public PasswordChangeTicket GetTicket(string ticketString) { PasswordChangeTicket ticket = new PasswordChangeTicket(); using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["KMDaycare"].ConnectionString)) { using (SqlCommand cmd = new SqlCommand("GetTicket", con)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@ticket", ticketString); con.Open(); SqlDataReader dr = cmd.ExecuteReader(); while (dr.Read()) { ticket.TicketID = int.Parse(dr["TicketID"].ToString()); ticket.Email = dr["Email"].ToString(); ticket.Ticket = dr["Ticket"].ToString(); ticket.Expiry = DateTime.Parse(dr["Expiry"].ToString()); } con.Close(); } } return(ticket); }
private bool SubmitPasswordUpdate() { Cryptography c = new Cryptography(); PasswordChangeTicket ticket = c.GetTicket(Request.QueryString["t"]); if (DateTime.Compare(ticket.Expiry, DateTime.Now) > 0) { if (ticket.Email == EmailTB.Text.Trim()) { c.UpdatePassword(EmailTB.Text.Trim(), NewPasswordTB.Text.Trim()); return(true); } else { return(false); } } else { return(false); } }
protected void Page_Load(object sender, EventArgs e) { if (Request.QueryString["t"] != null) { PageControls.Controls.Remove(RequestButton); Cryptography c = new Cryptography(); PasswordChangeTicket ticket = c.GetTicket(Request.QueryString["t"]); if (ticket != null) { if (ticket.TicketID <= 0 || DateTime.Compare(ticket.Expiry, DateTime.Now) < 0) { Response.Redirect("Default.aspx"); } } } else { PageControls.Controls.Remove(NewPasswordTB); PageControls.Controls.Remove(ConfirmNewPasswordTB); PageControls.Controls.Remove(NewPasswordLabel); PageControls.Controls.Remove(ConfirmNewPasswordLabel); PageControls.Controls.Remove(SubmitButton); } }