protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["StartDate"] != null && Request.QueryString["EndDate"] != null && Request.QueryString["ReportType"] != null)
{
string startingDate = ClassHashing.basicDecryption(Request.QueryString["StartDate"]);
string endingDate = ClassHashing.basicDecryption(Request.QueryString["EndDate"]);
string reportType = ClassHashing.basicDecryption(Request.QueryString["ReportType"]);
Company company = Company.getCompanyByID(Request.Cookies["CompanyID"].Value);
StaffReportTableAdapters.GetSalesReportTableAdapter ds = new StaffReportTableAdapters.GetSalesReportTableAdapter();
DataTable dt = ds.GetData(DateTime.Parse(startingDate), (DateTime.Parse(endingDate)).AddDays(1), company.CompanyID);
Microsoft.Reporting.WebForms.ReportParameter[] rParams = new Microsoft.Reporting.WebForms.ReportParameter[]
{
new Microsoft.Reporting.WebForms.ReportParameter("FromDate", startingDate),
new Microsoft.Reporting.WebForms.ReportParameter("ToDate", endingDate),
new Microsoft.Reporting.WebForms.ReportParameter("reportType", reportType),
new Microsoft.Reporting.WebForms.ReportParameter("CompanyName", company.Name),
new Microsoft.Reporting.WebForms.ReportParameter("CompanyAddress", company.Address)
};
rvSalesReport.LocalReport.ReportPath = "Staff/Owner/Report/SaleReport.rdlc";
rvSalesReport.LocalReport.DataSources.Clear();
rvSalesReport.LocalReport.DataSources.Add(new ReportDataSource("getSales", dt));
rvSalesReport.LocalReport.SetParameters(rParams);
rvSalesReport.LocalReport.Refresh();
}
else
{
Response.Write("<script LANGUAGE='JavaScript' >alert('Unable retrieve generate relative document.')</script>");
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Request.Cookies["UserCookie"] != null)
{
var Cookie = Request.Cookies["UserCookie"];
if (Cookie.Values["UserInfo"] != null)
{
txtcurrent.Text = DateTime.Now.ToString("yyyy-MM-ddTH:mm");
CompareDuedate.ValueToCompare = Convert.ToString(txtcurrent.Text);
string userString = ClassHashing.basicDecryption(Cookie.Values["UserInfo"].ToString());
User user = ExpressPrintingSystem.Model.Entities.User.toUserObject(userString);
txtcustomerID.Text = user.ID;
string d = txtDueDate.Text;
ViewState["UserID"] = ClassHashing.basicEncryption(user.ID);
string detail = "Information" + "<br/>";
detail += "----------------------" + "<br />";
detail += "Non-Color" + "<br/>";
detail += "-----------" + "<br/>";
detail += "P1001 -" + "RM2.50 for Binding, Plastic cover and RM0.10 for non-color page" + "<br/>";
detail += "Color Page" + "<br/>";
detail += "-----------" + "<br/>";
detail += "P1002 -" + "RM2.50 for binding, Plastic cover and RM0.30 for color page" + "<br/>";
Label11.Text = detail;
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["QuantityUnder"] != null)
{
string quantityUnder = ClassHashing.basicDecryption(Request.QueryString["QuantityUnder"]);
Company company = Company.getCompanyByID(Request.Cookies["CompanyID"].Value);
StaffReportTableAdapters.GetStockRemainReportTableAdapter ds = new StaffReportTableAdapters.GetStockRemainReportTableAdapter();
DataTable dt = ds.GetData(Convert.ToInt32(quantityUnder), company.CompanyID);
ReportParameter[] rParams = new ReportParameter[]
{
new ReportParameter("Limit", quantityUnder),
new ReportParameter("CompanyName", company.Name),
new ReportParameter("CompanyAddress", company.Address)
};
rvStockRemainReport.LocalReport.ReportPath = "Staff/Owner/Report/StockRemainReport.rdlc";
rvStockRemainReport.LocalReport.DataSources.Clear();
rvStockRemainReport.LocalReport.DataSources.Add(new ReportDataSource("getStockRemain", dt));
rvStockRemainReport.LocalReport.SetParameters(rParams);
rvStockRemainReport.LocalReport.Refresh();
}
else
{
