public ActionResult AddCustomer(UserCustomer newAccount)
{
if (ModelState.IsValid)
{
var entity = new Users()
{
Email = newAccount.newUser.Email, Password = newAccount.newUser.Password, PasswordConf = newAccount.newUser.PasswordConf, RoleID = 1
};
db.users.Add(entity);
db.SaveChanges();
int newUserID = (int)entity.UserID;
var entity2 = new Customers()
{
Address = newAccount.newCustomer.Address,
City = newAccount.newCustomer.City,
CompanyName = newAccount.newCustomer.CompanyName,
Email = newAccount.newUser.Email,
Phone = newAccount.newCustomer.Phone,
RepID = newAccount.newCustomer.RepID,
SMS = newAccount.newCustomer.SMS,
Zip = newAccount.newCustomer.Zip,
UserID = newUserID
};
db.customers.Add(entity2);
db.SaveChanges();
return(RedirectToAction("Index", "Home"));
}
else
{
return(View(newAccount));
}
}
protected void Button3_OnClick(object sender, EventArgs e)
{
string tree = Session["rngPhoneLEmailUserReg"].ToString();
string emailcheckl = enailcheck.Text.Trim();
if (tree.Equals(emailcheckl))
{
UserCustomer us = new UserCustomer();
string usess = Session["nextPageUserReg"].ToString();
us.updateStatusEmail(usess, "true");
Label3.Text = "Email verified";
}
else
{
Label3.Text = "Incorrect otp";
}
}
public IHttpActionResult PutUserCustomer(string id, UserCustomer userCustomer)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != userCustomer.UserID)
{
return(BadRequest());
}
db.Entry(userCustomer).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!UserCustomerExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <bool> AssignDivisions(string userId, Dictionary <int, string> customerDivisions)
{
var user = await context.Users.Where(x => x.Id == userId).FirstOrDefaultAsync();
var gsUser = await context.UserInfos.Where(x => x.UserName == user.UserName).FirstOrDefaultAsync();
var currentDivIds = gsUser.UserCustomers.Select(x => x.DivisionId).ToList();
var divisionIds = customerDivisions.Keys;
foreach (int divId in divisionIds.Where(x => !currentDivIds.Contains(x)))
{
var division = await context.CustomerDivisions.FirstOrDefaultAsync(x => x.DivisionId == divId);
if (division != null)
{
var usercust = new UserCustomer();
usercust.CustomerId = division.CustomerId;
usercust.DivisionId = division.DivisionId;
usercust.UserId = gsUser.UserId;
gsUser.UserCustomers.Add(usercust);
await context.SaveChangesAsync();
}
}
return(true);
}
public ActionResult DeleteConfirmed(int id)
{
UserCustomer userCustomer = db.UserCustomers.Find(id);
db.UserCustomers.Remove(userCustomer);
db.SaveChanges();
return(RedirectToAction("Index"));
}
protected void Button1_Click(object sender, EventArgs e)
{
string usernameee = TextBox1.Text.Trim();
UserCustomer cu = new UserCustomer();
cu = cu.getAllDataByName(usernameee);
if (cu == null)
{
Label2.Text = "Invalid user";
}
else
{
Label2.Text = "";
string username = TextBox1.Text.Trim();
string Nric = TextBox6.Text.Trim();
string phoneNumber = TextBox5.Text.Trim();
string email = TextBox3.Text.Trim();
string birthday = TextBox2.Text.Trim();
UserCustomer dsa = new UserCustomer();
string dbgetPo = dsa.getAllDataByName(username).ForgetHash;
string checkVali = HiddenFieldCheckForValBu.Value.Trim();
System.Diagnostics.Debug.Write("ds" + checkVali);
if (dbgetPo.Equals(checkVali))
{
Session["forgetPassTosaveusername"] = username;
Session["forgetPassTosavenric"] = Nric;
Session["forgetPassTosavephoneNumber"] = phoneNumber;
Session["forgetPassTosaveemail"] = email;
Session["forgetPassTosavebirthday"] = birthday;
Response.Redirect("EmailOtp.aspx");
}
else
{
Label1.Text = "*One of the fields you have entered is incorrect";
}
}
// Tzwilio d = new Tzwilio("+6598517761","testung");
