protected void btnSavePassword_Click(object sender, EventArgs e)
{
try
{
GetSession session = new GetSession();
RijndaelEncryption encryption = new RijndaelEncryption();
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string newPassword = encryption.EncryptText(txtNewPassord.Text, encryptionKey);
string oldPassword = encryption.EncryptText(txtOldPassword.Text, encryptionKey);
CommonFunction cmSaveData = new CommonFunction();
string updatePassword = "******" + newPassword + "' where(UserID='" + session.UserName + " ' and AccountNumber='" + session.AccountNumber + "')";
cmSaveData.InsertQuery(updatePassword);
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Password change successfully');window.location='FundWithdeawRequest.aspx';</script>'");
}
catch (Exception ex)
{
Response.Redirect("../../LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace));
}
}
protected void btnPasswordChange_Click(object sender, EventArgs e)
{
GetSession session = new GetSession();
try
{
RijndaelEncryption encryption = new RijndaelEncryption();
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string newPassword = encryption.EncryptText(txtNewPassord.Text, encryptionKey);
string oldPassword = encryption.EncryptText(txtOldPassword.Text, encryptionKey);
CommonFunction cmSaveData = new CommonFunction();
string updatePassword = "******" + newPassword + "' where(UserID='" + session.UserName + " ' )";
cmSaveData.InsertQuery(updatePassword);
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Password change successfully');</script>'");
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// Reset Password Operation
/// </summary>
private void ResetPassword()
{
try
{
//Random rnd = new Random();
//string rndPassword = rnd.Next(10000000, 99990000).ToString();
var chars = "0123456ABCDEFG6789HIJKLMNOPQR456STUVWXYZa234bcdefghijklmno789pqrstuvwxyz";
var stringChars = new char[8];
var random = new Random();
for (int i = 0; i < stringChars.Length; i++)
{
stringChars[i] = chars[random.Next(chars.Length)];
}
var rndPassword = new String(stringChars);
RijndaelEncryption decreption = new RijndaelEncryption();
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string encriptedPassword = decreption.EncryptText(rndPassword, encryptionKey);
//string Email = decreption.DecryptText((Request.QueryString["e"].ToString()), encryptionKey);
//string accountNumber = decreption.DecryptText((Request.QueryString["a"].ToString()), encryptionKey);
string Email = Request.Form["Email"].ToString();
string accountNumber = Request.Form["AccountNumber"];
//if (string.IsNullOrEmpty(Email))
// return;
if (Email != null)
{
SendMailWithPassword(rndPassword, Email, accountNumber);
}
CommonFunction cmAcctivation = new CommonFunction();
string acctivationQuery = "update ApplicationUser set Password='******' where(UserID='" + Email + " ' and AccountNumber='" + accountNumber + "' )";
cmAcctivation.InsertQuery(acctivationQuery);
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Password Has Reset Successfully, Please Check Your Email For New Password.');window.location='../../Default.aspx';</script>'");
}
catch (Exception)
{
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Mail server is currently unavailable. Please contact with your broker');window.location='../../Default.aspx';</script>'");
}
}
protected void btnCheckPin_Click(object sender, EventArgs e)
{
try
{
GetSession session = new GetSession();
if (txtPin.Text == string.Empty)
{
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please enter your pin number');window.location='FundWithdeawRequest.aspx';</script>'");
}
else
{
RijndaelEncryption encryption = new RijndaelEncryption();
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string pinNumber = encryption.EncryptText(txtPin.Text, encryptionKey);
CommonFunction cm = new CommonFunction();
string matchPin = "select Password from ApplicationUser where UserId='" + session.UserName + "' and AccountNumber='" + session.AccountNumber + "' and Password='******' ";
DataTable dtmatchPin = cm.GetDatatable(matchPin);
if (dtmatchPin.Rows.Count > 0)
{