Response.Write("<script LANGUAGE='JavaScript' >alert('Unable to generate relative document.')</script>");
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
this.Form.DefaultButton = this.btnSubmit.UniqueID;
if (!IsPostBack)
{
DisplayAppropriateAuthorizationMessage();
if (Request.Cookies["me"] != null)
{
txtname.Text = ClassHashing.basicDecryption((string)Request.Cookies["me"].Value);
CheckBox1.Checked = true;
}
}
}
protected void gvStaffList_RowCommand(object sender, GridViewCommandEventArgs e)
{
if (e.CommandName.Equals("Edit"))
{
//get selected index row
int index = Convert.ToInt32(e.CommandArgument);
GridViewRow selectedRow = gvStaffList.Rows[index];
string staffID = selectedRow.Cells[0].Text;
Response.Redirect("editStaff.aspx?staffID=" + HttpUtility.UrlEncode(ClassHashing.basicEncryption(staffID)));
}
}
public UserVerification UserLogin(string UserName, string Password)
{
UserVerification user = null;
if (db.OpenConnection())
{
MySqlCommand cmd = new MySqlCommand("SELECT UserName,Password,Role from tbluser WHERE UserName = @UserName", db.conn);
cmd.Parameters.AddWithValue("UserName", UserName);
cmd.Parameters.AddWithValue("Password", Password);
try
{
MySqlDataReader datareader = cmd.ExecuteReader();
while (datareader.Read())
{
user = new UserVerification
{
UserName = datareader["UserName"].ToString(),
Password = datareader["Password"].ToString(),
Role = datareader["Role"].ToString()
};
}
}
catch (MySqlException ex)
{
throw new Exception(ex.Message);
}
catch (Exception em)
{
throw new Exception(em.Message);
}
if (user == null)
{
db.CloseConnection();
throw new Exception("Invalid username");
}
if (ClassHashing.VerifyMd5Hash(Password, user.Password))
{
db.CloseConnection();
return(user);
}
else
{
db.CloseConnection();
throw new Exception("Invalid username or password");
}
}
else
{
return(user);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.Cookies["UserCookie"] != null)
{
var Cookie = Request.Cookies["UserCookie"];
if (Cookie.Values["UserInfo"] != null)
{
string userString = ClassHashing.basicDecryption(Cookie.Values["UserInfo"].ToString());
User user = ExpressPrintingSystem.Model.Entities.User.toUserObject(userString);
ViewState["UserID"] = ClassHashing.basicEncryption(user.ID);
SqlConnection conTaxi;
string connStr = ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString;
conTaxi = new SqlConnection(connStr);
conTaxi.Open();
string strCheck;
SqlCommand cmdCheck;
strCheck = "Select CustomerName, CustomerEmail, CustomerDOB, CustomerPhoneNo, CustomerContactMethod from Customer Where CustomerID=@CustomerID";
cmdCheck = new SqlCommand(strCheck, conTaxi);
cmdCheck.Parameters.AddWithValue("@CustomerID", user.ID);
SqlDataReader dtr;
dtr = cmdCheck.ExecuteReader();
if (dtr.Read())
{
string CustomerName = dtr["CustomerName"].ToString();
string customeremail = dtr["CustomerEmail"].ToString();
DateTime customerdob = Convert.ToDateTime(dtr["CustomerDOB"]);
string customerphoneno = dtr["CustomerPhoneNo"].ToString();
string customercontmethod = dtr["CustomerContactMethod"].ToString();
txtName.Text = CustomerName;
txtEmail.Text = customeremail;
customerDOB.Text = Convert.ToString(customerdob);
txtPhoNo.Text = customerphoneno;
rbtContMet.SelectedValue = customercontmethod;
}
conTaxi.Close();
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Request.Cookies["UserCookie"] != null)
{
var Cookie = Request.Cookies["UserCookie"];
if (Cookie.Values["UserInfo"] != null)
{
string userString = ClassHashing.basicDecryption(Cookie.Values["UserInfo"].ToString());
User user = ExpressPrintingSystem.Model.Entities.User.toUserObject(userString);
ViewState["UserID"] = ClassHashing.basicEncryption(user.ID);
bindData();
}
}
}
private void rememberMe()
{
if (CheckBox1.Checked)
{
var rememberUser = new HttpCookie("me");