// d.choasSms();
// EmailSender s = new EmailSender("Aravin", "*****@*****.**","21/09/1997","Hi, Reagrds");
// s.SendSimpleMessage();
}
// protected void forgetpassword(object sender, EventArgs e)
// {
// Response.Redirect("2faLogin.aspx", false);
// }
protected void Button1_Click(object sender, EventArgs e)
{
UserCustomer ssdsd = new UserCustomer();
ssdsd = ssdsd.getAllDataByName(Session["usernameLogin"].ToString());
int cuas = ssdsd.Attempt;
System.Diagnostics.Debug.WriteLine(cuas);
if (cuas < 3)
{
string username = (string)Session["usernameLogin"];
UserCustomer su = new UserCustomer();
su = su.getAllDataByName(username);
//getting salt and hash from db based on username
string salt = su.Passwordsalt;
string hashvalueToCheck = su.Passwordhash;
//server hashing
string hashvalClient = TextBox2.Text;
string combine = hashvalClient + salt;
SHA512Managed hashing = new SHA512Managed();
byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(combine));
//converting bytes to base64
string finalval = Convert.ToBase64String(serverHashwithSaltHashed);
System.Diagnostics.Debug.WriteLine(finalval);
//validation
if (hashvalueToCheck == finalval)
{
Session["accountLoginVerified"] = "true";
Session["md5Store"] = hashvalClient;
Response.Redirect("2faLogin.aspx", false);
}
else
{
UserCustomer sd = new UserCustomer();
UserCustomer users = new UserCustomer();
users = sd.getAllDataByName(username);
int curreatt = users.Attempt;
sd.updateuserattempts(username, curreatt + 1);
Labelerr.Text = "You have entered a Incorrect password";
}
}
else
{
Labelerr.Text = "Account locked, you had 3 failed logon attempts";
}
}
public ActionResult Registration()
{
UserCustomer uc = new UserCustomer
{
categories = db.Categories.ToList()
};
return(PartialView(uc));
}
public ActionResult Edit([Bind(Include = "UserCustomersId,FullNameUser,CardIDUser,AddressUser,NumberPhoneUser,EmailUser")] UserCustomer userCustomer)
{
if (ModelState.IsValid)
{
db.Entry(userCustomer).State = System.Data.Entity.EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index"));
}
return(View(userCustomer));
}
public UserCustomer getAllDataByName(string name)
{
UserCustomer cus;
string username,
passwordhash,
passwordsalt,
phoneNo,
address,
firstName,
lastName,
email,
birthday,
emailverified,
phoneverified,
nric,
forgetHash;
int attempt;
string queryStr = "SELECT* FROM Customer WHERE username = @username";
SqlConnection conn = new SqlConnection(_connStr);
SqlCommand cmd = new SqlCommand(queryStr, conn);
cmd.Parameters.AddWithValue("@username", encryptData(name));
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
username = decryptDataString(dr["username"].ToString());
passwordhash = decryptDataString(dr["passwordhash"].ToString());
passwordsalt = decryptDataString(dr["passwordsalt"].ToString());
phoneNo = decryptDataString(dr["phoneNo"].ToString());
address = decryptDataString(dr["address"].ToString());
firstName = decryptDataString(dr["firstName"].ToString());
lastName = decryptDataString(dr["lastName"].ToString());
email = decryptDataString(dr["email"].ToString());
birthday = decryptDataString(dr["birthday"].ToString());
emailverified = decryptDataString(dr["emailVerified"].ToString());
phoneverified = decryptDataString(dr["phoneVerified"].ToString());
nric = decryptDataString(dr["nric"].ToString());
forgetHash = decryptDataString(dr["forgethash"].ToString());
attempt = Convert.ToInt32(dr["attempts"].ToString());
cus = new UserCustomer(username, passwordhash, passwordsalt, phoneNo, address, firstName, lastName, email, birthday, emailverified, phoneverified, nric, forgetHash, attempt);
}
else
