protected void gvAssignedQuestionnaire_DataBinding(object sender, EventArgs e)
 {
     try
     {
         DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
         DBAgent.AddParameter("@ParamPatientID", Session["CurrentPatientID"]);
         string data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientQuestionnaireList");
         if (!String.IsNullOrEmpty(data))
         {
             DataSet ds = CommonHelpers.GetDataSetFromXml(data);
             if (ds.Tables.Count > 0)
             {
                 gvAssignedQuestionnaire.DataSource = ds.Tables[0];
             }
             else
             {
             }
             GetQuestionnaireList();
         }
     }
     catch (Exception ex)
     {
         CommonHelpers.writeLogToFile("gvAssignedQuestionnaire_DataBinding: PatientList.aspx", ex.Message);
     }
 }
 protected void PatientDetailsPanel_Callback(object sender, CallbackEventArgsBase e)
 {
     try
     {
         gvAssignedQuestionnaire.Enabled = true;
         DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
         DBAgent.AddParameter("@ParamPatientID", e.Parameter);
         string data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientDetails");
         if (!String.IsNullOrEmpty(data))
         {
             DataSet ds = CommonHelpers.GetDataSetFromXml(data);
             if (ds.Tables.Count > 0)
             {
                 txtPatientAccount.Text      = ds.Tables[0].Rows[0]["PatientAccountNumber"].ToString();
                 txtPatientName.Text         = ds.Tables[0].Rows[0]["PatientFullName"].ToString();
                 Session["CurrentPatientID"] = e.Parameter;
                 gvAssignedQuestionnaire.DataBind();
                 gvQuestionnaireHistory.DataBind();
             }
         }
     }
     catch (Exception ex)
     {
         CommonHelpers.writeLogToFile("PatientDetailsPanel_Callback: PatientList.aspx", ex.Message);
     }
 }
Example #3
0
        protected void AnswersGridView_Init(object sender, EventArgs e)
        {
            ASPxGridView childGrid = sender as ASPxGridView;
            object       key       = childGrid.GetMasterRowKeyValue();

            DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
            DBAgent.AddParameter("@ParamQID", key);
            string  data = DBAgent.ExecuteStoredProcedure("dbo.spGetQuestionDetails");
            DataSet ds   = CommonHelpers.GetDataSetFromXml(data);

            if (ds.Tables.Count > 0)
            {
                childGrid.DataSource = ds.Tables[0];
            }
        }
Example #4
0
 protected void UserGridView_DataBinding(object sender, EventArgs e)
 {
     try
     {
         DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
         string  data = DBAgent.ExecuteStoredProcedure("dbo.spGetAllUsers");
         DataSet ds   = CommonHelpers.GetDataSetFromXml(data);
         if (ds.Tables.Count > 0)
         {
             UserGridView.DataSource = ds.Tables[0];
         }
     }
     catch (Exception ex)
     {
         CommonHelpers.writeLogToFile("UserGridView_DataBinding: UserManagement.aspx", ex.Message);
     }
 }
 protected void QuestionsGridView_DataBinding(object sender, EventArgs e)
 {
     try
     {
         DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
         DBAgent.AddParameter("@ParamQuestionnaireID", cmbQuestionnaireList.SelectedItem.Value);
         string  data = DBAgent.ExecuteStoredProcedure("dbo.spGetAllQuestionsForQuestionnaire");
         DataSet ds   = CommonHelpers.GetDataSetFromXml(data);
         if (ds.Tables.Count > 0)
         {
             QuestionsGridView.DataSource = ds.Tables[0];
         }
     }
     catch (Exception ex)
     {
         CommonHelpers.writeLogToFile("QuestionsGridView_DataBinding: EditQuestionnaire.aspx", ex.Message);
     }
 }
 private void LoadQuestionnaireList()
 {
     try
     {
         DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
         string  data = DBAgent.ExecuteStoredProcedure("dbo.spGetQuestionnaierList");
         DataSet ds   = CommonHelpers.GetDataSetFromXml(data);
         if (ds.Tables.Count > 0)
         {
             cmbQuestionnaireList.DataSource = ds.Tables[0];
             cmbQuestionnaireList.TextField  = "QuestionnaireName";
             cmbQuestionnaireList.ValueField = "QuestionnaireID";
             cmbQuestionnaireList.DataBind();
         }
     }
     catch (Exception ex)
     {
         CommonHelpers.writeLogToFile("LoadQuestionList: EditQuestionnaire.aspx", ex.Message);
     }
 }
 private void GetPhysicianList()
 {
     try
     {
         DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
         DBAgent.ClearParams();
         DBAgent.AddParameter("@ParamShowDeleted", 1);
         string data = DBAgent.ExecuteStoredProcedure("dbo.spGetallPhysicians");
         if (!String.IsNullOrEmpty(data))
         {
             DataSet ds = CommonHelpers.GetDataSetFromXml(data);
             if (ds.Tables.Count > 0)
             {
                 Session["PhysicianDS"] = ds.Tables[0];
             }
         }
     }
     catch (Exception ex)
     {
         CommonHelpers.writeLogToFile("GetPhysicianList: PatientList.aspx", ex.Message);
     }
 }
Example #8
0
        public PatientListResponse PostPatientList([FromBody] PatientListRequest request)
        {
            PatientListResponse response = new PatientListResponse();