//ScriptManager.RegisterStartupScript(this, this.GetType(), "Pop", "closeModal();", true);
ScriptManager.RegisterStartupScript(this, this.GetType(), "Pop", "openModal();", true);
}
else
{
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Pin number is incorrect. Please enter the correct one');window.location='FundWithdeawRequest.aspx';</script>'");
//lblMessage.ForeColor = System.Drawing.Color.Red;
//lblMessage.Text = "Pin number do not match";
}
}
}
catch (Exception ex)
{
Response.Redirect("../../LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace));
}
}
protected void textBox_TextChanged(object sender, EventArgs e)
{
GetSession session = new GetSession();
RijndaelEncryption encryption = new RijndaelEncryption();
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string pass = txtOldPassword.Text;
string oldPassword = encryption.EncryptText(txtOldPassword.Text, encryptionKey);
try
{
CommonFunction cm = new CommonFunction();
string password = "******" + session.UserName + "' and BONumber='" + session.BoNumber + "' and password='******'";
DataTable dtpassword = cm.GetDatatable(password);
if (dtpassword.Rows.Count > 0)
{
txtOldPassword.Text = pass;
txtNewPassord.ReadOnly = false;
txtConfirmPassword.ReadOnly = false;
lblMessage.Text = "";
}
else
{
txtNewPassord.ReadOnly = true;
txtConfirmPassword.ReadOnly = true;
lblMessage.ForeColor = System.Drawing.Color.Red;
lblMessage.Text = "Password does not match";
}
}
catch (Exception ex)
{
Response.Redirect("LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace));
}
}
private void Registration(string email, string accNumber, string bo, string status)
{
Random rnd = new Random();
string number = rnd.Next(1000, 9999).ToString();
CommonFunction cmRegistration = new CommonFunction();
RijndaelEncryption encryption = new RijndaelEncryption();
string userId = email;
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string accountNumber = accNumber;
string boNumber = bo;
string encriptedUserId = encryption.EncryptText(userId, encryptionKey);
string encriptedAccount = encryption.EncryptText(accountNumber, encryptionKey);
string pinNumber = encryption.EncryptText(number, encryptionKey);
try
{
string userName = "";
//string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber,"
//+"SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsLogin,IsRegistered,UserType,PinNumber)"
//+"Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','false','Investor','" + pinNumber + "')";
string cmdUserName = "******" + accountNumber + "'";
DataTable dtUserName = cmRegistration.GetDatatable(cmdUserName);
if (dtUserName.Rows.Count > 0)
{
foreach (DataRow dr in dtUserName.Rows)
{
userName = dr["Name"].ToString();
}
}
BOSLEmailer3 sendEmail = new BOSLEmailer3();
string siteUrl = ConfigurationManager.AppSettings["SiteUrl"];
string emailMessage = "Hi " + userName + ",<br/>" + "One more step to activate your account on iTradeX. Just click on the link below:<br/>";
string message = emailMessage + "<a href='" + siteUrl + "Default.aspx?" + "e=" + encriptedUserId + "&a=" + encriptedAccount + "&n=" + pinNumber + "'>Registration Acctivation</a>" + "<br/> Your secret PIN number for Fund Withdraw Request is " + number + "";
//sendEmail.AttachmentPath=;
sendEmail.AuthenticationMode = 1;
sendEmail.Body = message;
//sendEmail.Cc=;
sendEmail.From = ConfigurationManager.AppSettings["From"];
//sendEmail.id=userId;
sendEmail.IsHtml = Convert.ToBoolean(ConfigurationManager.AppSettings["IsHtml"]); //System.Configuration.ConfigurationManager.AppSettings.Get("IsHtml");
sendEmail.IsUseSSL = Convert.ToBoolean(ConfigurationManager.AppSettings["IsUseSSL"]);
sendEmail.Password = ConfigurationManager.AppSettings["Password"];
sendEmail.PortNum = Convert.ToInt32(ConfigurationManager.AppSettings["PortNum"]);
sendEmail.SendUsing = Convert.ToInt32(ConfigurationManager.AppSettings["SendUsing"]);
sendEmail.SMTPServer = ConfigurationManager.AppSettings["SMTPServer"];
sendEmail.Subject = ConfigurationManager.AppSettings["EmailSubjectForRegistration"];
sendEmail.To = userId;
sendEmail.UserName = ConfigurationManager.AppSettings["UserName"];