{
cus = null;
}
conn.Close();
dr.Close();
dr.Dispose();
return(cus);
}
public IHttpActionResult GetUserCustomer(string id)
{
UserCustomer userCustomer = db.UserCustomers.Find(id);
if (userCustomer == null)
{
return(NotFound());
}
return(Ok(userCustomer));
}
public ActionResult Create([Bind(Include = "UserCustomersId,FullNameUser,CardIDUser,AddressUser,NumberPhoneUser,EmailUser")] UserCustomer userCustomer)
{
if (ModelState.IsValid)
{
db.UserCustomers.Add(userCustomer);
db.SaveChanges();
return(RedirectToAction("Create"));
}
return(View(userCustomer));
}
public IHttpActionResult PostUserCustomer(UserCustomer userCustomer)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
db.UserCustomers.Add(userCustomer);
db.SaveChanges();
return(CreatedAtRoute("DefaultApi", new { id = userCustomer.UserID }, userCustomer));
}
public ActionResult Index(string filter)
{
MembershipUser myObject = Membership.GetUser();
Guid UserID = Guid.Parse(myObject.ProviderUserKey.ToString());
UserCustomer usercustomer = db.UserCustomers.Single(s => s.UserID == UserID);
var subscribers2 = from subscriber in db.Subscribers
where ((subscriber.FirstName.Contains(filter)|| subscriber.LastName.Contains(filter))
&& (subscriber.CustomerID == usercustomer.CustomerID || subscriber.CustomerID == 0))
select new SubscriberCheckedModel { subscriber = subscriber, AddToGroup = false };
SubscriberCheckedListViewModel test = new SubscriberCheckedListViewModel();
test.subscribers = subscribers2.ToList();
return View(test);
}
public IHttpActionResult DeleteUserCustomer(string id)
{
UserCustomer userCustomer = db.UserCustomers.Find(id);
if (userCustomer == null)
{
return(NotFound());
}
db.UserCustomers.Remove(userCustomer);
db.SaveChanges();
return(Ok(userCustomer));
}
//
// GET: /SubscriberGroup/
public ActionResult Index(int id)
{
groupID = id;
MembershipUser myObject = Membership.GetUser();
Guid UserID = Guid.Parse(myObject.ProviderUserKey.ToString());
UserCustomer usercustomer = db.UserCustomers.Single(s => s.UserID == UserID);
var subscribers = from subscriber in db.Subscribers
where (subscriber.CustomerID == usercustomer.CustomerID) | (subscriber.CustomerID == 0)
select new SubscriberCheckedModel { subscriber = subscriber, AddToGroup = false };
SubscriberCheckedListViewModel test = new SubscriberCheckedListViewModel();
test.subscribers = subscribers;
test.GroupId=groupID;
return View(test);
}
// GET: UserCustomers/Delete/5
public ActionResult Delete(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
UserCustomer userCustomer = db.UserCustomers.Find(id);
if (userCustomer == null)
{
return(HttpNotFound());
}
return(View(userCustomer));
}
protected void Button1_Click(object sender, EventArgs e)
{
string passhashfromform = TextBox1.Text.Trim();
//look here
Session["md5hashforforgetpassplsthx"] = passhashfromform;
System.Diagnostics.Debug.WriteLine(passhashfromform);
string nricFromform = HiddenFieldNricEncrypted.Value;
string bdfromform = HiddenFieldBirthdayEncrypted.Value;
UserCustomer cs = new UserCustomer();
string saltFrodb = cs.getAllDataByName(Session["forgetPassTosaveusername"].ToString()).Passwordsalt;
byte[] saltpls = Convert.FromBase64String(saltFrodb);
string phonepl = Session["forgetPassTosavephoneNumber"].ToString();
string emailps = Session["forgetPassTosaveemail"].ToString();
string encryptedNric = encryptData(nricFromform, passhashfromform, saltpls);
string encryptebirthdayc = encryptData(bdfromform, passhashfromform, saltpls);
string encryptephone = encryptData(phonepl, passhashfromform, saltpls);
string encryptemail = encryptData(emailps, passhashfromform, saltpls);
