //SqlDataAdapter sdaLogin = new SqlDataAdapter(cmdCommand); //DataSet dtsLogin = new DataSet(); //sdaLogin.Fill(dtsLogin); //if (dtsLogin.Tables[0].Rows.Count > 0) if (dtLogin.Rows.Count > 0) { //foreach (DataRow dr in dtsLogin.Tables[0].Rows) foreach (DataRow dr in dtLogin.Rows) { if (Convert.ToBoolean(dr["IsRegistered"]) == true) { if (dr["Status"].ToString() == "Active") { if (userPassword == dr["Password"].ToString()) { CommonFunction cmLogin = new CommonFunction(); string loginTimeQuery = "Update ApplicationUser set LastLoginTime = '" + DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss") + "',IsLogin='******' where UserId='" + userEmail + "'"; cmLogin.InsertQuery(loginTimeQuery); //SqlConnection conLogin = DatabaseConnection.GetConnection(); //SqlCommand cmdLoginFlag = new SqlCommand("Update ApplicationUser set IsLogin='******' where(UserId='" + userEmail + "')", conLogin); //cmdLoginFlag.ExecuteNonQuery(); //conLogin.Close(); loggedUser.UserID = dr["UserID"].ToString(); loggedUser.AccountNumber = dr["AccountNumber"].ToString(); loggedUser.BoNumber = dr["BONumber"].ToString(); loggedUser.UserType = dr["UserType"].ToString(); loggedUser.BrokerRef = dr["BrokerRef"].ToString(); Session["AccountNumber"] = loggedUser.AccountNumber; Session["UserID"] = loggedUser.UserID; Session["BOID"] = loggedUser.BoNumber; Session["UserType"] = loggedUser.UserType; Session["BrokerRef"] = loggedUser.BrokerRef; string name = RegionInfo.CurrentRegion.DisplayName; string strClientIP = HttpContext.Current.Request.UserHostAddress; //store session in Getsession class //session.AccountNumber = loggedUser.AccountNumber; //session.BoNumber = loggedUser.BoNumber; //session.BrokerRef = loggedUser.BrokerRef; //session.UserName = loggedUser.UserID; //GetSession.userType = loggedUser.UserType; //CommonFunction cpAppLog = new CommonFunction(); //String insertQuery = "insert into ApplicationLog (Id,LogTime,LogType,LogDetails) values ('" + loggedUser.AccountNumber + "','" + DateTime.Now + "','Information','" + strClientIP + "')"; //cpAppLog.InsertQuery(insertQuery); //if (chkCookie.Checked == true) //{ // HttpCookie loginCookies = new HttpCookie("loginCookies"); // Response.Cookies["loginCookies"]["Email"] = userEmail; // Response.Cookies["loginCookies"]["Password"] = userPassword; // Response.Cookies["loginCookies"].Expires = DateTime.Now.AddDays(1); //} //Session["USER"] = loggedUser; if (dr["UserType"].ToString() == "Broker") { Response.Redirect(@"Pages\Investor\OrderBroker.aspx", false); } else if (dr["UserType"].ToString() == "SystemAdmin") { Response.Redirect(@"Pages\Investor\SystemAdmin.aspx", false); } else { Response.Redirect(@"Pages\Investor\Dashboard.aspx", false); //Response.Redirect("Transaction.aspx",false); } } else { //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please Enter The Correct Password');window.location='default.aspx';</script>'"); pnlMessage.Visible = true; lblShowMessage.Text = "Please enter the correct password."; } } else { //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account Is Not acctivated Yet, Please Contact With Your Broker');window.location='default.aspx';</script>'"); pnlMessage.Visible = true; lblShowMessage.Text = "Your account is not acctivated yet."; } } else { //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account is Not Still Registered, Please Visit Registration Page For Being Registered');window.location='default.aspx';</script>'"); pnlMessage.Visible = true; lblShowMessage.Text = "Your account is not still registered."; } break; } } else { //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Invalid Email Address, Please Enter The Correct One');window.location='default.aspx';</script>'"); pnlMessage.Visible = true; lblShowMessage.Text = "The email or password you entered is incorrect."; } } catch (Exception ex) { Response.Redirect("LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace)); } }
/// <summary> /// Send email with Reset Link /// </summary> private void SendLinkReset() { string userName = ""; CommonFunction cmRegistration = new CommonFunction(); RijndaelEncryption encryption = new RijndaelEncryption(); string Email = Request.Form["Email"].ToString(); string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"]; string accountNumber = Request.Form["AccountNumber"]; string encriptedEmail = encryption.EncryptText(Email, encryptionKey); string encriptedAccount = encryption.EncryptText(accountNumber, encryptionKey); //string accountNumber = encryption.EncryptText((Request.Form["AccountNumber"].ToString()), encryptionKey); string cmdUserName = "******" + accountNumber + "'"; DataTable dtUserName = cmRegistration.GetDatatable(cmdUserName); if (dtUserName.Rows.Count > 0) { foreach (DataRow dr in dtUserName.Rows) { userName = dr["Name"].ToString(); } } try { BOSLEmailer3 sendEmail = new BOSLEmailer3(); string siteUrl = ConfigurationManager.AppSettings["SiteUrl"]; string emailMessage = "Hi " + userName + ",<br/>" + "We received a password reset request for your iTradeX account. To reset your password, use the links below:<br/>"; string message = emailMessage + "<br/><b>Reset your password using a web browser:</b><br/>" + "<a href='" + siteUrl + "Pages/Investor/ForgotPassword.aspx?" + "e=" + encriptedEmail + "&a=" + encriptedAccount + "'>Reset Password</a>" + "<br/><br/>If you didn't request a password reset, you can ignore this message and your password will not be changed, someone" + "probably typed in your username or email address by accident.<br/><br/>-The iTradeX Team"; //sendEmail.AttachmentPath=; sendEmail.AuthenticationMode = 1; sendEmail.Body = message; //sendEmail.Cc=; sendEmail.From = ConfigurationManager.AppSettings["From"]; //sendEmail.id=userId; sendEmail.IsHtml = Convert.ToBoolean(ConfigurationManager.AppSettings["IsHtml"]); sendEmail.IsUseSSL = Convert.ToBoolean(ConfigurationManager.AppSettings["IsUseSSL"]); sendEmail.Password = ConfigurationManager.AppSettings["Password"]; sendEmail.PortNum = Convert.ToInt32(ConfigurationManager.AppSettings["PortNum"]); sendEmail.SendUsing = Convert.ToInt32(ConfigurationManager.AppSettings["SendUsing"]); sendEmail.SMTPServer = ConfigurationManager.AppSettings["SMTPServer"]; sendEmail.Subject = "Forgotten password request from iTradeX"; sendEmail.To = Email; sendEmail.UserName = ConfigurationManager.AppSettings["UserName"]; sendEmail.SendEmail(); //sconRegistration.Close(); ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please Check Your Email. Click On The Link To Reset You Password.');window.location='../../Default.aspx';</script>'"); } catch (Exception ex) { ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Mail server is currently unavailable. " + ex.Message + "');window.location='../../Default.aspx';</script>'"); } }