rememberUser.Value = ClassHashing.basicEncryption(txtname.Text.Trim());
Response.Cookies.Add(rememberUser);
}
else
{
if (Request.Cookies["me"] != null)
{
Request.Cookies["me"].Expires = DateTime.Now.AddDays(-1);
}
}
}
public static bool verifyUser(string username, string password, string loginType)
{
DataTable result = null;
try
{
using (SqlConnection conPrintDB = new SqlConnection(ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString))
{
string strSelect = null;
if (loginType.Equals(ROLE_STAFF))
{
strSelect = "select StaffPassword As Password, StaffSalt As Salt from CompanyStaff where StaffEmail = @uname";
}
else
{
strSelect = "select CustomerPassword As Password, CustomerSalt As Salt from Customer where CustomerEmail = @uname";
}
using (SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB))
{
cmdSelect.Parameters.AddWithValue("@uname", username);
using (SqlDataAdapter da = new SqlDataAdapter(cmdSelect))
{
result = new DataTable();
da.Fill(result);
}
//retrieve password info
byte[] storedPassword = (byte[])result.Rows[0]["Password"];
byte[] storedSalt = (byte[])result.Rows[0]["Salt"];
//hash password from textbox
byte[] hashedPassword = ClassHashing.generateSaltedHash(password, storedSalt);
//compare the password and return the result
return(ClassHashing.CompareByteArrays(storedPassword, hashedPassword));
}
}
}
catch (Exception ex)
{
throw new Exception(ex.ToString());
}
}
private string getReportUrl()
{
string url = null;
switch (ddlReportName.SelectedValue)
{
case SALES_REPORT:
DateTime startingDate = new DateTime(), endingDate = new DateTime();
switch (rblPeriod.SelectedValue)
{
case "Daily":
string[] dailyString = txtDaily.Text.Split('-');
startingDate = new DateTime(Convert.ToInt32(dailyString[0]), Convert.ToInt32(dailyString[1]), Convert.ToInt32(dailyString[2]));
endingDate = new DateTime(Convert.ToInt32(dailyString[0]), Convert.ToInt32(dailyString[1]), Convert.ToInt32(dailyString[2]));
break;
case "Monthly":
string[] monthlyString = txtMonthly.Text.Split('-');
startingDate = new DateTime(Convert.ToInt32(monthlyString[0]), Convert.ToInt32(monthlyString[1]), 1);
endingDate = new DateTime(Convert.ToInt32(monthlyString[0]), Convert.ToInt32(monthlyString[1]), DateTime.DaysInMonth(Convert.ToInt32(monthlyString[0]), Convert.ToInt32(monthlyString[1])), 23, 59, 59);
break;
case "Yearly":
string[] yearlyString = txtYearly.Text.Split('-');
startingDate = new DateTime(Convert.ToInt32(yearlyString[0]), 1, 1);
endingDate = new DateTime(Convert.ToInt32(yearlyString[0]), 12, 31, 23, 59, 59);
break;
case "Custom":
string[] dateFromString = txtDateFrom.Text.Split('-');
string[] dateToString = txtDateTo.Text.Split('-');
startingDate = new DateTime(Convert.ToInt32(dateFromString[0]), Convert.ToInt32(dateFromString[1]), Convert.ToInt32(dateFromString[2]));
endingDate = new DateTime(Convert.ToInt32(dateToString[0]), Convert.ToInt32(dateToString[1]), Convert.ToInt32(dateToString[2]));
break;
}
url = SaleReportUrl + "?StartDate=" + HttpUtility.UrlEncode(ClassHashing.basicEncryption(startingDate.ToString("dd/MM/yyyy"))) + "&EndDate=" + HttpUtility.UrlEncode(ClassHashing.basicEncryption(endingDate.ToString("dd/MM/yyyy"))) + "&ReportType=" + HttpUtility.UrlEncode(ClassHashing.basicEncryption(rblPeriod.SelectedValue));
break;
case STOCK_REMAIN_REPORT:
url = StockReportUrl + "?QuantityUnder=" + HttpUtility.UrlEncode(ClassHashing.basicEncryption(txtStock.Text));
break;
}
return(url);
}
private void populateRequirementControl()
{
DataTable documentlistDataTable;
if (Request.QueryString["requestlistid"] != null && Request.QueryString["documentID"] != null)
{
string requestlistID = ClassHashing.basicDecryption(Request.QueryString["requestlistid"]);
string documentID = ClassHashing.basicDecryption(Request.QueryString["documentID"]);