sendEmail.SendEmail();
//sconRegistration.Close();
CommonFunction cmActiveInvestor = new CommonFunction();
string query = "UPDATE ApplicationUser SET PinNumber ='" + pinNumber + "' WHERE AccountNumber='" + accountNumber + "'";
cmActiveInvestor.InsertQuery(query);
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('An email has sent to the investor.');window.location='Active.aspx';</script>'");
//Response.Redirect("LoginPage.aspx");
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// genarate digit random number as password and send user mail
/// </summary>
protected void Resetpassword_click(object sender, EventArgs e)
{
GetSession session = new GetSession();
//string finalString = "";
string AccountNumber = "";
string UserId = "";
try
{
foreach (RepeaterItem rpt in rptShowBrokerData.Items)
{
CheckBox chkAll = (CheckBox)rpt.FindControl("chkAll");
CheckBox chkChecked = (CheckBox)rpt.FindControl("chkChecked");
if (chkChecked.Checked == true)
{
//Random rnd = new Random();
//string rndPin = rnd.Next(1000, 9999).ToString();
//string rndPassword = rnd.Next(10000000, 99990000).ToString();
var chars = "0123456ABCDEFG6789HIJKLMNOPQR456STUVWXYZa234bcdefghijklmno789pqrstuvwxyz";
var stringChars = new char[8];
var random = new Random();
for (int i = 0; i < stringChars.Length; i++)
{
stringChars[i] = chars[random.Next(chars.Length)];
}
var rndPassword = new String(stringChars);
RijndaelEncryption decreption = new RijndaelEncryption();
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string encriptedPassword = decreption.EncryptText(rndPassword, encryptionKey);
//string Email = decreption.DecryptText((Request.QueryString["e"].ToString()), encryptionKey);
//string accountNumber = decreption.DecryptText((Request.QueryString["a"].ToString()), encryptionKey);
Label accountNumber = (Label)rpt.FindControl("lblAccountNumber");
Label userId = (Label)rpt.FindControl("lblUserId");
UserId = userId.Text;
AccountNumber = accountNumber.Text.ToString();
//string Email = Request.Form["Email"].ToString();
//string accountNumber = Request.Form["AccountNumber"];
//if (string.IsNullOrEmpty(Email))
//// return;
//if (UserId != null)
//{
// SendMailWithPassword(rndPassword,accountNumber,UserId);
//}
CommonFunction cmAcctivation = new CommonFunction();
string acctivationQuery = "update ApplicationUser set Password='******' where(UserID='" + UserId + " ' and AccountNumber='" + AccountNumber + "' )";
cmAcctivation.InsertQuery(acctivationQuery);
SendMailWithPassword(rndPassword, AccountNumber, UserId);
}
else
{
continue;
}
}
}
catch (Exception ex)
{
Response.Redirect("LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace));
}
}
/// <summary>
/// Code For Login
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnLogin_Click(object sender, EventArgs e)
{
ApplicationUser loggedUser = new ApplicationUser();
RijndaelEncryption passwordEncription = new RijndaelEncryption();
string userEmail = Request.Form["Email"].ToString();
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string userPassword = passwordEncription.EncryptText(Request.Form["password"].ToString(), encryptionKey);
try
{
CommonFunction cm = new CommonFunction();
//SqlConnection conLogin = DatabaseConnection.GetConnection();
string loginCommand = "select UserId,AccountNumber,BONumber,Password,IsActive, IsRegistered,UserType,BrokerRef from ApplicationUser where UserId='" + userEmail + "' and password='******' ";
//SqlCommand cmdCommand = new SqlCommand(loginCommand, conLogin);
DataTable dtLogin = cm.GetDatatable(loginCommand);
if (dtLogin.Rows.Count > 0)
{
//foreach (DataRow dr in dtsLogin.Tables[0].Rows)
foreach (DataRow dr in dtLogin.Rows)
{
if (Convert.ToBoolean(dr["IsRegistered"]) == true)
{
if (Convert.ToBoolean(dr["IsActive"]) == true)
{
if (userPassword == dr["Password"].ToString())
{
CommonFunction cmLogin = new CommonFunction();
//string loginTimeQuery = "Update ApplicationUser set LastLoginTime='" + DateTime.Now + "',IsLogin='******' where (UserId='" + userEmail + "')";
