protected void BtnChange_Click(object sender, EventArgs e)
        {
            User   u          = Utils.GetUser(Session);
            string email      = u != null ? u.Email : tbEmail.Text;
            bool   canProceed = true;
            string hashPasswd = Hashing.Hash(tbPasswd1.Text);

            if (String.IsNullOrEmpty(email)) // czy wypełniono email
            {
                SetState(checkEmail, State.Wrong);
                canProceed = false;
            }
            if (String.IsNullOrEmpty(tbPasswd1.Text)) // czy wypełniono pierwsze hasło
            {
                SetState(checkPasswd1, State.Wrong);
                canProceed = false;
            }
            if (String.IsNullOrEmpty(tbPasswd2.Text)) // czy wypełniono drugie hasło
            {
                SetState(checkPasswd2, State.Wrong);
                canProceed = false;
            }

            if (canProceed) // jeśli tak to drugi etap weryfikacji
            {
                // Pobranie hasła do danego maila
                sqlEmailPassword.CancelSelectOnNullParameter = false;
                sqlEmailPassword.SelectCommand = "SELECT [Email], [Password] FROM [Users] WHERE ([Email] = '" + email + "')";
                DataView dv = SQLHelper.SQLSelect(sqlEmailPassword);

                if (dv.Count == 0) // jeśli nie ma adresu
                {
                    SetState(checkEmail, State.Wrong);
                    labCheckEmail.InnerText = "Nie odnaleziono adresu w bazie danych";
                    canProceed = false;
                }

                if (tbPasswd1.Text != tbPasswd2.Text) // jeśli hasła są różne
                {
                    SetState(checkPasswd1, State.Wrong);
                    SetState(checkPasswd2, State.Wrong);
                    labCheckPasswd.InnerText = "Hasła nie są zgodne.";
                    canProceed = false;
                }
                else if (tbPasswd2.Text.Length < 8) // jeśli hasło za krótkie
                {
                    SetState(checkPasswd1, State.Wrong);
                    SetState(checkPasswd2, State.Wrong);
                    labCheckPasswd.InnerText = "Hasło musi mieć minimum 8 znaków.";
                    canProceed = false;
                }
                else if (Hashing.ComparePasswords(tbPasswd1.Text, dv[0][1].ToString())) // jeśli takie jak stare hasło
                {
                    SetState(checkPasswd1, State.Wrong);
                    SetState(checkPasswd2, State.Wrong);
                    labCheckPasswd.InnerText = "Nowe hasło musi być różne od starego hasła.";
                    canProceed = false;
                }

                if (canProceed)
                {
                    // aktualizacja hasła w bazie
                    sqlEmailPassword.UpdateCommand = "UPDATE [Users] SET [Password] = '" + hashPasswd + "' WHERE [Email] = '" + email + "'";
                    sqlEmailPassword.Update();

                    Session[Utils.PASSWDCHANGED] = tbEmail.Text;
                    if (Utils.GetUser(Session) != null)
                    {
                        Response.Redirect("UserInfo.aspx"); // powrót na stronę usera jeśli zalogowany
                    }
                    else
                    {
                        Response.Redirect("LoginChange.aspx"); // na stronę informacyjną jeśli nie
                    }
                }
            }
        }
Example #2
0
        protected void BtnRegister_Click(object sender, EventArgs e)
        {
            bool canProceed = true;

            // Imię
            if (String.IsNullOrWhiteSpace(tbName.Text))
            {
                SetState(checkName, State.Wrong);
                canProceed = false;
            }
            else
            {
                SetState(checkName, State.Right);
            }

            // Nazwisko
            if (String.IsNullOrWhiteSpace(tbLastname.Text))
            {
                SetState(checkLastname, State.Wrong);
                canProceed = false;
            }
            else
            {
                SetState(checkLastname, State.Right);
            }

            // Email
            labCheckEmail.InnerText = "";
            if (String.IsNullOrWhiteSpace(tbEmail.Text))
            {
                SetState(checkEmail, State.Wrong);
                canProceed = false;
            }
            else
            {
                DataView dv = SQLHelper.SQLSelect(SqlShopDatabaseSelectEmail);
                if (dv.Count == 0)
                {
                    SetState(checkEmail, State.Right);
                }
                else
                {
                    SetState(checkEmail, State.Wrong);
                    labCheckEmail.InnerText = "Na ten adres już założono konto.";
                    canProceed = false;
                }
            }

