protected void btn_recoverKey_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
// Instantiate SQL String
string SelectGuidSQL;
// Get Token from Session
string sEmail = txt_userEmail.Text;
// Select SQL
SelectGuidSQL = "SELECT UserEmail, UserToken FROM tbl_UsersMaster WHERE UserEmail = '" + sEmail + "'";
// Use SQL Statement to Select Records from DB
var sqlConn =
new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
var cmd = new SqlCommand(SelectGuidSQL, sqlConn);
cmd.Connection.Open();
SqlDataReader rdr;
rdr = cmd.ExecuteReader();
while (rdr.Read())
{
var mail = new MailMessage();
mail.To.Add(rdr[0].ToString());
mail.From = new MailAddress("*****@*****.**");
mail.Subject = "Feedback Safe Email Key";
mail.IsBodyHtml = true;
mail.BodyEncoding = Encoding.UTF8;
string body = FetchTemplate.ReadFile("/Templates/recoverTemplate.htm");
body = body.Replace("{Token1}", rdr[1].ToString());
body = body.Replace("{Token2}", rdr[1].ToString());
mail.Body = body;
var smtp = new SmtpClient();
smtp.Send(mail);
}
cmd.Connection.Close();
cmd.Connection.Dispose();
txt_userEmail.Text = "";
div_requestkey.Visible = false;
div_requestkeysuccess.Visible = true;
}
}
//// ADD COMMENT ////
protected void btn_addComment_Click(object sender, ImageClickEventArgs e)
{
if (Page.IsValid)
{
string sCommentText = txt_addComment.Text;
string sFlag;
// Check if Org has enabled Profanity Filter
string sprofanityFilter = Session["profanityFilter"].ToString();
if (sprofanityFilter == "True")
{
// Run Comment Through Filter and Return TRUE/FALSE
sFlag = FilterWords.HasBadWords(sCommentText).ToString();
}
else
{
// Default to False
sFlag = "False";
}
// Instantiate SQL String
string InsertCommentSQL;
// Get Session Variable
string sautoApproveComment = Session["autoApproveComment"].ToString();
// Set SQL based on AutoApproveComment Session variable
if (sautoApproveComment == "True")
{
InsertCommentSQL =
"INSERT INTO tbl_Comments (ConversationID, UserID, CommentText, CommentApproved, Flag, IpAddress)VALUES(@ConversationID, @UserID, @CommentText, '1', @Flag, @IpAddress)";
}
else
{
InsertCommentSQL =
"INSERT INTO tbl_Comments (ConversationID, UserID, CommentText, CommentApproved, Flag, IpAddress)VALUES(@ConversationID, @UserID, @CommentText, '0', @Flag, @IpAddress)";
}
// Insert List to DB and Return New ID
var sqlConn =
new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
var cmd = new SqlCommand(InsertCommentSQL, sqlConn);
cmd.Parameters.Add("@ConversationID", SqlDbType.VarChar, 255).Value =
Session["ConversationID"].ToString();
cmd.Parameters.Add("@UserID", SqlDbType.VarChar, 255).Value = Session["UserID"].ToString();
cmd.Parameters.Add("@CommentText", SqlDbType.NVarChar, -1).Value = sCommentText;
cmd.Parameters.Add("@IpAddress", SqlDbType.VarChar, 255).Value = IpAddress();
// Change Parameter to update Comment Flag based on if Profanity Filter tripped
if (sFlag == "True")
{
cmd.Parameters.Add("@Flag", SqlDbType.VarChar, 255).Value = "1";
}
else
{
cmd.Parameters.Add("@Flag", SqlDbType.VarChar, 255).Value = "0";
}
cmd.Connection.Open();
cmd.ExecuteNonQuery();
cmd.Connection.Close();
cmd.Connection.Dispose();
// Set Conversation Unread
SetUnread();
// Set Conversation Flagged
if (sFlag == "True")
{
SetFlagged();
}
// Send Receipt to Leader
// Instantiate SQL String
string SelectEmailSQL;
// Select SQL
SelectEmailSQL = "SELECT UserEmail, optOut FROM tbl_UsersMaster WHERE UserID = @LeaderID";
// Use SQL Statement to Select Records from DB
var sqlConn2 =
new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
var cmd2 = new SqlCommand(SelectEmailSQL, sqlConn2);
cmd2.Parameters.Add("@LeaderID", SqlDbType.VarChar, 255).Value = lbl_LeaderID.Text;
cmd2.Connection.Open();
SqlDataReader rdr;
rdr = cmd2.ExecuteReader();