string loginTimeQuery = "Update ApplicationUser set LastLoginTime='" + DateTime.Now + "' where (UserId='" + userEmail + "')";
cmLogin.InsertQuery(loginTimeQuery);
loggedUser.UserID = dr["UserID"].ToString();
loggedUser.AccountNumber = dr["AccountNumber"].ToString();
loggedUser.BoNumber = dr["BONumber"].ToString();
loggedUser.UserType = dr["UserType"].ToString();
loggedUser.BrokerRef = dr["BrokerRef"].ToString();
Session["AccountNumber"] = loggedUser.AccountNumber;
Session["UserID"] = loggedUser.UserID;
Session["BOID"] = loggedUser.BoNumber;
Session["UserType"] = loggedUser.UserType;
Session["BrokerRef"] = loggedUser.BrokerRef;
string name = RegionInfo.CurrentRegion.DisplayName;
string strClientIP = HttpContext.Current.Request.UserHostAddress;
//Store session informations
GetSession.accountNumber = loggedUser.AccountNumber;
GetSession.boNumber = loggedUser.BoNumber;
GetSession.brokerRef = loggedUser.BrokerRef;
GetSession.userName = loggedUser.UserID;
GetSession.userType = loggedUser.UserType;
CommonFunction cpAppLog = new CommonFunction();
String insertQuery = "insert into ApplicationLog (Id,LogTime,LogType,LogDetails) values ('" + loggedUser.AccountNumber + "','" + DateTime.Now + "','Information','" + strClientIP + "')";
cpAppLog.InsertQuery(insertQuery);
if (chkCookie.Checked == true)
{
HttpCookie loginCookies = new HttpCookie("loginCookies");
Response.Cookies["loginCookies"]["Email"] = userEmail;
Response.Cookies["loginCookies"]["Password"] = userPassword;
Response.Cookies["loginCookies"].Expires = DateTime.Now.AddDays(1);
}
//Session["USER"] = loggedUser;
if (dr["UserType"].ToString() == "Broker")
{
Response.Redirect("BrokerInformation.aspx", false);
}
else if (dr["UserType"].ToString() == "SystemAdmin")
{
Response.Redirect("SystemAdmin.aspx", false);
}
else
{
Response.Redirect("Dashboard.aspx", false);
//Response.Redirect("Transaction.aspx",false);
}
}
else
{
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please Enter The Correct Password');window.location='LoginPage.aspx';</script>'");
}
}
else
{
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account Is Not acctivated Yet, Please Contact With Your Broker');window.location='LoginPage.aspx';</script>'");
}
}
else
{
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account is Not Still Registered, Please Visit Registration Page For Being Registered');window.location='LoginPage.aspx';</script>'");
}
}
}
else
{
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Invalid Email Address, Please Enter The Correct One');window.location='LoginPage.aspx';</script>'");
}
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// Registration
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnRegistration_Click(object sender, EventArgs e)
{
try
{
RijndaelEncryption encryption = new RijndaelEncryption();
//string userId = Request.Form["Email"].ToString();
string userId = txtEmail.Text;
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string password = encryption.EncryptText((Request.Form["password"].ToString()), encryptionKey);
string boNumber = txtPrefix.Text + txtBONumber.Text;
string accountNumber = txtAccountNumber.Text;
string secreteAnswer = txtSecretAnswer.Text;
//CommonFunction cmEmailCheck = new CommonFunction();
////string emailCheckQuery = "select UserID from ApplicationUser where(UserID='" + userId + "' and AccountNumber='" + accountNumber + "' and BONumber='" + boNumber + "' AND Password='******')";
//string emailCheckQuery = "select UserID from ApplicationUser where"
// +"(UserID='" + userId + "' and AccountNumber='" + accountNumber + "' and BONumber='" + boNumber + "')";
//DataTable dtEmailCheck = cmEmailCheck.GetDatatable(emailCheckQuery);
//if (dtEmailCheck.Rows.Count > 0)
//{
// //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert(' This account is already exist. Please contact with System Admin');window.location='RegAndLogin.aspx';</script>'");
// pnlMessage.Visible = true;
// lblShowMessage.Text = "This account is already exist. Please contact with System Admin";
//}
//else
//{
// if (ddlBroker.SelectedIndex > 0)
// {
// CommonFunction cmCheckBoAndAccountNo = new CommonFunction();