try
{
using (SqlConnection conPrintDB = new SqlConnection(ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString))
{
string strSelect = "SELECT * FROM Documentlist WHERE RequestlistID = @requestlistID AND DocumentID = @documentID";
using (SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB))
{
cmdSelect.Parameters.AddWithValue("@requestlistID", requestlistID);
cmdSelect.Parameters.AddWithValue("@documentID", documentID);
using (SqlDataAdapter da = new SqlDataAdapter(cmdSelect))
{
documentlistDataTable = new DataTable();
da.Fill(documentlistDataTable);
}
}
lblColor.Text = (string)documentlistDataTable.Rows[0]["DocumentColor"];
lblBothSide.Text = (string)documentlistDataTable.Rows[0]["DocumentBothSide"];
lblPaperType.Text = String.Format("{0} gsm", (int)documentlistDataTable.Rows[0]["DocumentPaperType"]);
lblQuantity.Text = String.Format("{0}", (int)documentlistDataTable.Rows[0]["DocumentQuantity"]);
lblDescription.Text = (string)documentlistDataTable.Rows[0]["DocumentDescription"];
}
}
catch (Exception ex)
{
lblMessage.ForeColor = System.Drawing.Color.Red;
lblMessage.Text = "There is a problem occur when processing the document. Please try again later";
}
}
else
{
lblMessage.ForeColor = System.Drawing.Color.Red;
lblMessage.Text = "System cannot find any document. Please retry.";
}
}
public static string activateStaff(string verificationCode)
{
DataTable result = null;
byte[] emptyByte = { 0, 0 };
try
{
using (SqlConnection conPrintDB = new SqlConnection(ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString))
{
string strSelect = null;
strSelect = "select StaffID, StaffNRIC, StaffSalt from CompanyStaff where StaffPassword = @password";
using (SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB))
{
cmdSelect.Parameters.AddWithValue("@password", emptyByte);
using (SqlDataAdapter da = new SqlDataAdapter(cmdSelect))
{
result = new DataTable();
da.Fill(result);
}
//convert verification code to byte array
byte[] codeByte = Convert.FromBase64String(verificationCode);
for (int i = 0; i < result.Rows.Count; i++)
{
string staffID = (string)result.Rows[i]["StaffID"];
string staffNRIC = (string)result.Rows[i]["StaffNRIC"];
byte[] staffSalt = (byte[])result.Rows[i]["StaffSalt"];
if (ClassHashing.CompareByteArrays(ClassHashing.generateSaltedHash(staffID + staffNRIC, staffSalt), codeByte))
{
return(staffID);
}
}
return(null);
}
}
}
catch (Exception ex)
{
throw new Exception(ex.ToString());
}
}
private void populateStaffToControls()
{
DataTable result = null;
try
{
if (Request.QueryString["staffID"] != null)
{
using (SqlConnection conPrintDB = new SqlConnection(ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString))
{
string strSelect = "select StaffName, StaffEmail, StaffNRIC, StaffDOB, StaffPhoneNo from CompanyStaff where StaffID = @staffID";
string encryptedText = (string)Request.QueryString["staffID"];
string staffID = ClassHashing.basicDecryption(encryptedText);
using (SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB))
{
cmdSelect.Parameters.AddWithValue("@staffID", staffID);
using (SqlDataAdapter da = new SqlDataAdapter(cmdSelect))
{
result = new DataTable();
da.Fill(result);
}
lblStaffID.Text = staffID;
txtName.Text = (string)result.Rows[0]["StaffName"];
txtEmail.Text = (string)result.Rows[0]["StaffEmail"];
txtNRIC.Text = (string)result.Rows[0]["StaffNRIC"];
txtPhoneNo.Text = (string)result.Rows[0]["StaffPhoneNo"];
cldBOD.SelectedDate = Convert.ToDateTime(result.Rows[0]["StaffDOB"]);
cldBOD.VisibleDate = Convert.ToDateTime(result.Rows[0]["StaffDOB"]);
}
}
}
else
{
lblError.Text = "The system could not found any record related to the staff.";
}
}
catch (Exception ex)
{
throw new Exception(ex.ToString());
}
}