Session["encryptedforforgetpassthxnric"] = encryptedNric;
Session["encryptedforforgetpassthxbirthday"] = encryptebirthdayc;
Session["encryptedforforgetpassthxphone"] = encryptephone;
Session["encryptedforforgetpassthxemail"] = encryptemail;
Session["sha1askeyforcleintx"] = HiddenFieldsha1fornextuser.Value;
//label sucess
Response.Redirect("addressConfirm.aspx");
}
protected void CustomValidator1_OnServerValidate(object source, ServerValidateEventArgs args)
{
string username = Server.HtmlEncode(TextBox1.Text);
UserCustomer cu = new UserCustomer();
cu = cu.getAllDataByName(username);
if (cu == null)
{
args.IsValid = false;
}
else
{
args.IsValid = true;
}
}
protected void existinguser_Validate(object source, ServerValidateEventArgs args)
{
UserCustomer customer = new UserCustomer();
List <String> usernamelist = customer.getAllUserName();
//auto random data insert to db incase of failure; prevent null
try
{
System.Diagnostics.Debug.WriteLine("validator custom check " + usernamelist.Count + usernamelist[0]);
}
catch (Exception e)
{
string dummydata = "091dummydataOnlyonce";
UserCustomer n = new UserCustomer(dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata);
n.CustomerInsert();
}
string currentUsername = Username.Text;
int valtest = 0;
for (int i = 0; i < usernamelist.Count; i++)
{
if (currentUsername.Equals(usernamelist[i]))
{
valtest++;
}
System.Diagnostics.Debug.WriteLine("Usernames in list :" + usernamelist[i]);
}
if (valtest != 0)
{
args.IsValid = false;
}
else
{
args.IsValid = true;
}
}
public ActionResult Registration(UserCustomer uc)
{
var result = false;
if (ModelState.IsValid)
{
uc.user.Image = ImageUploaded.image_file_name;
uc.user.RoleTypeId = 3;
db.Users.Add(uc.user);
db.SaveChanges();
uc.customer.userId = db.Users.Max(c => c.Id);
db.Customers.Add(uc.customer);
db.SaveChanges();
result = true;
}
return(Json(result, JsonRequestBehavior.AllowGet));
}
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
var dao = new UserCustomerDao();
if (dao.CheckUserName(model.UserName))
{
ModelState.AddModelError("", "UserName Exits!");
}
else if (dao.CheckUserEmail(model.Email))
{
ModelState.AddModelError("", "Email Exits!");
}
else
{
var user = new UserCustomer();
user.UserName = model.UserName;
user.Name = model.Name;
user.Password = Encryptor.MD5Hash(model.Password);
user.Phone = model.Phone;
user.Email = model.Email;
user.Address = model.Address;
//user.Birthday = model.Birthday;
user.CreateDate = DateTime.Now;
user.Status = true;
var result = dao.Insert(user);
if (result > 0)
{
ViewBag.Success = "Register success!";
model = new RegisterModel();
}
else
{
ModelState.AddModelError("", "Register fail!");
}
}
}
return(View(model));
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
UserCustomer ds = new UserCustomer();
UserCustomer aq = new UserCustomer();
aq = ds.getAllDataByName(TextBox1.Text);
int att = aq.Attempt;
if (att < 3)
{
Session["usernameLogin"] = Server.HtmlEncode(TextBox1.Text);
Response.Redirect("passwordlogin.aspx");
}
else
{
Labelatte.Text = "Account locked, you had 3 failed logon attempts";
}
}
}
protected void Button4_OnClick(object sender, EventArgs e)
{
string trer = Session["rngPhoneLPHHlUserReg"].ToString();
string get = TextBox2.Text.Trim();
if (trer.Equals(get))
{
UserCustomer us = new UserCustomer();
string usess = Session["nextPageUserReg"].ToString();
us.updateStatusphone(usess, "true");
Label4.Text = "Phone verified";
}
else
{
Label4.Text = "Incorrect otp";
}
}
public async Task <bool> AssignCustomers(string userId, IList <string> customerIds)
{
var user = await context.Users.Where(x => x.Id == userId).FirstOrDefaultAsync();
