protected void RadButtonSave_Click(object sender, EventArgs e)
{
//Save all the user details
if (UserID > 0)
{
#region "Update the user"
try
{
string strPasswordHashed = string.Empty;
string strMenuIDs = string.Empty;
string strResult = string.Empty;
string strUserFullName = string.Empty;
string strEmailUsername = string.Empty;
string strEmailPassword = string.Empty;
string strTelephone = string.Empty;
string strBenifits = string.Empty;
PricingUser _User = new PricingUser();
if (panl_Changepassword.Visible == true)
{
_User = UserPassswordCheck(RadTextBoxUsername.Text.Trim(), RadTextBoxCurrentPassword.Text.Trim());
if (_User.Result == "Success")
{
if (RadTextBoxNewPassword.Text.Trim() == RadTextBoxConfirmPassword.Text.Trim())
{
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
strPasswordHashed = ComputeHash(RadTextBoxNewPassword.Text.Trim(), "SHA512", null);
strUserFullName = RadTextBoxUserFullname.Text.Trim();
strEmailUsername = RadTxtEmailUsername.Text.Trim();
//strEmailPassword = RadTxtEmailPassword.Text.Trim();
strEmailPassword = Encrypt(RadTxtEmailPassword.Text.Trim(), mySalt);
strTelephone = RadTxtTelephone.Text.Trim();
if (strEmailPassword == "")
strEmailPassword = HiddenFieldEmailPwd.Value.ToString();
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_UPDATE_UserOwnDetails";
sqlParam = new SqlParameter("UserID", UserID);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Username", RadTextBoxUsername.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Password", strPasswordHashed);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("UserFullName", strUserFullName);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailUsername", strEmailUsername);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailPassword", strEmailPassword);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Telephone", strTelephone);
sqlCommandX.Parameters.Add(sqlParam);
sqlCommandX.ExecuteNonQuery();
//Close the window
//ScriptManager.RegisterStartupScript(Page, Page.GetType(), "mykey", "CloseAndRebind();", true);
lblInfo.Text = "Save was successful";
Image1.Visible = true;
}
else
{
lblInfo.Text = "The new password does not match the confirmation password";
}
}
else
{
lblInfo.Text = "The current password you entered is not correct";
}
}
else
{
//Update the userwithout changing the password
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
strPasswordHashed = ComputeHash(RadTextBoxNewPassword.Text.Trim(), "SHA512", null);
strUserFullName = RadTextBoxUserFullname.Text.Trim();
strEmailUsername = RadTxtEmailUsername.Text.Trim();
//strEmailPassword = RadTxtEmailPassword.Text.Trim();
strEmailPassword = Encrypt(RadTxtEmailPassword.Text.Trim(), mySalt);
//string decryptedstring = Decrypt(encryptedstring, mySalt);
strTelephone = RadTxtTelephone.Text.Trim();
if (strEmailPassword == "")
strEmailPassword = HiddenFieldEmailPwd.Value.ToString();
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_UPDATE_UserOwnDetails";
sqlParam = new SqlParameter("UserID", UserID);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Username", RadTextBoxUsername.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Password", "");
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("UserFullName", strUserFullName);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailUsername", strEmailUsername);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailPassword", strEmailPassword);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Telephone", strTelephone);
sqlCommandX.Parameters.Add(sqlParam);
sqlCommandX.ExecuteNonQuery();
//Close the window
//ScriptManager.RegisterStartupScript(Page, Page.GetType(), "mykey", "CloseAndRebind();", true);
lblInfo.Text = "Save was successful";
Image1.Visible = true;
}
}
catch (Exception ex)
{
lblInfo.Text = ex.Message;
}
finally
{
sqlConnectionX.Close();
}
#endregion
}
}
private PricingUser UserPassswordCheck(string Username, string password)
{
PricingUser DBUser = new PricingUser();
try
{
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_Pricing_UserAuth";
sqlParam = new SqlParameter("UserName", Username);
sqlCommandX.Parameters.Add(sqlParam);
sqlDR = sqlCommandX.ExecuteReader();
while (sqlDR.Read())
{
DBUser.UserID = sqlDR.GetInt32(0);
DBUser.Username = sqlDR.GetString(1);
DBUser.Password = sqlDR.GetString(2);
}
sqlDR.Close();
sqlCommandX.Cancel();
sqlCommandX.Dispose();
//Check the password is correct
bool flag = VerifyHash(password, "SHA512", DBUser.Password);
if (flag != true)
{
if (DBUser.Result != null)
{
DBUser.Result += "incorrect";
}
else
{
DBUser.Result = "incorrect";
}
}
else
{
DBUser.Result = "Success";
DBUser.Password = "";
}
}
catch (Exception)
{
//mySubscriber.ResultMessage = ex.Message;
}
finally
{
sqlDR.Close();
sqlDR.Dispose();