private void populateDocumentControl()
{
DataTable documentDataTable;
Document document;
if (Request.QueryString["documentID"] != null)
{
string documentID = ClassHashing.basicDecryption(Request.QueryString["documentID"]);
try
{
using (SqlConnection conPrintDB = new SqlConnection(ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString))
{
string strSelect = "SELECT * FROM Document WHERE DocumentID = @documentID";
using (SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB))
{
cmdSelect.Parameters.AddWithValue("@documentID", documentID);
using (SqlDataAdapter da = new SqlDataAdapter(cmdSelect))
{
documentDataTable = new DataTable();
da.Fill(documentDataTable);
}
document = new Document((string)documentDataTable.Rows[0]["DocumentID"], (string)documentDataTable.Rows[0]["DocumentName"], (string)documentDataTable.Rows[0]["DocumentType"], (string)documentDataTable.Rows[0]["FileIDInCloud"], (string)documentDataTable.Rows[0]["CustomerID"], (int)documentDataTable.Rows[0]["Size"], (int)documentDataTable.Rows[0]["PageNumber"]);
}
}
documentViewer.DocumentSource = new DocumentSource(
new DocumentInfo(document.FileIDInCloud, document.DocumentName), backblaze.downloadFileIntoBytes(document.FileIDInCloud));
}
catch (Exception ex)
{
lblMessage.ForeColor = System.Drawing.Color.Red;
lblMessage.Text = "There is a problem occur when processing the document. Please try again later";
}
}
else
{
lblMessage.ForeColor = System.Drawing.Color.Red;
lblMessage.Text = "System cannot find any document. Please retry.";
}
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
string userID = ClassHashing.basicDecryption((string)ViewState["UserID"]);
SqlConnection conTaxi;
string connStr = ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString;
conTaxi = new SqlConnection(connStr);
conTaxi.Open();
string strEdit;
SqlCommand cmdAdd;
strEdit = "Update Customer Set CustomerName = @customerName, CustomerEmail = @customerEmail, CustomerDOB = @customerDOB, CustomerPhoneNo = @customerPhoneNo, CustomerContactMethod = @customerContactMethod WHERE CustomerID = @customerID";
cmdAdd = new SqlCommand(strEdit, conTaxi);
cmdAdd.Parameters.AddWithValue("@customerName", txtName.Text);
cmdAdd.Parameters.AddWithValue("@customerEmail", txtEmail.Text);
cmdAdd.Parameters.AddWithValue("@customerDOB", Convert.ToDateTime(customerDOB.Text));
cmdAdd.Parameters.AddWithValue("@customerPhoneNo", txtPhoNo.Text);
cmdAdd.Parameters.AddWithValue("@customerContactMethod", rbtContMet.SelectedValue);
cmdAdd.Parameters.AddWithValue("@customerID", userID);
int m = cmdAdd.ExecuteNonQuery();
if (m > 0)
{
Response.Write("<script>alert('Updated Successful');</script>");
Response.Redirect("CustomerDetail.aspx");
}
else
{
Response.Write("<script>alert('Updated Failed');</script>");
}
conTaxi.Close();
}
private List <Document> getDocumentList()
{
string userID = ClassHashing.basicDecryption((string)ViewState["UserID"]);
List <Document> listdocument = new List <Document>();
DataTable documentResult;
try
{
using (SqlConnection conPrintDB = new SqlConnection(ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString))
{
string strSelect = "SELECT * from Document WHERE CustomerID = @CustomerID";
using (SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB))
{
cmdSelect.Parameters.AddWithValue("@CustomerID", userID);
using (SqlDataAdapter da = new SqlDataAdapter(cmdSelect))
{
documentResult = new DataTable();
da.Fill(documentResult);
}
for (int i = 0; i < documentResult.Rows.Count; i++)
{
Document document = new Document((string)documentResult.Rows[i]["DocumentID"], (string)documentResult.Rows[i]["DocumentName"], (string)documentResult.Rows[i]["DocumentType"], (string)documentResult.Rows[i]["FileIDInCloud"], (string)documentResult.Rows[i]["CustomerID"], (int)documentResult.Rows[i]["Size"], (int)documentResult.Rows[i]["PageNumber"]);