var gsUser = await context.UserInfos.Where(x => x.UserName == user.UserName).FirstOrDefaultAsync();
var currentCustIds = gsUser.UserCustomers.Select(x => x.CustomerId).ToList();
//TODO: filter the ids already assigned
foreach (string custId in customerIds.Where(x => !currentCustIds.Contains(x)))
{
var usercust = new UserCustomer();
usercust.CustomerId = custId;
usercust.UserId = gsUser.UserId;
gsUser.UserCustomers.Add(usercust);
await context.SaveChangesAsync();
}
return(true);
}
protected void Button100_Click(object sender, EventArgs e)
{
string username = (string)Session["usernameLogin"];
string md5hash = (string)Session["md5Store"];
UserCustomer cu = new UserCustomer();
cu = cu.getAllDataByName(username);
string salt = cu.Passwordsalt;
string firstNameCipher = cu.FirstName;
string lastNameCipher = cu.LastName;
string nricCipher = cu.Nric;
string phone = cu.PhoneNo;
byte[] salttoByte = Convert.FromBase64String(salt);
Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(md5hash, salttoByte);
RijndaelManaged cipher = new RijndaelManaged();
//set key and initialisation vec from rfc
cipher.Key = pdb.GetBytes(32);
cipher.IV = pdb.GetBytes(16);
ICryptoTransform decryptTransform = cipher.CreateDecryptor();
byte[] cipherphone = Convert.FromBase64String(phone);
byte[] plaintextPhone = decryptTransform.TransformFinalBlock(cipherphone, 0, cipherphone.Length);
string resultPhone = Encoding.UTF8.GetString(plaintextPhone);
//save current date and time at the point of request
DateTime timeofrequesttimeout = DateTime.Now.AddSeconds(30);
System.Diagnostics.Debug.WriteLine(timeofrequesttimeout);
Session["2faotptimeoutdatetimecheckthis"] = timeofrequesttimeout;
Random rnd = new Random();
string digit = rnd.Next(999999).ToString();
Session["rngPhoneL"] = digit;
System.Diagnostics.Debug.WriteLine(digit);
//uncomment this
string resPhone = "+65" + resultPhone;
Tzwilio g = new Tzwilio(resPhone, digit);
g.choasSms();
}
protected void Page_Load(object sender, EventArgs e)
{
string retrievemd5hash = TextBox6.Text;
string salt = TextBox5.Text;
System.Diagnostics.Debug.WriteLine("retrieved md5 val" + retrievemd5hash);
System.Diagnostics.Debug.WriteLine("salt value" + salt);
string serversidecombine = retrievemd5hash + salt;
System.Diagnostics.Debug.WriteLine("serverside combine" + serversidecombine);
SHA512Managed hashing = new SHA512Managed();
byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serversidecombine));
string finalHashval = Convert.ToBase64String(serverHashwithSaltHashed);
System.Diagnostics.Debug.WriteLine("serverside final hash val" + finalHashval);
//decr
byte[] Key;
byte[] IV;
System.Diagnostics.Debug.WriteLine("new te---------------------------------------------------------------");
RijndaelManaged cipher = new RijndaelManaged();
cipher.GenerateKey();
Key = cipher.Key;
IV = cipher.IV;
System.Diagnostics.Debug.Write("The guy key: ");
for (int i = 0; i < Key.Length; i++)
{
System.Diagnostics.Debug.Write(Key[i] + " ");
}
System.Diagnostics.Debug.Write("IV: ");
for (int i = 0; i < IV.Length; i++)
{
System.Diagnostics.Debug.Write(IV[i] + " ");
}
System.Diagnostics.Debug.WriteLine("The guy key: " + Key);
System.Diagnostics.Debug.WriteLine("IV: " + IV);
System.Diagnostics.Debug.WriteLine("Testing Retrieve Mtd ");
UserCustomer custTest = new UserCustomer();
custTest = custTest.getAllDataByName("123");
System.Diagnostics.Debug.WriteLine("username " + custTest.Username);
System.Diagnostics.Debug.WriteLine("hash " + custTest.Passwordhash);
System.Diagnostics.Debug.WriteLine("salt " + custTest.Passwordsalt);
System.Diagnostics.Debug.WriteLine("PhoneNo " + custTest.PhoneNo);
