public ActionResult Login(Models.User user)
{
string domainName = string.Empty;
string adPath = string.Empty;
string strError = string.Empty;
var UsersLog = new List <Models.DataModel.ModelUsersLog>();
domainName = ConfigurationManager.AppSettings["DirectoryDomain"];
adPath = ConfigurationManager.AppSettings["DirectoryPath"];
if (!String.IsNullOrEmpty(domainName) && !String.IsNullOrEmpty(adPath))
{
if (user.Isvalid(user.Username, user.Password, domainName, adPath))
{
if (user.IsExpired(user.Username))
{
return(RedirectToAction("ResetPassword", new { id = user.Username, isExpired = true }));
}
FormsAuthentication.SetAuthCookie(user.Username, user.RememberMe);
string browser = Request.Browser.Id;
#region Insert Log
string ip = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (string.IsNullOrEmpty(ip))
{
ip = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
//add log to USERS_AUTH_LOG
var dal = new DAL.DAL();
string empty = "''";
string insertLog = "'" + user.Username + "',Sysdate,'" + this.Session.SessionID + "','" + ip + "','" + Request.Browser.Id + "'," + empty;
string strCommand = "INSERT into USERS_AUTH_LOG (EMPLOYEE_ID,DATE_LOGIN,SESSION_ID,IPADDRESS,BROWSER,LOG_STATUS) VALUES (" + insertLog + ")";
var con = dal.GetConnection();
con.Open();
dal.GetCommand(strCommand, con).ExecuteNonQuery();
con.Close();
con.Dispose();
#endregion
//return RedirectToAction("Index", "Dashboard");
return(RedirectToAction("MenuWeb", "Home"));
//return RedirectToAction("ResetPassword", "User");
}
else
{
ModelState.AddModelError("", "Login data is incorrect!");
}
return(View(user));
}
return(RedirectToAction("Login", "User"));
}//Login
public ActionResult DeleteUser(string Id)
{
if (Id != "")
{
var dal = new DAL.DAL();
string username = User.Identity.Name;
string strCommand = "DELETE FROM USERS_AUTH WHERE EMPLOYEE_ID ='" + Id.Trim() + "'";
var con = dal.GetConnection();
con.Open();
dal.GetCommand(strCommand, con).ExecuteNonQuery();
con.Close();
con.Dispose();
}
return(RedirectToAction("UserManagement"));
}
public ActionResult EditUser(string txtEmployeeIDEdit, string seRoleEdit, string txtMailEdit)
{ //string textEdit = "แก้ไข้อมูลเรียบร้อย";
int roleInt = Convert.ToInt32(seRoleEdit);
if (txtMailEdit != "")
{
var dal = new DAL.DAL();
string username = User.Identity.Name;
string strCommand = "UPDATE USERS_AUTH SET ROLE_ID ='" + roleInt + "',EMAIL='" + txtMailEdit + "',UPDATE_DATE=Sysdate,UPDATE_BY='" + username + "' WHERE EMPLOYEE_ID='" + txtEmployeeIDEdit + "'";
var con = dal.GetConnection();
con.Open();
dal.GetCommand(strCommand, con).ExecuteNonQuery();
con.Close();
con.Dispose();
}
//else { textEdit = "โปรดกรอกข้อมูลให้ครบถ้วน"; }
//ViewBag.textAlert = textEdit;
//TempData["message"] = textEdit;
return(Redirect("UserManagement"));
}
public ActionResult CreateUser(string txtEMPID, string txtFNC, string txtLNC, string PWC, string IsADCreate, string txtMailCreate, int selectRoleCreate)
{
var dal = new DAL.DAL();
string LabelText = "เพิ่มข้อมูลเรียบร้อย";
string txtIsADCreate = IsADCreate;
int group = 0;
string password = "";
string username = User.Identity.Name;
if (txtEMPID != "" && txtFNC != "" && txtLNC != "")
{
var expire = @"select * from VIEW_AUTH_STATUS
where EMPLOYEE_ID ='" + txtEMPID + "'";
var ds = dal.GetDataSet(expire);
if (ds.Tables[0].Rows.Count > 0)
{
LabelText = "มีชื่อผู้ใช้ในระบบแล้ว";
}
else
{
if (txtIsADCreate == "0")
{
if (PWC != "")
{
group = 2;
byte[] results;
string encryptedPassword;
// string decryptedPassword;
UTF8Encoding utf8 = new UTF8Encoding();
//to create the object for UTF8Encoding class
//TO create the object for MD5CryptoServiceProvider
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
byte[] deskey = md5.ComputeHash(utf8.GetBytes(PWC));
//to convert to binary passkey
//TO create the object for TripleDESCryptoServiceProvider
TripleDESCryptoServiceProvider desalg = new TripleDESCryptoServiceProvider();
desalg.Key = deskey;//to pass encode key
desalg.Mode = CipherMode.ECB;
desalg.Padding = PaddingMode.PKCS7;
byte[] encrypt_data = utf8.GetBytes(PWC);
//to convert the string to utf encoding binary
try
{
//To transform the utf binary code to md5 encrypt
ICryptoTransform encryptor = desalg.CreateEncryptor();
results = encryptor.TransformFinalBlock(encrypt_data, 0, encrypt_data.Length);
encryptedPassword = Convert.ToBase64String(results);
password = encryptedPassword;
}
finally
{
//to clear the allocated memory
desalg.Clear();
md5.Clear();
}
}
else
{
LabelText = "กรุณากรอก Password";
}
}
else
{
password = "";
group = 1;
}
string insertLog = "'" + txtEMPID.Trim() + "','" + txtFNC + "','" + txtLNC + "','" + IsADCreate + "','" + txtMailCreate + "','" + password + "','" + selectRoleCreate + "',Sysdate,'" + group + "','" + username + "'";
string strCommand = "INSERT into USERS_AUTH (EMPLOYEE_ID,FIRSTNAME,LASTNAME,IS_AD,EMAIL,PASSWORD,ROLE_ID,CREATE_DATE,GROUP_ID,CREATE_BY) VALUES (" + insertLog + ")";
var con = dal.GetConnection();
con.Open();
dal.GetCommand(strCommand, con).ExecuteNonQuery();
con.Close();
con.Dispose();
// return Content(LabelText, Redirect("UserManagement"));
// return RedirectToAction("UserManagement");
}
}
else
{
LabelText = "กรุณากรอกข้อมูลให้ครบถ้วน";
}
return(Content(LabelText));
}