/// <summary> /// Calculating hash and submitting form after the send button is clicked /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnSend_Click(object sender, EventArgs e) { string formScript = "<script language=\"javascript\" type=\"text/javascript\">" + "document.getElementById('{0}').submit();" + "</script>"; string formName = "form1"; string formAction = "https://test.ipg-online.com/connect/gateway/processing"; //if timezone isn't specified, will get local timezone and put it into textbox in the web form if (this.timezone.Text.Equals(String.Empty)) { String[] TimeZoneDispNameSplit = TimeZoneInfo.Local.DisplayName.Split(' '); this.timezone.Text = Regex.Replace(TimeZoneDispNameSplit[0], @"[)(]", String.Empty);; } //if date and time isn't specified, will get actual date and time and put it into textbox in the web form if (this.txndatetime.Text.Equals(String.Empty)) { this.txndatetime.Text = DateTime.Now.ToString(@"yyyy\:MM\:dd-HH\:mm\:ss"); } //hash var StringToHash = this.storename.Text + this.txndatetime.Text + this.chargetotal.Text + this.currency.Text + this.sharedsecret.Text; //calculate hash value and put it into textbox in the web form string hash = CalculateHash.calculateHashFromString(new StringBuilder(StringToHash), this.hash_algorithm.Text); this.hash.Text = hash; ltrForm.Text = string.Format("<form id=\"{0}\" name=\"{0}\" method=\"post\" action=\"{1}\">", formName, formAction) + AllInputTagsString() + "</form>"; ltrScript.Text = string.Format(formScript, formName); }
/// <summary> /// Calculating extended hash and submitting form after the send button is clicked /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnSend_Click(object sender, EventArgs e) { string formScript = "<script language=\"javascript\" type=\"text/javascript\">" + "document.getElementById('{0}').submit();" + "</script>"; string formName = "form1"; string formAction = "https://test.ipg-online.com/connect/gateway/processing"; //if timezone isn't specified, will get local timezone and put it into textbox in the web form if (this.timezone.Text.Equals(String.Empty)) { String[] TimeZoneDispNameSplit = TimeZoneInfo.Local.DisplayName.Split(' '); this.timezone.Text = Regex.Replace(TimeZoneDispNameSplit[0], @"[)(]", String.Empty);; } //if date and time isn't specified, will get actual date and time and put it into textbox in the web form if (this.txndatetime.Text.Equals(String.Empty)) { this.txndatetime.Text = DateTime.Now.ToString(@"yyyy\:MM\:dd-HH\:mm\:ss"); } //get dictionary containing all fields from web form (ID,value) var allComponents = GetAllFormComponents(); //calcualte extended hash from sorted web form fields and update hashExtended value in web form and dictionary string hashExtended = CalculateHash.calculateHashFromString(new StringBuilder(StringToHashExtended(allComponents)), this.hash_algorithm.Text); this.hashExtended.Text = hashExtended; allComponents["hashExtended"] = hashExtended; ltrForm.Text = string.Format("<form id=\"{0}\" name=\"{0}\" method=\"post\" action=\"{1}\">", formName, formAction) + AllInputTagstring(allComponents) + "</form>"; ltrScript.Text = string.Format(formScript, formName); }
protected void Page_Load(object sender, EventArgs e) { if ((Session["BESTUDENT"].ToString()) != null) { BusinessEntities.BEStudent objBEStudent = (BusinessEntities.BEStudent)Session["BESTUDENT"]; Amount = objBEStudent.decAmount.ToString(); fActionPage = System.Configuration.ConfigurationManager.AppSettings["ActionPage"].ToString(); xlogin = System.Configuration.ConfigurationManager.AppSettings["xlogin"].ToString(); TransactionKey = System.Configuration.ConfigurationManager.AppSettings["TransactionKey"].ToString(); SequenceNumber = System.Configuration.ConfigurationManager.AppSettings["SequenceNumber"].ToString(); DateTime unixStart = DateTime.SpecifyKind(new DateTime(1970, 1, 1), DateTimeKind.Utc); Timestamp = (long)Math.Floor((DateTime.UtcNow - unixStart).TotalSeconds); Hashcode = CalculateHash.GenerateHash(TransactionKey, xlogin, SequenceNumber, Timestamp.ToString(), Amount, ""); objBEStudent = null; objBEStudent = new BusinessEntities.BEStudent(); BLL.BStudent objBStudent = new BLL.BStudent(); objBEStudent.IntUserID = Convert.ToInt32(Session[BaseClass.EnumPageSessions.USERID].ToString()); objBStudent.BGetStudentName(objBEStudent); strFirstName = objBEStudent.DtResult.Rows[0]["FirstName"].ToString(); strLastName = objBEStudent.DtResult.Rows[0]["LastName"].ToString(); objBEStudent = null; objBStudent = null; } else { Response.Redirect("ScheduleAnExam.aspx"); } }