System.Diagnostics.Debug.WriteLine("Address " + custTest.Address);
System.Diagnostics.Debug.WriteLine("FirstName " + custTest.FirstName);
System.Diagnostics.Debug.WriteLine("LastName " + custTest.LastName);
System.Diagnostics.Debug.WriteLine("Email " + custTest.Email);
System.Diagnostics.Debug.WriteLine("Birthday " + custTest.Birthday);
System.Diagnostics.Debug.WriteLine("EmailVerified " + custTest.EmailVerified);
System.Diagnostics.Debug.WriteLine("PhoneVerified " + custTest.PhoneVerified);
System.Diagnostics.Debug.WriteLine("Nric " + custTest.Nric);
}
public long Insert(UserCustomer entity)
{
db.UserCustomers.Add(entity);
db.SaveChanges();
return(entity.ID);
}
protected void Button1_Click1(object sender, EventArgs e)
{
if (Page.IsValid)
{
System.Diagnostics.Debug.WriteLine("testing");
// Response.Redirect("errorxss.aspx", false);
//captcha start :)
var encodedResponse = Request.Form["g-Recaptcha-Response"];
System.Diagnostics.Debug.WriteLine(encodedResponse);
var isCaptchaValid = ReCaptcha.Validate(encodedResponse);
System.Diagnostics.Debug.WriteLine(isCaptchaValid);
//done at the customvalidator side
if (!isCaptchaValid)
{
System.Diagnostics.Debug.WriteLine("Captcha failure");
// E.g. Return to view or set an error message to visible
}
//captcha end :(
//String a = TextBox1.Text;
//String c = Text1.Value.ToString();
//System.Diagnostics.Debug.WriteLine("testing 1 " + a);
//System.Diagnostics.Debug.WriteLine("testing 1 " + c);
System.Diagnostics.Debug.WriteLine("testing");
System.Diagnostics.Debug.WriteLine("Password is: " + TextBox1.Text);
System.Diagnostics.Debug.WriteLine("Salt value: " + HiddenFieldForSalt.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from first name: " + HiddenFieldFirstNameEncrypted.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from last name: " + HiddenFieldLastNameEncrypted.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from address: " + HiddenFieldAddressEncrypted.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from birthday: " + HiddenFieldBirthdayEncrypted.Value);
System.Diagnostics.Debug.WriteLine("Cipher received from nric: " + HiddenFieldNricEncrypted.Value);
string uUsername = Server.HtmlEncode(Username.Text);
string uPasswordhash = TextBox1.Text;
string uPasswordSalt = HiddenFieldForSalt.Value;
string uFirstName = HiddenFieldFirstNameEncrypted.Value;
string uLastName = HiddenFieldLastNameEncrypted.Value;
string uPhoneNo = Server.HtmlEncode(phoneNumberInput.Text);
string uAddress = HiddenFieldAddressEncrypted.Value;
string uEmail = Server.HtmlEncode(emailInput.Text);
string uBirthday = HiddenFieldBirthdayEncrypted.Value;
string uemailverified = "false";
string uphoneVerified = "false";
string uNric = HiddenFieldNricEncrypted.Value;
//hash on server side
SHA512Managed hashing = new SHA512Managed();
string finalHashval;
string serverhashwithSaltText = uPasswordhash + uPasswordSalt;
System.Diagnostics.Debug.WriteLine("combining salt" + serverhashwithSaltText);
byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serverhashwithSaltText));
System.Diagnostics.Debug.WriteLine("Server hashed value before convert" + serverHashwithSaltHashed);
finalHashval = Convert.ToBase64String(serverHashwithSaltHashed);
System.Diagnostics.Debug.WriteLine("Server hashed value " + finalHashval);
// System.Diagnostics.Debug.WriteLine("DEBUGGING__???");
//
// string teststring = "hello";
//
// byte[] encodedteststring = hashing.ComputeHash(Encoding.UTF8.GetBytes(teststring));
//
// string resultingtest = Convert.ToBase64String(encodedteststring);
//
// System.Diagnostics.Debug.WriteLine("test hash val " + resultingtest);