// string boAndAccountCheck = "select BONumber,AccountNumber,Email from InvestorProfile where"
// +"(BONumber='" + boNumber + "' and AccountNumber='" + accountNumber + "' and Email='" + userId + "' )";
// DataTable dtCheck = cmCheckBoAndAccountNo.GetDatatable(boAndAccountCheck);
// if (dtCheck.Rows.Count > 0)
// {
// Registration();
// }
// else
// {
// //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Information Does not Match');window.location='RegAndLogin.aspx';</script>'");
// pnlMessage.Visible = true;
// lblShowMessage.Text = "Information does not match. Please enter the correct one";
// }
// }
// else
// {
// //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please Select Broker Name');window.location='RegAndLogin.aspx';</script>'");
// pnlMessage.Visible = true;
// lblShowMessage.Text = "Please Select Broker Name from the broker list";
// }
//}
CommonFunction cmEmailCheck = new CommonFunction();
//string emailCheckQuery = "select UserID from ApplicationUser where(UserID='" + userId + "' and AccountNumber='" + accountNumber + "' and BONumber='" + boNumber + "' AND Password='******')";
string emailCheckQuery = "select AccountNumber from ApplicationUser where "
+ "AccountNumber='" + accountNumber + "' and BONumber='" + boNumber + "'";
DataTable dtEmailCheck = cmEmailCheck.GetDatatable(emailCheckQuery);
if (dtEmailCheck.Rows.Count > 0)
{
pnlMessage.Visible = true;
lblShowMessage.Text = "This account is already exist. Please contact with Your Broker";
}
else
{
CommonFunction cmRegistration = new CommonFunction();
string checkQuery = "select UserID from ApplicationUser where (UserID='" + userId + "' AND Password='******')";
DataTable dtEmailPass = cmRegistration.GetDatatable(checkQuery);
CommonFunction cm = new CommonFunction();
string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber,"
+ "SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsRegistered,UserType,RegistrationTime,Status)"
+ "Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','Investor','" + DateTime.Now + "','Pending')";
cm.InsertQuery(insertQuery);
pnlLoginMessage.Visible = true;
lblLoginMessage.Text = "Your Account Has successfully Registered. You will get an email from your broker for activating account within 3 working days.";
//if (dtEmailPass.Rows.Count > 0)
//{
// //ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('This Email and Password Already Exist.Please Try Another Password.');window.location='RegAndLogin.aspx';</script>'");
// pnlMessage.Visible = true;
// lblShowMessage.Text = "This Email and Password already exist. Please try another password.";
//}
//else
//{
// CommonFunction cm = new CommonFunction();
// string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber,"
// + "SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsRegistered,UserType,RegistrationTime,Status)"
// + "Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','Investor','" + DateTime.Now + "','Pending')";
// cm.InsertQuery(insertQuery);
// pnlLoginMessage.Visible = true;
// lblLoginMessage.Text = "Your Account Has successfully Registered. You will get an email from your broker for activating account within 3 working days.";
//}
}
}
catch (Exception ex)
{
Response.Redirect("LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace));
}
}
private void Registration()
{
Random rnd = new Random();
string number = rnd.Next(1000, 9999).ToString();
CommonFunction cmRegistration = new CommonFunction();
if (Session["CAPTCHA"].ToString().Equals(txtInput.Text))
{
RijndaelEncryption encryption = new RijndaelEncryption();
//string userId = Request.Form["Email"].ToString();
string userId = txtEmail.Text;
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string password = encryption.EncryptText((Request.Form["password"].ToString()), encryptionKey);
//string accountNumber = Request.Form["AccountNumber"].ToString();
string accountNumber = txtAccountNumber.Text;
//string secreteAnswer = Request.Form["SecreteAnswer"].ToString();
string secreteAnswer = txtSecretAnswer.Text;
//string boNumber = Request.Form["BONumber"].ToString();
