protected void btnsubmit_Click(object sender, EventArgs e)
{
BALLogin objloginbal = new BALLogin();
DALLogin objlogindal = new DALLogin();
objloginbal.UserName = Session["username"].ToString();
objloginbal.Password = txtoldpassword.Text;
DataSet ds = new DataSet();
ds=objlogindal.ValidateLogin(objloginbal);
if(ds.Tables[0].Rows.Count>0)
{
objloginbal.LoginId = Convert.ToInt32(ds.Tables[0].Rows[0][0].ToString());
objloginbal.Password = txtnewpassword.Text;
objlogindal.ChangePassword(objloginbal);
Response.Write("<script>alert('Password Changed');</script>");
}
else
{
Response.Write("<script>alert('Invalid Login Details');</script>");
}
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
BALLogin bllog = new BALLogin();
DALLogin dllog = new DALLogin();
try
{
if (Login1.UserName.Trim().ToString() == "" || Login1.Password.Trim().ToString() == "")
{
e.Authenticated = false;
}
bllog.EmailId = Login1.UserName.Trim().ToString();
bllog.Password = Login1.Password.Trim().ToString();
AgentDTO agent = dllog.AgentLogin(bllog);
if (agent != null)
{
Session.Add("UserName", agent.AgentName);
Session.Add("UserCode", agent.AgentId);
Session.Add("AgentMailId", Login1.UserName.Trim().ToString());
Session.Add("Password", Login1.Password.Trim().ToString());
Response.Redirect("SearchProperty.aspx?Aid=" + agent.AgentId.ToString() + " ");
}
}
catch (Exception exp)
{
ScriptManager.RegisterStartupScript(this, this.GetType(), "Showstatus", "javascript:alert('" + exp.Message + "')", true);
throw exp;
}
}
public int UpdateLoginAttempt(BALLogin obj)
{
try
{
SqlConnection cn = new SqlConnection(strcon);
SqlDataAdapter da = new SqlDataAdapter();
da.InsertCommand = new SqlCommand("[dbo].[sp_Login]", cn);
da.InsertCommand.Parameters.AddWithValue("@flag", obj.Flag);
da.InsertCommand.Parameters.AddWithValue("@LoginId", obj.MailID);
da.InsertCommand.Parameters.AddWithValue("@ClientIpAddress", obj.ClientIpAddress);
da.InsertCommand.Parameters.AddWithValue("@AttemptdateTime", System.DateTime.Now);
da.InsertCommand.Parameters.AddWithValue("@BlockDateTime", obj.SystemBlockDate);
da.InsertCommand.Parameters.AddWithValue("@blockStatus", obj.SystemBlockStatus);
da.InsertCommand.CommandType = CommandType.StoredProcedure;
cn.Open();
int res = da.InsertCommand.ExecuteNonQuery();
cn.Close();
if (res > 0)
{
return(res);
}
else
{
return(0);
}
}
catch (Exception)
{
return(0);
}
}
public DataTable CheckBlockStatus(BALLogin obj)
{
try
{
SqlConnection cn = new SqlConnection(strcon);
SqlDataAdapter da = new SqlDataAdapter();
da.SelectCommand = new SqlCommand("[dbo].[sp_Login]", cn);
da.SelectCommand.Parameters.Clear();
da.SelectCommand.Parameters.AddWithValue("@flag", obj.Flag);
da.SelectCommand.Parameters.AddWithValue("@LoginId", obj.MailID);
da.SelectCommand.Parameters.AddWithValue("@ClientIpAddress", obj.ClientIpAddress);
da.SelectCommand.CommandType = CommandType.StoredProcedure;
cn.Open();
da.SelectCommand.ExecuteReader();
DataTable dt = new DataTable();
cn.Close();
da.Fill(dt);
if (dt != null)
{
return(dt);
}
else
{
return(null);
}
}
catch (Exception)
{
return(null);
}
}
public int ResetAttemps(BALLogin obj)
{
try
{
SqlConnection cn = new SqlConnection(strcon);
SqlDataAdapter da = new SqlDataAdapter();
da.UpdateCommand = new SqlCommand("[dbo].[sp_Login]", cn);
da.UpdateCommand.Parameters.AddWithValue("@flag", obj.Flag);
da.UpdateCommand.Parameters.AddWithValue("@LoginId", obj.MailID);
da.UpdateCommand.CommandType = CommandType.StoredProcedure;
cn.Open();
int res = da.UpdateCommand.ExecuteNonQuery();
cn.Close();
if (res > 0)
{
return(res);