            // Hasło
            bool passwordsReady = true;

            labCheckPasswd.InnerText = "";
            if (String.IsNullOrEmpty(tbPasswd1.Text))
            {
                SetState(checkPasswd1, State.Wrong);
                canProceed = passwordsReady = false;
            }
            if (String.IsNullOrEmpty(tbPasswd2.Text))
            {
                SetState(checkPasswd2, State.Wrong);
                canProceed = passwordsReady = false;
            }
            if (passwordsReady)
            {
                if (tbPasswd1.Text != tbPasswd2.Text)
                {
                    SetState(checkPasswd1, State.Wrong);
                    SetState(checkPasswd2, State.Wrong);
                    canProceed = passwordsReady = false;
                    labCheckPasswd.InnerText = "Hasła nie są zgodne.";
                }
                else if (tbPasswd1.Text.Length < 8)
                {
                    SetState(checkPasswd1, State.Wrong);
                    SetState(checkPasswd2, State.Wrong);
                    canProceed = passwordsReady = false;
                    labCheckPasswd.InnerText = "Hasło powinno mieć przynajmiej 8 znaków.";
                }
                else
                {
                    SetState(checkPasswd1, State.Right);
                    SetState(checkPasswd2, State.Right);
                }
            }
            Debug.WriteLine("");

            if (!IsReCaptchValid())
            {
                Debug.WriteLine("reCAPTCHA nie jest prawidłowa.");
                canProceed = false;
            }
            else
            {
                Debug.WriteLine("reCAPTCHA Prawidłowa.");
            }

            if (canProceed)
            {
                tbPasswd1.Text = Hashing.Hash(tbPasswd1.Text);
                int result = sqlShopDatabaseInsert.Insert();

                if (result > 0)
                {
                    DataView dv = SQLHelper.SQLSelect(SqlInsertVerification);                                             // get new user ID
                    string   verificationString = Hashing.Hash(dv[0]["Id"].ToString() + DateTime.Now.ToString());         // hash id to get verification key
                    SqlInsertVerification.InsertCommand =
                        String.Format("INSERT INTO [Verification] VALUES ({0}, '{1}')", dv[0]["Id"], verificationString); // prepare insert key to table
                    Debug.WriteLine(SqlInsertVerification.InsertCommand);
                    SqlInsertVerification.Insert();                                                                       // insert
                    Mailing.SendEmail(tbEmail.Text, verificationString);                                                  // send email

                    Session[Utils.FIRSTREGISTER] = true;
                    Response.Redirect("LoginChange.aspx");
                }
                else
                {
                    Utils.MessageBox("Konto nie mogło zostać założone.", this);
                }
            }
        }
Example #3
0
        protected void BtnChange_Click(object sender, EventArgs e)
        {
            Session[Utils.EMAILCHANGING] = true;
            bool canProceed = true;

            if (String.IsNullOrEmpty(tbEmail.Text))
            {
                SetState(checkEmail, State.Wrong);
                canProceed = false;
            }

            labCheckPasswd.InnerText = "";
            if (String.IsNullOrEmpty(tbPasswd.Text))
            {
                SetState(checkPasswd, State.Wrong);
                labCheckPasswd.InnerText = "Wprowadź hasło";
                canProceed = false;
            }

            if (canProceed)
            {
                // czy email już istnieje w bazie
                sqlDeleteUpdate.SelectCommand = "SELECT [Id] FROM [Users] WHERE [Email] = '" + tbEmail.Text + "'";
                DataView dv = SQLHelper.SQLSelect(sqlDeleteUpdate);

                labCheckEmail.InnerText = "";
                if (dv.Count > 0)
                {
                    SetState(checkEmail, State.Wrong);
                    labCheckEmail.InnerText = "Podany adres email istnieje już w bazie danych.";
                }
                else
                {
                    // czy hasło do konta jest zgodne
                    int userId = Utils.GetUser(Session).Id;
                    sqlDeleteUpdate.SelectCommand = "SELECT [Password], [Active] FROM [Users] WHERE [Id] = " + userId;
                    dv = SQLHelper.SQLSelect(sqlDeleteUpdate);

                    if (Hashing.ComparePasswords(tbPasswd.Text, dv[0][0].ToString()))
                    {
                        // zaktualizuj maila i  wyłącz konto
                        sqlDeleteUpdate.UpdateCommand = "UPDATE [Users] SET [Email] = '" + tbEmail.Text + "', [Active] = 0 WHERE [Id] = " + userId;
                        sqlDeleteUpdate.Update();

                        string hash = Hashing.Hash(userId + DateTime.Now.ToString()); // generate new hash
                        if (!(bool)dv[0][1])                                          // if inactive
                        {
                            sqlDeleteUpdate.UpdateCommand = "UPDATE [Verification] SET [Code] = '" + hash + "' WHERE [UserId] = " + userId;
                            sqlDeleteUpdate.Update(); // update database
                        }
                        else // if active account
                        {
                            sqlDeleteUpdate.InsertCommand = "INSERT INTO [Verification] VALUES (" + userId + ", '" + hash + "')";
                            sqlDeleteUpdate.Insert();
                        }
                        Mailing.SendEmail(tbEmail.Text, hash); // send new email

                        Utils.GetUser(Session).Email  = tbEmail.Text;
                        Utils.GetUser(Session).Active = false;
                        Session[Utils.EMAILCHANGED]   = true;
                        Session[Utils.EMAILCHANGING]  = null;
                        Response.Redirect(Request.RawUrl);
                    }
                }
            }
        }