sqlConnectionX.Close();
}
return DBUser;
}
protected void RadButtonSave_Click(object sender, EventArgs e)
{
//Save all the user details
if (UserID > 0)
{
#region "Update the user"
try
{
string strPasswordHashed = string.Empty;
string strMenuIDs = string.Empty;
string strResult = string.Empty;
string strUserFullName = string.Empty;
string strEmailUsername = string.Empty;
string strEmailPassword = string.Empty;
string strTelephone = string.Empty;
string strBenifits = string.Empty;
bool blnEMLoading = false;
bool blnResetPassword = false;
PricingUser _User = new PricingUser();
if (panl_Changepassword.Visible == true)
{
if (CheckBoxRestPassword.Checked == true)
{
blnResetPassword = true;
}
if (blnResetPassword == false)
{
_User = UserPassswordCheck(RadTextBoxUsername.Text.Trim(), RadTextBoxCurrentPassword.Text.Trim());
}
else
{
_User.Result = "Success";
}
if (_User.Result == "Success")
{
if (blnResetPassword == false)
{
if (RadTextBoxNewPassword.Text.Trim() != RadTextBoxConfirmPassword.Text.Trim())
{
lblInfo.Text = "The new password does not match the confirmation password";
}
}
else
{
if (RadTextBoxNewPasswordReset.Text.Trim() != RadTextBoxConfirmPasswordReset.Text.Trim())
{
lblInfo.Text = "The new password does not match the confirmation password";
}
}
if (lblInfo.Text == "")
{
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
#region "Menus"
List<string> userMenuList = new List<string>();
foreach (RadTreeNode node in RadTreeViewUserMenus.GetAllNodes())
{
if (node.Checked == true)
{
if (node.ParentNode != null)
{
if (userMenuList.Contains(node.ParentNode.Value) == false)
{
userMenuList.Add(node.ParentNode.Value.ToString());
}
}
userMenuList.Add(node.Value.ToString());
}
}
#endregion
strMenuIDs = string.Join<string>(",", userMenuList);
if (blnResetPassword == false)
{
strPasswordHashed = ComputeHash(RadTextBoxNewPassword.Text.Trim(), "SHA512", null);
//strPasswordHashed = ComputeHash(RadTextBoxPassword.Text.Trim(), "SHA512", null);
}
else
{
strPasswordHashed = ComputeHash(RadTextBoxNewPasswordReset.Text.Trim(), "SHA512", null);
}
strUserFullName = RadTextBoxUserFullname.Text.Trim();
strEmailUsername = RadTxtEmailUsername.Text.Trim();
//strEmailPassword = RadTxtEmailPassword.Text.Trim();
strEmailPassword = Encrypt(RadTxtEmailPassword.Text.Trim(), mySalt);
strTelephone = RadTxtTelephone.Text.Trim();
if (RadBtnChkFDB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "FDB";
else
strBenifits += ",FDB";
}
if (RadBtnChkADB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "ADB";
else
strBenifits += ",ADB";
}
if (RadBtnChkADCB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "ACDB";
else
strBenifits += ",ACDB";
}
if (RadBtnChkEMLoading.Checked == true)
{
blnEMLoading = true;
}
else
{
blnEMLoading = false;
}
if (strEmailPassword == "")
strEmailPassword = HiddenFieldEmailPwd.Value.ToString();
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_UPDATE_User";
sqlParam = new SqlParameter("UserID", UserID);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Username", RadTextBoxUsername.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Password", strPasswordHashed);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("MenuIDs", strMenuIDs);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("UserFullName", strUserFullName);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailUsername", strEmailUsername);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailPassword", strEmailPassword);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Telephone", strTelephone);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Benifits", strBenifits);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EMLoading", blnEMLoading);
sqlCommandX.Parameters.Add(sqlParam);
sqlCommandX.ExecuteNonQuery();
sqlConnectionX.Close();
//Close the window
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "mykey", "CloseAndRebind();", true);
}
}
else
{
lblInfo.Text = "The current password you entered is not correct";
}
}
else
{
//Update the userwithout changing the password
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
#region "Menus"
List<string> userMenuList = new List<string>();
foreach (RadTreeNode node in RadTreeViewUserMenus.GetAllNodes())
{
if (node.Checked == true)
{
if (node.ParentNode != null)
{
if (userMenuList.Contains(node.ParentNode.Value) == false)
{
userMenuList.Add(node.ParentNode.Value.ToString());
}
}
userMenuList.Add(node.Value.ToString());
}
}
#endregion
strMenuIDs = string.Join<string>(",", userMenuList);
strPasswordHashed = ComputeHash(RadTextBoxNewPassword.Text.Trim(), "SHA512", null);
//strPasswordHashed = ComputeHash(RadTextBoxPassword.Text.Trim(), "SHA512", null);
strUserFullName = RadTextBoxUserFullname.Text.Trim();
strEmailUsername = RadTxtEmailUsername.Text.Trim();