}
else
{
return(0);
}
}
catch (Exception)
{
return(0);
}
}
public void InsertLogin(BALLogin obj)
{
query = "insert into Login(LoginEmail,Password,SecurityQuestion,SecurityAnswer,UserType,CreateDate) values('" + obj.LoginEmail + "','" + obj.Password + "','" + obj.SecurityQuestion + "','" + obj.SecurityAnswer + "','" + obj.UserType + "','" + obj.CreateDate + "')";
SqlCommand cmd = new SqlCommand(query,con);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public void changePassword(BALLogin obj)
{
query = "update Login set Password='******' where LoginId="+obj.LoginId;
SqlCommand cmd = new SqlCommand(query, con);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public void UpdateLogin(BALLogin obj)
{
//query = "update Login set Email='" + obj.LoginEmail + "',Password='******',SecurityQuestion='" + obj.SecurityQuestion+"',SecurtiyAnswer='"+obj.SecurityAnswer+"',UserType='"+obj.UserType+"',CreateDate='"+obj.CreateDate+"'where LoginId="+obj.LoginId;
query = "update Login set LoginEmail='" + obj.LoginEmail + "',SecurityQuestion='" + obj.SecurityQuestion + "',SecurtiyAnswer='" + obj.SecurityAnswer + "' where LoginId=" + obj.LoginId;
SqlCommand cmd = new SqlCommand(query,con);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public void DeleteLogin(BALLogin obj)
{
query = "delete from Login where LoginId=" + obj.LoginId;
SqlCommand cmd = new SqlCommand(query,con);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public void UpdateLogin(BALLogin obj)
{
query = "update Login set username='******',password='******',securityquestion='" + obj.SecurityQuestion + "',secureanswer='" + obj.SecureAnswer + "',createdate='" + obj.CreateDate + "',userrole='" + obj.UserRole + "' where loginid=" + obj.LoginId;
SqlCommand cmd = new SqlCommand(query, con);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public void InsertLogin(BALLogin obj)
{
query = "insert into Login(username,password,securityquestion,secureanswer,createdate,userrole) values ('" + obj.UserName + "','"+obj.Password+"','"+obj.SecurityQuestion+"','"+obj.SecureAnswer+"','"+obj.CreateDate+"','"+obj.UserRole+"')";
SqlCommand cmd = new SqlCommand(query, con);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public DataSet ValidateLogin(BALLogin obj)
{
query = "select * from login where username='******' and password='******'";
SqlDataAdapter adp = new SqlDataAdapter(query, con);
DataSet ds = new DataSet();
adp.Fill(ds);
return ds;
}
public void changePassword(BALLogin obj)
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "spChangePassword";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@username", obj.UserName);
cmd.Parameters.AddWithValue("@password", obj.Password);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public void updateAccountStatusByLoginID(BALLogin obj)
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "spUpdateAccountStatusByLoginID";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@loginid", obj.LoginID);
cmd.Parameters.AddWithValue("@accountstatus", obj.AccountStatus);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public DataSet validateLogin(BALLogin obj)
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "validateLogin";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@username", obj.UserName);
cmd.Parameters.AddWithValue("@password", obj.Password);
DataSet ds = new DataSet();
SqlDataAdapter adp = new SqlDataAdapter(cmd);
adp.Fill(ds);
return(ds);
}
public DataSet retrievePassword(BALLogin obj)
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "spRetrievePassword";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@username", obj.UserName);