//Documentlist newDocumentlist = new Documentlist(document, (int)documentResult.Rows[i]["Sequences"], (string)documentResult.Rows[i]["DocumentColor"], (string)documentResult.Rows[i]["DocumentBothSide"], (int)documentResult.Rows[i]["DocumentPaperType"], (int)documentResult.Rows[i]["DocumentQuantity"], documentResult.Rows[i]["DocumentDescription"].ToString());
//newDocumentlist.RequestlistID = requestlistID;
//documentList.Add(newDocumentlist);
listdocument.Add(document);
}
}
}
return(listdocument);
}
catch (Exception ex)
{
throw new Exception(ex.ToString());
}
}
protected void btnCreditCardlink_Click(object sender, ImageClickEventArgs e)
{
if (Request.Cookies["UserCookie"] != null)
{
var Cookie = Request.Cookies["UserCookie"];
if (Cookie.Values["UserInfo"] != null)
{
string userString = ClassHashing.basicDecryption(Cookie.Values["UserInfo"].ToString());
User user = ExpressPrintingSystem.Model.Entities.User.toUserObject(userString);
SqlConnection conTaxi;
string connStr = ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString;
conTaxi = new SqlConnection(connStr);
conTaxi.Open();
string strCheck;
SqlCommand cmdCheck;
strCheck = "Select CustomerEmail from Customer Where CustomerID=@CustomerID";
cmdCheck = new SqlCommand(strCheck, conTaxi);
cmdCheck.Parameters.AddWithValue("@CustomerID", user.ID);
SqlDataReader dtr;
dtr = cmdCheck.ExecuteReader();
if (dtr.Read())
{
string customeremail = dtr["CustomerEmail"].ToString();
Session["email"] = customeremail;
}
conTaxi.Close();
}
}
Response.Redirect("Payment.aspx");
}
private void verifyUser()
{
if (Request.Cookies["UserCookie"] != null)
{
var cookie = Request.Cookies["UserCookie"];
if (cookie.Values["UserInfo"] != null)
{
string userString = ClassHashing.basicDecryption(cookie.Values["UserInfo"].ToString());
User user = ExpressPrintingSystem.Model.Entities.User.toUserObject(userString);
initUserMenu();
userInfoControl.Text = "Welcome, " + user.Name;
userInfoControl.NavigateUrl = "";
}
else
{
if (Request.Cookies["UserCookie"] != null)
{
Response.Cookies["UserCookie"].Expires = DateTime.Now.AddDays(-1);
}
FormsAuthentication.SignOut();
userInfoControl.Text = "Sign In";
userInfoControl.NavigateUrl = "";
}
}
else
{
if (Request.Cookies["UserCookie"] != null)
{
Response.Cookies["UserCookie"].Expires = DateTime.Now.AddDays(-1);
}
FormsAuthentication.SignOut();
userInfoControl.Text = "Sign In";
userInfoControl.NavigateUrl = "";
}
}
private Request PopulateDataToObject()
{
List <Documentlist> documentlist = createDocumentList();
List <Requestlist> requestlist = new List <Requestlist>();
Requestlist newRequestlist = new Requestlist(ddlPackage.SelectedValue, Requestlist.STATUS_PENDING, rbtRequestType.SelectedValue, documentlist);
requestlist.Add(newRequestlist);
string companyID = Request.QueryString["CompanyID"];
string CustomerID = ClassHashing.basicDecryption((string)ViewState["UserID"]);
DateTime currentDate = DateTime.Now;
DateTime DueDate = Convert.ToDateTime(txtDueDate.Text);
Request request = new Model.Entities.Request(currentDate, DueDate, null, companyID, CustomerID, requestlist);
return(request);
}
private List <Documentlist> createDocumentList()
{
string userID = ClassHashing.basicDecryption((string)ViewState["UserID"]);
//create document list and upload file to cloud
List <Documentlist> documentList = new List <Documentlist>();
int totalpage = 0;
int count = 0;
int normalCount = 0;
if (FileUpload1.HasFile)
{
HttpFileCollection hfc = Request.Files;
for (int i = 0; i < hfc.Count; i++)
{
HttpPostedFile hpf = hfc[i];
if (hpf.ContentLength > 0)
{
//upload to backblaze
String contentType = hpf.ContentType; //Type of file i.e. image/jpeg, audio/mpeg...