public ActionResult <InterfaceUtilizador> Authenticate([Bind] UserAuthenticationDto userDto) { lock (_system) { InterfaceUtilizador user = null; int typeOfUser = _system.TypeUser(userDto.email); string token = CalculateHash.GetHashString(userDto.email + DateTime.Now); if (typeOfUser != -1) { switch (typeOfUser) { case 0: { user = (Cliente)_system.Authenticate(userDto.email, userDto.password, token); break; } case 1: { user = (Instrutor)_system.Authenticate(userDto.email, userDto.password, token); break; } case 2: { user = (Rececionista)_system.Authenticate(userDto.email, userDto.password, token); break; } } } if (user == null || typeOfUser == -1) { return(Unauthorized(new { message = "Credentials are wrong..." })); } StringBuilder a = new StringBuilder() .Append("{") .Append("\"token\":\"") .Append(token) .Append("\",\"user\":") .Append(JsonSerializer.Serialize(user, user.GetType())) .Append("}"); return(Ok(a.ToString())); } }
public InterfaceUtilizador LogIn(string email, string passInserida, string token) { DateTime today = DateTime.Now; DateTime time_to_expire = today.AddDays(5); int typeUser = TypeUser(email); // 0 - Cliente, 1 - Instrutor, 2 - Rececionista if (typeUser == -1) { return(null); } try { if (connection.State == ConnectionState.Closed) { connection.Open(); } string hashPass = CalculateHash.GetHashString(passInserida); MySqlCommand command; string sqlCommand; switch (typeUser) { // Cliente case 0: { sqlCommand = "select * from Cliente where email = @EMAIL"; command = new MySqlCommand(sqlCommand, connection); command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar)); command.Parameters["@EMAIL"].Value = email; MySqlDataReader reader = command.ExecuteReader(); reader.Read(); string hashUser = reader.GetString(3); if (hashUser.Equals(hashPass)) { Cliente user = new Cliente(email, reader.GetInt32(1), reader.GetString(2), reader.GetInt16(5), reader.GetDateTime(4), reader.GetString(7), reader.GetString(6)); // Adicionar o Cliente à tabela de utilizadores online... reader.Close(); sqlCommand = "insert into UtilizadoresOnline values (@EMAIL, @TIME_TO_EXPIRE, @TOKEN)"; command = new MySqlCommand(sqlCommand, connection); command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar)); command.Parameters["@EMAIL"].Value = email; command.Parameters.Add(new MySqlParameter("@TIME_TO_EXPIRE", MySqlDbType.DateTime)); command.Parameters["@TIME_TO_EXPIRE"].Value = time_to_expire; command.Parameters.Add(new MySqlParameter("@TOKEN", MySqlDbType.VarChar)); command.Parameters["@TOKEN"].Value = token; command.ExecuteScalar(); return(user); } reader.Close(); break; } // Instrutor case 1: { sqlCommand = "select * from Instrutor where email = @EMAIL"; command = new MySqlCommand(sqlCommand, connection); command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar)); command.Parameters["@EMAIL"].Value = email; MySqlDataReader reader = command.ExecuteReader(); reader.Read(); string hashUser = reader.GetString(3); if (hashUser.Equals(hashPass)) { Instrutor user = new Instrutor(email, reader.GetInt32(1), reader.GetString(2), reader.GetInt16(5), reader.GetDateTime(4), reader.GetString(6)); reader.Close(); // Adicionar o Cliente à tabela de utilizadores online... sqlCommand = "insert into UtilizadoresOnline values (@EMAIL, @TIME_TO_EXPIRE, @TOKEN)"; command = new MySqlCommand(sqlCommand, connection); command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar)); command.Parameters["@EMAIL"].Value = email; command.Parameters.Add(new MySqlParameter("@TIME_TO_EXPIRE", MySqlDbType.DateTime)); command.Parameters["@TIME_TO_EXPIRE"].Value = time_to_expire; command.Parameters.Add(new MySqlParameter("@TOKEN", MySqlDbType.VarChar)); command.Parameters["@TOKEN"].Value = token; command.ExecuteScalar(); return(user); } reader.Close(); break; } // Rececionista case 2: { sqlCommand = "select * from Rececionista where email = @EMAIL"; command = new MySqlCommand(sqlCommand, connection); command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar)); command.Parameters["@EMAIL"].Value = email; MySqlDataReader reader = command.ExecuteReader(); reader.Read(); string hashUser = reader.GetString(3); if (hashUser.Equals(hashPass)) { Rececionista user = new Rececionista(email, reader.GetInt32(1), reader.GetString(2), reader.GetInt16(5), reader.GetDateTime(4), reader.GetString(6)); reader.Close(); // Adicionar o Cliente à tabela de utilizadores online... sqlCommand = "insert into UtilizadoresOnline values (@EMAIL, @TIME_TO_EXPIRE, @TOKEN)"; command = new MySqlCommand(sqlCommand, connection); command.Parameters.Add(new MySqlParameter("@EMAIL", MySqlDbType.VarChar)); command.Parameters["@EMAIL"].Value = email; command.Parameters.Add(new MySqlParameter("@TIME_TO_EXPIRE", MySqlDbType.DateTime)); command.Parameters["@TIME_TO_EXPIRE"].Value = time_to_expire; command.Parameters.Add(new MySqlParameter("@TOKEN", MySqlDbType.VarChar)); command.Parameters["@TOKEN"].Value = token; command.ExecuteScalar(); return(user); } reader.Close(); break; } } } catch (Exception e) { Console.WriteLine(e.ToString()); } finally { connection.Close(); } return(null); }