            try
            {
                if (CommonHelpers.ValidateRequest(request.UserToken))
                {
                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.ClearParams();
                    if (!String.IsNullOrEmpty(request.AccountNumber))
                    {
                        DBAgent.AddParameter("@ParamAccountNumber", request.AccountNumber);
                    }
                    string data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientListByAccount");
                    if (data.Length > 0)
                    {
                        DataSet ds = CommonHelpers.GetDataSetFromXml(data);
                        if (ds.Tables.Count > 0)
                        {
                            DataTable dTable = ds.Tables[0];
                            //response.PatientListDataTable = dTable;

                            ArrayList             PatientList        = new ArrayList();
                            List <PatientDetails> PatientDetailsList = new List <PatientDetails>();
                            foreach (DataRow dr in dTable.Rows)
                            {
                                string PatientNameRow = String.Format("{0}, {1} ({2} - {3})", dr["PatientLastName"], dr["PatientFirstName"], dr["PatientAccountNumber"], dr["PatientDOB"]);
                                PatientList.Add(String.Format("{0}, {1} ({2} - {3})", dr["PatientLastName"], dr["PatientFirstName"], dr["PatientAccountNumber"], dr["PatientDOB"]));
                                PatientDetailsList.Add(new PatientDetails(PatientNameRow, dr["PatientID"].ToString()));
                            }

                            response.PatientList        = PatientList;
                            response.PatientDetailsList = PatientDetailsList;
                        }
                        else
                        {
                            response.ErrorMessage = "No Data";
                        }
                    }
                    else
                    {
                        response.ErrorMessage = "No Data";
                    }
                }
                else
                {
                    response.ErrorMessage = "Invalid Request";

                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.ClearParams();
                    DBAgent.AddParameter("@ParamRefID", request.LoginID);
                    DBAgent.AddParameter("@ParamRefType", "Users");
                    DBAgent.AddParameter("@ParamAction", "IR");
                    DBAgent.AddParameter("@ParamComment", "Invalid Requestv from Mobile App - PatientListController - " + request.UserToken);
                    DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                }
            }
            catch (Exception ex)
            {
                response.ErrorMessage = ex.Message;
                CommonHelpers.writeLogToFile("API: PostPatientList - PatientListController.cs", ex.Message + Environment.NewLine + ex.StackTrace);
            }
            return(response);
        }
Example #9
0
        public IHttpActionResult PostQuestionnaireQuestions([FromBody] QuestionnaireQuestionsRequest request)
        {
            QuestionaireQuestionResponse response = new QuestionaireQuestionResponse();

            try
            {
                if (CommonHelpers.ValidateRequest(request.UserToken))
                {
                    List <QuestionDetail> QuestionAnswerList = new List <QuestionDetail>();
                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.ClearParams();
                    DBAgent.AddParameter("@ParamQuestionnaireID", request.QuestionnaireID);
                    DBAgent.AddParameter("@ParamPQID", request.PQID);
                    string data = DBAgent.ExecuteStoredProcedure("dbo.spGetAllQuestionAnswersForQuestionnaire");
                    if (data.Length > 0)
                    {
                        DataSet ds = CommonHelpers.GetDataSetFromXml(data);
                        if (ds.Tables.Count > 0)
                        {
                            int            CurrentQuestionID = 0;
                            QuestionDetail qd = null;

                            foreach (DataRow dr in ds.Tables[0].Rows)
                            {
                                if (CurrentQuestionID != int.Parse(dr["QuestionID"].ToString()))
                                {
                                    if (qd != null)
                                    {
                                        //Save Previous Question
                                        QuestionAnswerList.Add(qd);
                                    }