cmd.Parameters.AddWithValue("@securityquestion", obj.SecurityQuestion);
cmd.Parameters.AddWithValue("@secureanswer", obj.SecureAnswer);
DataSet ds = new DataSet();
SqlDataAdapter adp = new SqlDataAdapter(cmd);
adp.Fill(ds);
return(ds);
}
public void updateLoginWithoutPassword(BALLogin obj)
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "spUpdateLoginWithoutPassword";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@loginid", obj.LoginID);
cmd.Parameters.AddWithValue("@username", obj.UserName);
cmd.Parameters.AddWithValue("@securityquestion", obj.SecurityQuestion);
cmd.Parameters.AddWithValue("@secureanswer", obj.SecureAnswer);
cmd.Parameters.AddWithValue("@userrole", obj.UserRole);
cmd.Parameters.AddWithValue("@createdate", obj.CreateDate);
cmd.Parameters.AddWithValue("@accountstatus", obj.AccountStatus);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
public AgentDTO AgentLoginForTouristEntry(BALLogin obj)
{
try
{
SqlConnection cn = new SqlConnection(strCon);
string query = "select a.AgentId, AgentCode, AgentName, AgentEmailId, Password from tblAgentMaster a inner join tblBooking b on b.AgentId=a.AgentId where BookingID=" + obj.BookingId + " and AgentEmailId='" + DataSecurityManager.Encrypt(obj.EmailId) + "' and [password]='" + DataSecurityManager.Encrypt(obj.Password) + "'";
SqlCommand cmd = new SqlCommand();
cmd.CommandType = CommandType.Text;
cmd.CommandText = query;
cmd.Connection = cn;
cn.Open();
AgentDTO agent = null;
SqlDataReader reader = cmd.ExecuteReader();
DataTable dt = new DataTable();
dt.Load(reader);
if (dt != null && dt.Rows.Count > 0)
{
agent = new AgentDTO();
agent.AgentId = dt.Rows[0]["AgentId"] != null?Convert.ToInt32(dt.Rows[0]["AgentId"]) : -1;
agent.AgentCode = dt.Rows[0]["AgentCode"] != null ? dt.Rows[0]["AgentCode"].ToString() : string.Empty;
agent.AgentName = dt.Rows[0]["AgentName"] != null?DataSecurityManager.Decrypt(dt.Rows[0]["AgentName"].ToString()) : string.Empty;
agent.EmailId = dt.Rows[0]["AgentEmailId"] != null?DataSecurityManager.Decrypt(dt.Rows[0]["AgentEmailId"].ToString()) : string.Empty;
agent.Password = dt.Rows[0]["Password"] != null?DataSecurityManager.Decrypt(dt.Rows[0]["Password"].ToString()) : string.Empty;
}
reader.Close();
cn.Close();
return(agent);
}
catch (Exception exp)
{
throw exp;
}
}
public string ForgotPassword(BALLogin obj)
{
string password;
DataSet ds = new DataSet();
query = "select * from login where securityquestion='" + obj.SecurityQuestion + "' and secureanswer='" + obj.SecureAnswer+"'";
SqlDataAdapter adp = new SqlDataAdapter(query,con);
adp.Fill(ds);
if (ds.Tables[0].Rows.Count > 0)
password = ds.Tables[0].Rows[0][2].ToString();
else
password = "";
return password;
}
public DataSet validateLogin(BALLogin obj)
{
query = "select * from Login where LoginEmail='"+obj.LoginEmail+"' and Password='******'";
DataSet ds = new DataSet();
SqlDataAdapter adp = new SqlDataAdapter(query, con);
adp.Fill(ds);
return ds;
}
public DataSet validateQA(BALLogin obj)
{
query = "select * from Login where LoginEmail='"+obj.LoginEmail+"'and SecurityQuestion='" + obj.SecurityQuestion + "' and SecurityAnswer='" + obj.SecurityAnswer + "'";
DataSet ds = new DataSet();
SqlDataAdapter adp = new SqlDataAdapter(query, con);
adp.Fill(ds);
return ds;
}
public DataSet SelectLoginByLoginId(BALLogin obj)
{
query = "select * from login where loginid=" + obj.LoginId;
SqlDataAdapter adp = new SqlDataAdapter(query,con);
DataSet ds = new DataSet();
adp.Fill(ds);
return ds;
}