//strEmailPassword = RadTxtEmailPassword.Text.Trim();
strEmailPassword = Encrypt(RadTxtEmailPassword.Text.Trim(), mySalt);
//string decryptedstring = Decrypt(encryptedstring, mySalt);
strTelephone = RadTxtTelephone.Text.Trim();
if (RadBtnChkFDB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "FDB";
else
strBenifits += ",FDB";
}
if (RadBtnChkADB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "ADB";
else
strBenifits += ",ADB";
}
if (RadBtnChkADCB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "ACDB";
else
strBenifits += ",ACDB";
}
if (RadBtnChkEMLoading.Checked == true)
{
blnEMLoading = true;
}
else
{
blnEMLoading = false;
}
if (strEmailPassword == "")
strEmailPassword = HiddenFieldEmailPwd.Value.ToString();
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_UPDATE_User";
sqlParam = new SqlParameter("UserID", UserID);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Username", RadTextBoxUsername.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Password", "");
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("MenuIDs", strMenuIDs);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("UserFullName", strUserFullName);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailUsername", strEmailUsername);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailPassword", strEmailPassword);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Telephone", strTelephone);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Benifits", strBenifits);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EMLoading", blnEMLoading);
sqlCommandX.Parameters.Add(sqlParam);
sqlCommandX.ExecuteNonQuery();
sqlConnectionX.Close();
//Close the window
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "mykey", "CloseAndRebind();", true);
}
}
catch (Exception ex)
{
lblInfo.Text = ex.Message;
}
finally
{
}
#endregion
}
else
{
#region "create the new user"
try
{
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
string strPasswordHashed = string.Empty;
string strMenuIDs = string.Empty;
string strUserFullName = string.Empty;
string strEmailUsername = string.Empty;
string strEmailPassword = string.Empty;
string strTelephone = string.Empty;
string strBenifits = string.Empty;
bool blnEMLoading = false;
bool blnResetPassword = false;
string strResult = string.Empty;
#region "Menus"
List<string> userMenuList = new List<string>();
foreach (RadTreeNode node in RadTreeViewUserMenus.GetAllNodes())
{
if (node.Checked == true)
{
if (node.ParentNode != null)
{
if (userMenuList.Contains(node.ParentNode.Value) == false)
{
userMenuList.Add(node.ParentNode.Value.ToString());
}
}
userMenuList.Add(node.Value.ToString());
}
}
#endregion
strMenuIDs = string.Join<string>(",", userMenuList);
strPasswordHashed = ComputeHash(RadTextBoxPassword.Text.Trim(), "SHA512", null);
strUserFullName = RadTextBoxUserFullname.Text.Trim();
strEmailUsername = RadTxtEmailUsername.Text.Trim();
//strEmailPassword = RadTxtEmailPassword.Text.Trim();
strEmailPassword = Encrypt(RadTxtEmailPassword.Text.Trim(), mySalt);
//string decryptedstring = Decrypt(encryptedstring, mySalt);
strTelephone = RadTxtTelephone.Text.Trim();
if (RadBtnChkFDB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "FDB";
else
strBenifits += ",FDB";
}
if (RadBtnChkADB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "ADB";
else
strBenifits += ",ADB";
}
if (RadBtnChkADCB.Checked == true)
{
if (strBenifits.Length == 0)
strBenifits = "ACDB";
else
strBenifits += ",ACDB";
}
if (RadBtnChkEMLoading.Checked == true)
{
blnEMLoading = true;
}
else
{
blnEMLoading = false;
}
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_INSERT_User";
sqlParam = new SqlParameter("Username", RadTextBoxUsername.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Password", strPasswordHashed);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("MenuIDs", strMenuIDs);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("UserFullName", strUserFullName);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailUsername", strEmailUsername);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EmailPassword", strEmailPassword);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Telephone", strTelephone);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Benifits", strBenifits);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("EMLoading", blnEMLoading);
sqlCommandX.Parameters.Add(sqlParam);
SqlDataReader dr = sqlCommandX.ExecuteReader();
while (dr.Read())
{
strResult = dr.GetString(0);
}
if (strResult == "Ok")
{
//Close the window
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "mykey", "CloseAndRebind();", true);
}
else
{
lblInfo.Text = strResult;
}
}
catch (Exception ex)
{
lblInfo.Text = ex.Message;
}
finally
{
sqlConnectionX.Close();
}
#endregion
}
}