                                    //New Question
                                    qd = new QuestionDetail();
                                    qd.QuestionText   = dr["QuestionText"].ToString();
                                    qd.QuestionID     = dr["QuestionID"].ToString();
                                    CurrentQuestionID = int.Parse(dr["QuestionID"].ToString());
                                }

                                AnswerDetail ans = new AnswerDetail();
                                ans.AnswerID       = dr["AnswerID"].ToString();
                                ans.AnswerText     = dr["AnswerText"].ToString();
                                ans.SelectedAnswer = bool.Parse(dr["SelectedAnswer"].ToString());
                                ans.AnswerPoints   = int.Parse(dr["AnswerPoints"].ToString());
                                qd.QuestionAnswers.Add(ans);
                            }

                            QuestionAnswerList.Add(qd); //Adding last Question

                            response.QuestionAnswerList = QuestionAnswerList;
                        }
                    }
                    else
                    {
                        response.ErrorMessage = "No Data";
                    }
                }
                else
                {
                    response.ErrorMessage = "Invalid Request";

                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.ClearParams();
                    DBAgent.AddParameter("@ParamRefID", request.PQID);
                    DBAgent.AddParameter("@ParamRefType", "PQID");
                    DBAgent.AddParameter("@ParamAction", "IR");
                    DBAgent.AddParameter("@ParamComment", "Invalid Request from Mobile App - QuestionnaireQuestionsController - " + request.UserToken);
                    DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                }
            }
            catch (Exception ex)
            {
                response.ErrorMessage = ex.Message;
                CommonHelpers.writeLogToFile("API: PostQuestionnaireQuestions - QuestionnaireQuestionsController.cs", ex.Message + Environment.NewLine + ex.StackTrace);
            }


            return(Ok(response));
        }
        public IHttpActionResult PostPatientVerificaiton([FromBody] PatientVerifiactionRequest request)
        {
            PatientVerificationResponse response = new PatientVerificationResponse();

            try
            {
                if (CommonHelpers.ValidateRequest(request.UserToken))
                {
                    if (!request.LogVerificaiton)
                    {
                        DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                        DBAgent.ClearParams();
                        DBAgent.AddParameter("@ParamPatientID", request.PatientID);
                        string data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientDetails");
                        if (data.Length > 0)
                        {
                            DataSet ds = CommonHelpers.GetDataSetFromXml(data);
                            if (ds.Tables.Count > 0)
                            {
                                DataRow dr = ds.Tables[0].Rows[0];
                                response.PatientFirstName = dr["PatientFirstName"].ToString();
                                response.PatientLastName  = dr["PatientLastName"].ToString();
                                response.DOB           = dr["FormattedDOB"].ToString();
                                response.MaskedName    = dr["MaskedName"].ToString();
                                response.PhysicianName = dr["PhysicianName"].ToString();
                                response.AccountNumber = dr["PatientAccountNumber"].ToString();
                            }
                            else
                            {
                                response.ErrorMessage = "No Data";
                            }
                        }
                        else
                        {
                            response.ErrorMessage = "No Data";
                        }
                    }
                    else
                    {
                        DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                        DBAgent.ClearParams();
                        DBAgent.AddParameter("@ParamRefID", request.PatientID);
                        DBAgent.AddParameter("@ParamRefType", "PatientInfo");
                        DBAgent.AddParameter("@ParamAction", "VR");
                        DBAgent.AddParameter("@ParamComment", "Patient Verificaiton from Mobile App");
                        DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                    }
                }
                else
                {
                    response.ErrorMessage = "Invalid Request";

                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.ClearParams();
                    DBAgent.AddParameter("@ParamRefID", request.PatientID);
                    DBAgent.AddParameter("@ParamRefType", "PatientID");
                    DBAgent.AddParameter("@ParamAction", "IR");
                    DBAgent.AddParameter("@ParamComment", "Invalid Request from Mobile App - PatientVerification - " + request.UserToken);
                    DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                }
            }
            catch (Exception ex)
            {
                response.ErrorMessage = ex.Message;
                CommonHelpers.writeLogToFile("API: PostPatientVerificaiton - PatientVerificaitonController.cs", ex.Message + Environment.NewLine + ex.StackTrace);
            }
            return(Ok(response));
        }
Example #11
0
        protected void cmdLogin_Click(object sender, EventArgs e)
        {
            try
            {
                lblErr.Text = "";
                bool ValidUser    = false;
                bool TempPassword = false;
                securityAgent = new CryptoProvider();
                DBAgent       = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                DBAgent.AddParameter("@ParamUserName", txtUserName.Value);
                string data = DBAgent.ExecuteStoredProcedure("dbo.spGetUserDetails");
                if (string.IsNullOrEmpty(data))
                {
                    ValidUser   = false;
                    lblErr.Text = "Invalid Username/Password conbination. Please try again";