//todo look into this for rfc2928 for key derivation
byte[] salttoByte = Convert.FromBase64String(uPasswordSalt);
System.Diagnostics.Debug.WriteLine(" ");
System.Diagnostics.Debug.Write("Salt in byte array: ");
for (int i = 0; i < salttoByte.Length; i++)
{
System.Diagnostics.Debug.Write(salttoByte[i]);
}
//metd for encrypot
string encryptedPhone = encryptData(uPhoneNo, uPasswordhash, salttoByte);
string enryptedAddress = encryptData(uAddress, uPasswordhash, salttoByte);
string encryptedFirstName = encryptData(uFirstName, uPasswordhash, salttoByte);
string encryptedLastName = encryptData(uLastName, uPasswordhash, salttoByte);
string encryptedEmail = encryptData(uEmail, uPasswordhash, salttoByte);
string encryptedBirthday = encryptData(uBirthday, uPasswordhash, salttoByte);
string encryptedNric = encryptData(uNric, uPasswordhash, salttoByte);
Session["nextPageUserRegEMail"] = uEmail;
Session["nextPageUserRegPhone"] = uPhoneNo;
Session["nextPageUserReg"] = uUsername;
UserCustomer newuser = new UserCustomer(uUsername, finalHashval, uPasswordSalt, encryptedPhone, enryptedAddress, encryptedFirstName, encryptedLastName, encryptedEmail, encryptedBirthday, uemailverified, uphoneVerified, encryptedNric, HiddenFieldForsavingHashOfForget.Value.Trim());
newuser.CustomerInsert();
Fund fd = new Fund(uUsername, 0.0);
fd.FundInsertNewUserOnly();
Response.Redirect("userRegisterInputConf.aspx");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
UserCustomer cs = new UserCustomer();
string saltFrodb = cs.getAllDataByName(Session["forgetPassTosaveusername"].ToString()).Passwordsalt;
byte[] saltpls = Convert.FromBase64String(saltFrodb);
//pass from form
string passfromform = Session["md5hashforforgetpassplsthx"].ToString();
//hash on server side
SHA512Managed hashing = new SHA512Managed();
string finalHashval;
string serverhashwithSaltText = passfromform + saltFrodb;
System.Diagnostics.Debug.WriteLine("combining salt" + serverhashwithSaltText);
byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serverhashwithSaltText));
System.Diagnostics.Debug.WriteLine("Server hashed value before convert" + serverHashwithSaltHashed);
finalHashval = Convert.ToBase64String(serverHashwithSaltHashed);
System.Diagnostics.Debug.WriteLine("Server hashed value " + finalHashval);
//get
string encryptedfirstname = HiddenFieldFirstNameEncrypted.Value;
string encryptedlastname = HiddenFieldLastNameEncrypted.Value;
string encrypaddress = HiddenFieldAddressEncrypted.Value;
System.Diagnostics.Debug.WriteLine("dasdsa" + encryptedfirstname);
System.Diagnostics.Debug.WriteLine(encryptedlastname);
System.Diagnostics.Debug.WriteLine(encrypaddress);
string passhashfromform = Session["md5hashforforgetpassplsthx"].ToString();
string savetofirstname = encryptData(encryptedfirstname, passhashfromform, saltpls);
string savetolastanme = encryptData(encryptedlastname, passhashfromform, saltpls);
string savetoaddress = encryptData(encrypaddress, passhashfromform, saltpls);
string encryptednric = Session["encryptedforforgetpassthxnric"].ToString();
string encryptedbirthday = Session["encryptedforforgetpassthxbirthday"].ToString();
string encryotedphone = Session["encryptedforforgetpassthxphone"].ToString();
string encryptedemail = Session["encryptedforforgetpassthxemail"].ToString();
string usernamm = Session["forgetPassTosaveusername"].ToString();
UserCustomer asc = new UserCustomer();
asc.updateforForgetpass(usernamm, finalHashval, encryotedphone, savetoaddress, savetofirstname, savetolastanme, encryptedemail, encryptedbirthday, encryptednric);
asc.updateuserattempts(usernamm, 0);
Response.Redirect("successForgetPass.aspx");
}