while (rdr.Read())
{
// Check if Org has disabled Conversation Emails
string scommentEmail = Session["commentEmail"].ToString();
// Check if Leader has Opted Out of Email
string soptOut = rdr[1].ToString();
if (scommentEmail == "True" & soptOut == "False")
{
// Send Leader a Receipt
var mail = new MailMessage();
mail.To.Add(rdr[0].ToString());
mail.From = new MailAddress("*****@*****.**");
mail.Subject = "Feedback Safe New Comment Added";
mail.IsBodyHtml = true;
mail.BodyEncoding = Encoding.UTF8;
string body = FetchTemplate.ReadFile("/Templates/commentLeaderTemplate.htm");
body = body.Replace("{TokenCommentLeader}", txt_addComment.Text);
mail.Body = body;
var smtp = new SmtpClient();
smtp.Send(mail);
}
}
cmd2.Connection.Close();
cmd2.Connection.Dispose();
// Send Receipt to User
// Instantiate SQL String
string SelectEmailPersonSQL;
// Select SQL
SelectEmailPersonSQL =
"SELECT UserEmail, optOut, optOutComment FROM tbl_UsersMaster WHERE UserID = @UserID";
// Use SQL Statement to Select Records from DB
var sqlConn3 =
new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
var cmd3 = new SqlCommand(SelectEmailPersonSQL, sqlConn3);
cmd3.Parameters.Add("@UserID", SqlDbType.VarChar, 255).Value = Session["UserID"].ToString();
cmd3.Connection.Open();
SqlDataReader rdr2;
rdr2 = cmd3.ExecuteReader();
while (rdr2.Read())
{
// Check if User has Opted Out of Email
string soptOut = rdr2[1].ToString();
string soptOutComment = rdr2[2].ToString();
if (soptOut == "False" && soptOutComment == "False")
// Send User a Receipt
{
var mail = new MailMessage();
mail.To.Add(rdr2[0].ToString());
mail.From = new MailAddress("*****@*****.**");
mail.Subject = "Feedback Safe: You Added a Comment";
mail.IsBodyHtml = true;
mail.BodyEncoding = Encoding.UTF8;
string body = FetchTemplate.ReadFile("/Templates/commentPersonTemplate.htm");
body = body.Replace("{TokenCommentPerson}", txt_addComment.Text);
mail.Body = body;
var smtp = new SmtpClient();
smtp.Send(mail);
}
}
cmd3.Connection.Close();
cmd3.Connection.Dispose();
// Clear Textbox
txt_addComment.Text = "";
// Rebind Datalist
BindConversation();
}
}
protected void btn_askQuestion_Click(object sender, ImageClickEventArgs e)
{
if (Page.IsValid)
{
// Instantiate SQL String
string InsertConvSQL;
// Get Session Variable
string sautoApproveConversation = Session["autoApproveConversation"].ToString();
// Set SQL based on AutoApproveConversation Session variable
if (sautoApproveConversation == "True")
{
InsertConvSQL =
"INSERT INTO tbl_Conversations (OrgID, UserID, LeaderID, ConversationPrivate, ConversationApproved, ConversationUnread, IpAddress)VALUES(@OrgID, @UserID, @LeaderID, @Private, '1', '1', @IpAddress);SELECT @@IDENTITY";
}
else
{
InsertConvSQL =
"INSERT INTO tbl_Conversations (OrgID, UserID, LeaderID, ConversationPrivate, ConversationApproved, ConversationUnread, IpAddress)VALUES(@OrgID, @UserID, @LeaderID, @Private, '0', '1', @IpAddress);SELECT @@IDENTITY";
}
// Insert new Conversation to DB and Return New ID
var sqlConn =
new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
var cmd = new SqlCommand(InsertConvSQL, sqlConn);
cmd.Parameters.Add("@OrgID", SqlDbType.VarChar, 255).Value = Session["OrgID"].ToString();
cmd.Parameters.Add("@UserID", SqlDbType.VarChar, 255).Value = Session["UserID"].ToString();
cmd.Parameters.Add("@LeaderID", SqlDbType.VarChar, 255).Value = Session["AskLeaderID"].ToString();
cmd.Parameters.Add("@IpAddress", SqlDbType.VarChar, 255).Value = IpAddress();
if (chk_isPrivate.Checked)
{
cmd.Parameters.Add("@Private", SqlDbType.VarChar, 255).Value = "True";
}
else
{
cmd.Parameters.Add("@Private", SqlDbType.VarChar, 255).Value = "False";
}
cmd.Connection.Open();
Int32 NewConvID = Convert.ToInt32(cmd.ExecuteScalar());