                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.AddParameter("@ParamRefID", 0);
                    DBAgent.AddParameter("@ParamRefType", "Users");
                    DBAgent.AddParameter("@ParamAction", "FL");
                    DBAgent.AddParameter("@ParamComment", "Login Failed - " + txtUserName.Value);
                    DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                }
                else
                {
                    DataSet ds = CommonHelpers.GetDataSetFromXml(data);
                    if (ds.Tables.Count > 0)
                    {
                        DataRow dRow      = ds.Tables[0].Rows[0];
                        string  upassword = "";
                        if ((bool.Parse(dRow["IsTempPassword"].ToString())))
                        {
                            upassword    = dRow["Password"].ToString();
                            TempPassword = true;
                        }
                        else
                        {
                            TempPassword = false;
                            string test = securityAgent.EncryptText("ClarityApp");
                            upassword = securityAgent.decryptText(dRow["Password"].ToString().Replace(" ", "+"));
                        }

                        if (upassword.Equals(txtPassword.Value))
                        {
                            DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                            DBAgent.AddParameter("@ParamRefID", dRow["LoginID"].ToString());
                            DBAgent.AddParameter("@ParamRefType", "Users");
                            DBAgent.AddParameter("@ParamAction", "LI");
                            DBAgent.ExecuteNonQuery("dbo.spAddUserAction");

                            ValidUser = true;

                            Session["FullName"] = String.Format("{0}, {1}", dRow["LastName"], dRow["FirstName"]);
                            if (!TempPassword)
                            {
                                Session["LoginID"]  = dRow["LoginID"].ToString();
                                Session["UserName"] = dRow["Username"].ToString();
                                Response.Redirect("Dashboard.aspx", true);
                            }
                            else
                            {
                                Response.Redirect(String.Format("ResetPassword.aspx?UN={0}&UID={1}", securityAgent.EncryptText(txtUserName.Text), securityAgent.EncryptText(dRow["LoginID"].ToString())), true);
                            }
                        }
                        else
                        {
                            ValidUser   = false;
                            lblErr.Text = "Invalid Username/Password conbination. Please try again";

                            DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                            DBAgent.AddParameter("@ParamRefID", 0);
                            DBAgent.AddParameter("@ParamRefType", "Users");
                            DBAgent.AddParameter("@ParamAction", "FL");
                            DBAgent.AddParameter("@ParamComment", "Login Failed - " + txtUserName.Value);
                            DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                lblErr.Text    = "There was a problem processing your request. Please contact IT.";
                lblErr.Visible = true;
                CommonHelpers.writeLogToFile("cmdLogin_Click: Login.aspx", ex.Message);
            }
        }
        public IHttpActionResult PostPatientQuestionnaire([FromBody] PatientQuestionnaireRequest request)
        {
            PatientQuestionnaireResponse response = new PatientQuestionnaireResponse();

            try
            {
                if (CommonHelpers.ValidateRequest(request.UserToken))
                {
                    List <QuestionnaireDetails> QuestionnaireList = new List <QuestionnaireDetails>();
                    //Assigned Questionnaires
                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.ClearParams();
                    DBAgent.AddParameter("@ParamPatientID", request.PatientID);
                    DBAgent.AddParameter("@ParamHistoryList", 0);
                    string data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientQuestionnaireList");
                    if (data.Length > 0)
                    {
                        DataSet ds = CommonHelpers.GetDataSetFromXml(data);
                        if (ds.Tables.Count > 0)
                        {
                            foreach (DataRow dr in ds.Tables[0].Rows)
                            {
                                QuestionnaireDetails qd = new QuestionnaireDetails(dr["QuestionnaireID"].ToString(), dr["QuestionnaireName"].ToString(), dr["ScheduledDate"].ToString(), dr["Score"].ToString(), dr["RiskCategory"].ToString(), dr["PQID"].ToString());
                                QuestionnaireList.Add(qd);
                            }
                        }
                    }