string boNumber = txtPrefix.Text + txtBONumber.Text;
string encriptedUserId = encryption.EncryptText(userId, encryptionKey);
string encriptedAccount = encryption.EncryptText(accountNumber, encryptionKey);
string pinNumber = encryption.EncryptText(number, encryptionKey);
string emailCheckQuery = "select UserID from ApplicationUser where(UserID='" + userId + "' AND Password='******')";
DataTable dtEmailPass = cmRegistration.GetDatatable(emailCheckQuery);
if (dtEmailPass.Rows.Count > 0)
{
//ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('This Email and Password Already Exist.Please Try Another Password.');window.location='RegAndLogin.aspx';</script>'");
pnlMessage.Visible = true;
lblShowMessage.Text = "This Email and Password already exist. Please try another password.";
}
try
{
string userName = "";
//string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber,"
//+"SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsLogin,IsRegistered,UserType,PinNumber)"
//+"Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','false','Investor','" + pinNumber + "')";
string cmdUserName = "******" + accountNumber + "'";
DataTable dtUserName = cmRegistration.GetDatatable(cmdUserName);
if (dtUserName.Rows.Count > 0)
{
foreach (DataRow dr in dtUserName.Rows)
{
userName = dr["Name"].ToString();
}
}
BOSLEmailer3 sendEmail = new BOSLEmailer3();
string siteUrl = ConfigurationManager.AppSettings["SiteUrl"];
string emailMessage = "Hi " + userName + ",<br/>" + "One more step to verify your email address on iTradeX. Just click on the link below:<br/>";
string message = emailMessage + "<a href='" + siteUrl + "Default.aspx?" + "e=" + encriptedUserId + "&a=" + encriptedAccount + "&n=" + pinNumber + "'>Registration Acctivation</a>" + "<br/> Your secret PIN number for Fund Withdraw Request is " + number + "";
//sendEmail.AttachmentPath=;
sendEmail.AuthenticationMode = 1;
sendEmail.Body = message;
//sendEmail.Cc=;
sendEmail.From = ConfigurationManager.AppSettings["From"];
//sendEmail.id=userId;
sendEmail.IsHtml = Convert.ToBoolean(ConfigurationManager.AppSettings["IsHtml"]); //System.Configuration.ConfigurationManager.AppSettings.Get("IsHtml");
sendEmail.IsUseSSL = Convert.ToBoolean(ConfigurationManager.AppSettings["IsUseSSL"]);
sendEmail.Password = ConfigurationManager.AppSettings["Password"];
sendEmail.PortNum = Convert.ToInt32(ConfigurationManager.AppSettings["PortNum"]);
sendEmail.SendUsing = Convert.ToInt32(ConfigurationManager.AppSettings["SendUsing"]);
sendEmail.SMTPServer = ConfigurationManager.AppSettings["SMTPServer"];
sendEmail.Subject = ConfigurationManager.AppSettings["EmailSubjectForRegistration"];
sendEmail.To = userId;
sendEmail.UserName = ConfigurationManager.AppSettings["UserName"];
sendEmail.SendEmail();
//sconRegistration.Close();
//ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account Has successfully Registered, Please Check Your Email For Activate Your Account');window.location='RegAndLogin.aspx';</script>'");
pnlLoginMessage.Visible = true;
lblLoginMessage.Text = "Your Account Has successfully Registered, Please Check Your Email For Activate Your Account";
string insertQuery = "insert into ApplicationUser(UserID,Password,BrokerRef,BONumber,AccountNumber,"
+ "SecretQuestion,SecretAnswer,LastLoginTime,IsActive,IsRegistered,UserType,PinNumber,RegistrationTime,Status)"
+ "Values('" + userId + "','" + password + "','" + ddlBroker.SelectedValue + "','" + boNumber + "','" + accountNumber + "','" + ddlSecreteQuestion.SelectedItem.Text + "','" + secreteAnswer + "','" + DateTime.Now + "','false','false','Investor','" + pinNumber + "','" + DateTime.Now + "','Pending')";
cmRegistration.InsertQuery(insertQuery);
//Response.Redirect("LoginPage.aspx");
}
catch (Exception ex)
{
throw ex;
}
}
else
{
//ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('No Match Found From Captcha Input');window.location='RegAndLogin.aspx';</script>'");
pnlMessage.Visible = true;
lblShowMessage.Text = "No match found from captcha input. Please enter the correct one";
}
}
/// <summary>
/// Code For Login
