/**Purpose: to insert user table for student users when it is added using csv file. * StudentId and Email will be given in the input UserVO list. * Password will be a combination of username and studentid. Salt will be added to it and then hashed * User will be inActive till they change password during first login. */ public int AddStudentUsers(List <UserVO> instudentUsers) { int successCount = 0; try { DBConnection.conn.Open(); foreach (UserVO user in instudentUsers) { user.UserName = OtherUtilities.GetUserNameFromEmail(user.EmailID); string salt = PasswordGenerator.GenerateSalt(); string hashPassword = PasswordGenerator.GenerateHash(user.UserName + user.StudentID + salt); user.Active = ApplicationConstants.Active; user.Role = ApplicationConstants.StudentRole; user.ResetKey = " "; user.Password = hashPassword; user.HashSalt = salt; user.StaffID = 0; user.FirstLogin = true; } InsertDataUsingSqlBulkCopy(instudentUsers, DBConnection.conn); } catch (SqlException e) { ExceptionUtility.LogException(e, "Error Page"); throw e; } finally { if (DBConnection.conn != null) { DBConnection.conn.Close(); } } return(successCount); }
// Add user details into database public string AddUser(UserVO inuser) { string status = ""; try { DBConnection.conn.Open(); inuser.UserName = OtherUtilities.GetUserNameFromEmail(inuser.EmailID); string salt = PasswordGenerator.GenerateSalt(); string hashPassword = PasswordGenerator.GenerateHash(inuser.UserName + inuser.StudentID + salt); inuser.Active = ApplicationConstants.Active; if (inuser.Role == ApplicationConstants.StaffRole) { inuser.StudentID = 0; } else if (inuser.Role == ApplicationConstants.StudentRole) { inuser.StaffID = 0; } inuser.ResetKey = ""; inuser.Password = hashPassword; inuser.HashSalt = salt; //inuser.FirstLogin = true; string query = "INSERT INTO dbo.IlmpUser (UserName,StudentId,StaffId,Password,EmailId,HashSalt,ResetPassword,FirstLogin,Active, Role) " + " VALUES (@UserName,@StudentId,@StaffId,@Password,@EmailId,@HashSalt,@ResetPassword, @FirstLogin, @Active,@Role) "; SqlCommand cmd = new SqlCommand(query, DBConnection.conn); cmd.Parameters.AddWithValue("@UserName", inuser.UserName); cmd.Parameters.AddWithValue("@StudentId", inuser.StudentID); cmd.Parameters.AddWithValue("@StaffId", inuser.StaffID); cmd.Parameters.AddWithValue("@EmailId", inuser.EmailID); cmd.Parameters.AddWithValue("@Password", hashPassword); cmd.Parameters.AddWithValue("@HashSalt", inuser.HashSalt); cmd.Parameters.AddWithValue("@ResetPassword", inuser.ResetKey); cmd.Parameters.AddWithValue("@FirstLogin", 1); cmd.Parameters.AddWithValue("@Active", inuser.Active); cmd.Parameters.AddWithValue("@Role", inuser.Role); int result = cmd.ExecuteNonQuery(); if (result > 0) { status = inuser.UserName + " has been added successfully"; } else { status = "Error in addition"; } } catch (SqlException ex) { ExceptionUtility.LogException(ex, "Error Page"); throw new CustomException(ApplicationConstants.UnhandledException + ": " + ex.Message); } catch (Exception ex) { ExceptionUtility.LogException(ex, "Error Page"); throw new CustomException(ApplicationConstants.UnhandledException + ": " + ex.Message); } finally { if (DBConnection.conn != null) { DBConnection.conn.Close(); } } return(status); }