                    //Completed Questionnaires
                    DBAgent.ClearParams();
                    DBAgent.AddParameter("@ParamPatientID", request.PatientID);
                    DBAgent.AddParameter("@ParamHistoryList", 1);
                    data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientQuestionnaireList");
                    if (data.Length > 0)
                    {
                        DataSet ds = CommonHelpers.GetDataSetFromXml(data);
                        if (ds.Tables.Count > 0)
                        {
                            foreach (DataRow dr in ds.Tables[0].Rows)
                            {
                                QuestionnaireDetails qd = new QuestionnaireDetails(dr["QuestionnaireID"].ToString(), dr["QuestionnaireName"].ToString(), dr["ScheduledDate"].ToString(), dr["Score"].ToString(), dr["RiskCategory"].ToString(), dr["PQID"].ToString());
                                QuestionnaireList.Add(qd);
                            }
                        }
                    }

                    if (QuestionnaireList.Count == 0)
                    {
                        response.ErrorMessage = "No Data";
                    }
                    else
                    {
                        response.QuestionnaireList = QuestionnaireList;
                    }
                }
                else
                {
                    response.ErrorMessage = "Invalid Request";

                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.ClearParams();
                    DBAgent.AddParameter("@ParamRefID", request.PatientID);
                    DBAgent.AddParameter("@ParamRefType", "PatientID");
                    DBAgent.AddParameter("@ParamAction", "IR");
                    DBAgent.AddParameter("@ParamComment", "Invalid Request from Mobile App - PatientQuestionnaire - " + request.UserToken);
                    DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                }
            }
            catch (Exception ex)
            {
                response.ErrorMessage = ex.StackTrace;
                CommonHelpers.writeLogToFile("API: PostPatientQuestionnaire - PatientQuestionnaireController.cs", ex.Message + Environment.NewLine + ex.StackTrace);
            }

            return(Ok(response));
        }
Example #13
0
        public IHttpActionResult PostStaffLogin([FromBody] StaffAuthenticationRequest request)
        {
            StaffAuthenticationResponse response = new StaffAuthenticationResponse();

            try
            {
                DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                DBAgent.AddParameter("@ParamUserName", request.UserName);
                string data = DBAgent.ExecuteStoredProcedure("dbo.spGetUserDetails");

                if (string.IsNullOrEmpty(data))
                {
                    response.ErrorMessage    = "Invalid Username/Password conbination. Please try again";
                    response.IsAuthenticated = false;
                    response.LoginID         = -1;

                    DBAgent.ClearParams();
                    DBAgent.AddParameter("@ParamRefID", 0);
                    DBAgent.AddParameter("@ParamRefType", "Users");
                    DBAgent.AddParameter("@ParamAction", "FL");
                    DBAgent.AddParameter("@ParamComment", "Login Failed from Mobile App- " + request.UserName);
                    DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                }
                else
                {
                    DataSet ds = CommonHelpers.GetDataSetFromXml(data);
                    if (ds.Tables.Count > 0)
                    {
                        securityAgent = new CryptoProvider();
                        DataRow dRow      = ds.Tables[0].Rows[0];
                        string  upassword = securityAgent.decryptText(dRow["Password"].ToString().Replace(" ", "+"));

                        if (upassword.Equals(request.Password))
                        {
                            DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                            DBAgent.ClearParams();
                            DBAgent.AddParameter("@ParamRefID", dRow["LoginID"].ToString());
                            DBAgent.AddParameter("@ParamRefType", "Users");
                            DBAgent.AddParameter("@ParamAction", "LI");
                            DBAgent.AddParameter("@ParamComment", "Successful Login from Mobile App- " + request.UserName);
                            DBAgent.ExecuteNonQuery("dbo.spAddUserAction");

                            response.IsAuthenticated = true;

                            response.UserFirstName = dRow["FirstName"].ToString();
                            response.UserLastName  = dRow["LastName"].ToString();
                            response.UserToken     = ConfigurationManager.AppSettings["UserToken"];
                        }
                        else
                        {
                            response.IsAuthenticated = false;
                            response.ErrorMessage    = "Invalid Username/Password conbination. Please try again";

                            DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                            DBAgent.ClearParams();
                            DBAgent.AddParameter("@ParamRefID", 0);
                            DBAgent.AddParameter("@ParamRefType", "Users");
                            DBAgent.AddParameter("@ParamAction", "FL");
                            DBAgent.AddParameter("@ParamComment", "Login Failed from Mobile App- " + request.UserName);
                            DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                response.ErrorMessage    = ex.Message;
                response.IsAuthenticated = false;
                CommonHelpers.writeLogToFile("API: PostStaffLogin - StaffLoginController.cs", ex.Message + Environment.NewLine + ex.StackTrace);
            }
            return(Ok(response));
        }