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnLogin_Click(object sender, EventArgs e)
{
ApplicationUser loggedUser = new ApplicationUser();
RijndaelEncryption passwordEncription = new RijndaelEncryption();
//string userEmail = Request.Form["Email"].ToString();
string userEmail = txtEmail.Text;
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string userPassword = passwordEncription.EncryptText(Request.Form["password"].ToString(), encryptionKey);
//string userPassword = passwordEncription.EncryptText(txtPassword.Text, encryptionKey);
try
{
CommonFunction cm = new CommonFunction();
//SqlConnection conLogin = DatabaseConnection.GetConnection();
string loginCommand = string.Empty;
string[] userid = userEmail.Split('@');
if (userid.Length > 1)
{
loginCommand = "SELECT UserId,AccountNumber,BONumber,Password,IsActive, IsRegistered,UserType,BrokerRef,Status FROM ApplicationUser where UserId ='" + userEmail + "' and password ='******' ORDER BY LastLoginTime DESC";
}
else
{
loginCommand = "SELECT UserId,AccountNumber,BONumber,Password,IsActive, IsRegistered,UserType,BrokerRef,Status FROM ApplicationUser where AccountNumber ='" + userEmail + "' and password ='******' ";
}
//SqlCommand cmdCommand = new SqlCommand(loginCommand, conLogin);
DataTable dtLogin = cm.GetDatatable(loginCommand);
//SqlDataAdapter sdaLogin = new SqlDataAdapter(cmdCommand);
//DataSet dtsLogin = new DataSet();
//sdaLogin.Fill(dtsLogin);
//if (dtsLogin.Tables[0].Rows.Count > 0)
if (dtLogin.Rows.Count > 0)
{
//foreach (DataRow dr in dtsLogin.Tables[0].Rows)
foreach (DataRow dr in dtLogin.Rows)
{
if (Convert.ToBoolean(dr["IsRegistered"]) == true)
{
if (dr["Status"].ToString() == "Active")
{
if (userPassword == dr["Password"].ToString())
{
CommonFunction cmLogin = new CommonFunction();
string loginTimeQuery = "Update ApplicationUser set LastLoginTime = '" + DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss") + "',IsLogin='******' where UserId='" + userEmail + "'";
cmLogin.InsertQuery(loginTimeQuery);
//SqlConnection conLogin = DatabaseConnection.GetConnection();
//SqlCommand cmdLoginFlag = new SqlCommand("Update ApplicationUser set IsLogin='******' where(UserId='" + userEmail + "')", conLogin);
//cmdLoginFlag.ExecuteNonQuery();
//conLogin.Close();
loggedUser.UserID = dr["UserID"].ToString();
loggedUser.AccountNumber = dr["AccountNumber"].ToString();
loggedUser.BoNumber = dr["BONumber"].ToString();
loggedUser.UserType = dr["UserType"].ToString();
loggedUser.BrokerRef = dr["BrokerRef"].ToString();
Session["AccountNumber"] = loggedUser.AccountNumber;
Session["UserID"] = loggedUser.UserID;
Session["BOID"] = loggedUser.BoNumber;
Session["UserType"] = loggedUser.UserType;
Session["BrokerRef"] = loggedUser.BrokerRef;
string name = RegionInfo.CurrentRegion.DisplayName;
string strClientIP = HttpContext.Current.Request.UserHostAddress;
//store session in Getsession class
//session.AccountNumber = loggedUser.AccountNumber;
//session.BoNumber = loggedUser.BoNumber;
//session.BrokerRef = loggedUser.BrokerRef;
//session.UserName = loggedUser.UserID;
//GetSession.userType = loggedUser.UserType;
//CommonFunction cpAppLog = new CommonFunction();
//String insertQuery = "insert into ApplicationLog (Id,LogTime,LogType,LogDetails) values ('" + loggedUser.AccountNumber + "','" + DateTime.Now + "','Information','" + strClientIP + "')";
//cpAppLog.InsertQuery(insertQuery);
//if (chkCookie.Checked == true)
//{
// HttpCookie loginCookies = new HttpCookie("loginCookies");
// Response.Cookies["loginCookies"]["Email"] = userEmail;
// Response.Cookies["loginCookies"]["Password"] = userPassword;
// Response.Cookies["loginCookies"].Expires = DateTime.Now.AddDays(1);
//}
//Session["USER"] = loggedUser;
if (dr["UserType"].ToString() == "Broker")
{
Response.Redirect(@"Pages\Investor\OrderBroker.aspx", false);
}
else if (dr["UserType"].ToString() == "SystemAdmin")
{
Response.Redirect(@"Pages\Investor\SystemAdmin.aspx", false);
}
else
{
Response.Redirect(@"Pages\Investor\Dashboard.aspx", false);
//Response.Redirect("Transaction.aspx",false);
}
}
else
{
//ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please Enter The Correct Password');window.location='default.aspx';</script>'");
pnlMessage.Visible = true;
lblShowMessage.Text = "Please enter the correct password.";
}
}
else
{
//ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account Is Not acctivated Yet, Please Contact With Your Broker');window.location='default.aspx';</script>'");
pnlMessage.Visible = true;
lblShowMessage.Text = "Your account is not acctivated yet.";
}
}
else
{
//ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Your Account is Not Still Registered, Please Visit Registration Page For Being Registered');window.location='default.aspx';</script>'");
pnlMessage.Visible = true;
lblShowMessage.Text = "Your account is not still registered.";
}
break;
}
}
else
{
//ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Invalid Email Address, Please Enter The Correct One');window.location='default.aspx';</script>'");
pnlMessage.Visible = true;
lblShowMessage.Text = "The email or password you entered is incorrect.";
}
}
catch (Exception ex)
{
Response.Redirect("LoginErrorPage.aspx?ex=" + Server.UrlEncode(ex.Message) + "&st=" + Server.UrlEncode(ex.StackTrace));
}
}
/// <summary>
/// Send email with Reset Link
/// </summary>
private void SendLinkReset()
{
string userName = "";
CommonFunction cmRegistration = new CommonFunction();
RijndaelEncryption encryption = new RijndaelEncryption();
string Email = Request.Form["Email"].ToString();
string encryptionKey = ConfigurationManager.AppSettings["EncryptionKey"];
string accountNumber = Request.Form["AccountNumber"];
string encriptedEmail = encryption.EncryptText(Email, encryptionKey);
string encriptedAccount = encryption.EncryptText(accountNumber, encryptionKey);
//string accountNumber = encryption.EncryptText((Request.Form["AccountNumber"].ToString()), encryptionKey);
string cmdUserName = "******" + accountNumber + "'";
DataTable dtUserName = cmRegistration.GetDatatable(cmdUserName);
if (dtUserName.Rows.Count > 0)
{
foreach (DataRow dr in dtUserName.Rows)
{
userName = dr["Name"].ToString();
}
}
try
{
BOSLEmailer3 sendEmail = new BOSLEmailer3();
string siteUrl = ConfigurationManager.AppSettings["SiteUrl"];
string emailMessage = "Hi " + userName + ",<br/>" + "We received a password reset request for your iTradeX account. To reset your password, use the links below:<br/>";
string message = emailMessage + "<br/><b>Reset your password using a web browser:</b><br/>"
+ "<a href='" + siteUrl + "Pages/Investor/ForgotPassword.aspx?" + "e=" + encriptedEmail + "&a=" + encriptedAccount + "'>Reset Password</a>"
+ "<br/><br/>If you didn't request a password reset, you can ignore this message and your password will not be changed, someone"
+ "probably typed in your username or email address by accident.<br/><br/>-The iTradeX Team";
//sendEmail.AttachmentPath=;
sendEmail.AuthenticationMode = 1;
sendEmail.Body = message;
//sendEmail.Cc=;
sendEmail.From = ConfigurationManager.AppSettings["From"];
//sendEmail.id=userId;
sendEmail.IsHtml = Convert.ToBoolean(ConfigurationManager.AppSettings["IsHtml"]);
sendEmail.IsUseSSL = Convert.ToBoolean(ConfigurationManager.AppSettings["IsUseSSL"]);
sendEmail.Password = ConfigurationManager.AppSettings["Password"];
sendEmail.PortNum = Convert.ToInt32(ConfigurationManager.AppSettings["PortNum"]);
sendEmail.SendUsing = Convert.ToInt32(ConfigurationManager.AppSettings["SendUsing"]);
sendEmail.SMTPServer = ConfigurationManager.AppSettings["SMTPServer"];
sendEmail.Subject = "Forgotten password request from iTradeX";
sendEmail.To = Email;
sendEmail.UserName = ConfigurationManager.AppSettings["UserName"];
sendEmail.SendEmail();
//sconRegistration.Close();
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Please Check Your Email. Click On The Link To Reset You Password.');window.location='../../Default.aspx';</script>'");
}
catch (Exception ex)
{
ClientScript.RegisterStartupScript(this.GetType(), "Alert", "<script type='text/javascript'>alert('Mail server is currently unavailable. " + ex.Message + "');window.location='../../Default.aspx';</script>'");
}
}