lbl_ConvID.Text = NewConvID.ToString();
cmd.Connection.Close();
cmd.Connection.Dispose();
// Set SQL based on AutoApproveComment Session variable
// If we want to force the user to Approve the first Comment of the Conversation
// Else we just count this first Comment AS the Conversation and rely on above
// Insert Comment to DB using New ConversationID
var sqlConn2 =
new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
var cmd2 =
new SqlCommand(
"INSERT INTO tbl_Comments (ConversationID, UserID, CommentText, CommentApproved, IpAddress)VALUES(@ConversationID, @UserID, @CommentText, '1', @IpAddress)",
sqlConn2);
cmd2.Parameters.Add("@ConversationID", SqlDbType.VarChar, 255).Value = lbl_ConvID.Text;
cmd2.Parameters.Add("@UserID", SqlDbType.VarChar, 255).Value = Session["UserID"].ToString();
cmd2.Parameters.Add("@CommentText", SqlDbType.NVarChar, -1).Value = txt_askedQuestion.Text;
cmd2.Parameters.Add("@IpAddress", SqlDbType.VarChar, 255).Value = IpAddress();
cmd2.Connection.Open();
cmd2.ExecuteNonQuery();
cmd2.Connection.Close();
cmd2.Connection.Dispose();
// Send Receipt to Leader
// Instantiate SQL String
string SelectEmailSQL;
// Select SQL
SelectEmailSQL = "SELECT UserEmail, optOut FROM tbl_UsersMaster WHERE UserID = @LeaderID";
// Use SQL Statement to Select Records from DB
var sqlConn3 =
new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
var cmd3 = new SqlCommand(SelectEmailSQL, sqlConn3);
cmd3.Parameters.Add("@LeaderID", SqlDbType.VarChar, 255).Value = Session["AskLeaderID"].ToString();
cmd3.Connection.Open();
SqlDataReader rdr;
rdr = cmd3.ExecuteReader();
while (rdr.Read())
{
// Check if Org has disabled Conversation Emails
string sconversationEmail = Session["conversationEmail"].ToString();
// Check if Leader has Opted Out of Email
string soptOut = rdr[1].ToString();
if (sconversationEmail == "True" & soptOut == "False")
{
// Send Leader a Receipt
var mail = new MailMessage();
mail.To.Add(rdr[0].ToString());
mail.From = new MailAddress("*****@*****.**");
mail.Subject = "Feedback Safe New Conversation Added";
mail.IsBodyHtml = true;
mail.BodyEncoding = Encoding.UTF8;
string body = FetchTemplate.ReadFile("/Templates/conversationLeaderTemplate.htm");
body = body.Replace("{TokenConvLeader}", txt_askedQuestion.Text);
mail.Body = body;
var smtp = new SmtpClient();
smtp.Send(mail);
}
}
cmd3.Connection.Close();
cmd3.Connection.Dispose();
// Send Receipt to User
// Instantiate SQL String
string SelectEmailPersonSQL;
// Select SQL
SelectEmailPersonSQL =
"SELECT UserEmail, optOut, optOutConversation FROM tbl_UsersMaster WHERE UserID = @UserID";
// Use SQL Statement to Select Records from DB
var sqlConn4 =
new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString);
var cmd4 = new SqlCommand(SelectEmailPersonSQL, sqlConn4);
cmd4.Parameters.Add("@UserID", SqlDbType.VarChar, 255).Value = Session["UserID"].ToString();
cmd4.Connection.Open();
SqlDataReader rdr2;
rdr2 = cmd4.ExecuteReader();
while (rdr2.Read())
{
// Check if User has Opted Out of Email
string soptOut = rdr2[1].ToString();
string soptOutConversation = rdr2[2].ToString();
if (soptOut == "False" && soptOutConversation == "False")
// Send User a Receipt
{
var mail = new MailMessage();
mail.To.Add(rdr2[0].ToString());
mail.From = new MailAddress("*****@*****.**");
mail.Subject = "Feedback Safe: You Started a Conversation";
mail.IsBodyHtml = true;
mail.BodyEncoding = Encoding.UTF8;
string body = FetchTemplate.ReadFile("/Templates/conversationPersonTemplate.htm");
body = body.Replace("{TokenConvPerson}", txt_askedQuestion.Text);
mail.Body = body;
var smtp = new SmtpClient();
smtp.Send(mail);
}
}
cmd4.Connection.Close();
cmd4.Connection.Dispose();
// Send Back to Dashboard
Response.Redirect("Person.aspx");
}
}