String getPath = Path.GetFileName(hpf.FileName);
hpf.SaveAs(Server.MapPath("~/File/") + getPath); //save to server side file
String fileName = hpf.FileName; //Desired name for the file
String filePath = Server.MapPath("~/File/") + getPath; //File path of desired upload
int size = FileUpload1.PostedFile.ContentLength;
lblgetallfilename.Text += String.Format("{0} , ", fileName);
string getallfilename = lblgetallfilename.Text;
Session["allfilename"] = getallfilename;
Session["pathfile"] = filePath;
string getFileIDInCloud = backblaze.UploadFile(contentType, filePath, fileName);
int numberOfPages = 0;
if (Path.GetExtension(hpf.FileName).Equals(".docx"))
{
// get the page number
var application = new Application();
var document = application.Documents.Open(filePath); //open document
numberOfPages = document.ComputeStatistics(WdStatistic.wdStatisticPages, false);
document.Close(); ///close document
//get the count of file
count = hfc.Count;
Session["countthepackageitem"] = count;
FileInfo file = new FileInfo(filePath);
if (file.Exists)//check file exsit or not
{
file.Delete();
}
}
else if (Path.GetExtension(hpf.FileName).Equals(".pdf"))
{
FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read);
StreamReader r = new StreamReader(fs);
string pdfText = r.ReadToEnd();
Regex rx1 = new Regex(@"/Type\s*/Page[^s]");
MatchCollection matches = rx1.Matches(pdfText);
numberOfPages = Convert.ToInt32(matches.Count.ToString());
fs.Close();
//get the count of file
count = hfc.Count;
Session["countthepackageitem"] = count;
FileInfo file = new FileInfo(filePath);
if (file.Exists)//check file exsit or not
{
file.Delete();
}
}
else if (Path.GetExtension(hpf.FileName).Equals(".png") || Path.GetExtension(hpf.FileName).Equals(".PNG") || Path.GetExtension(hpf.FileName).Equals(".jpg"))
{
count = hfc.Count - 1;
Session["countthepackageitem"] = count;
numberOfPages = 1;
FileInfo file = new FileInfo(filePath);
if (file.Exists)//check file exsit or not
{
file.Delete();
}
}
//calculate the total page in multiple file
totalpage += numberOfPages;
Session["totalpage"] = totalpage;
normalCount = hfc.Count;
Session["normalcount"] = normalCount;
// upload to my sqldatabase
var uploadFileObject = (JObject)JsonConvert.DeserializeObject(getFileIDInCloud);
String FileIdInCloud = uploadFileObject["fileId"].Value <string>();//get file ID
Model.Entities.Document newdocument = new Model.Entities.Document(fileName, contentType, FileIdInCloud, userID, size, numberOfPages);
int sequences = 0; ////remember to do it;
string documentColor = "null";
string documentbothside = rbtDocumentSide.SelectedValue;
int documentpapertype = Convert.ToInt32(ddlPaperType.SelectedValue);
int documentquantity = Convert.ToInt32(txtDocumentQuantity.Text);
string documentdescription = txtDocumentDescription.Text;
documentList.Add(new Documentlist(newdocument, sequences, documentColor, documentbothside, documentpapertype, documentquantity, documentdescription));
}
}
}
return(documentList);
}
public string getDocumentViewerUrl(object requestlistID, object documentID)
{
return(String.Format("ViewDocument.aspx?documentID={0}&requestlistid={1}", HttpUtility.UrlEncode(ClassHashing.basicEncryption((string)documentID)), HttpUtility.UrlEncode(ClassHashing.basicEncryption((string)requestlistID))));
}
private void populateDataToControls()
{
if (Request.QueryString["PackageID"] != null)
{
string packageid = ClassHashing.basicDecryption(Request.QueryString["PackageID"]);
DataTable packageResult = null;
DataTable itemsResult = null;
try
{
using (SqlConnection conPrintDB = new SqlConnection(ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString))
{
string strSelect = "SELECT * FROM Package WHERE PackageID = @packageid";
using (SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB))
{
cmdSelect.Parameters.AddWithValue("@packageid", packageid);
using (SqlDataAdapter da = new SqlDataAdapter(cmdSelect))
{
packageResult = new DataTable();
da.Fill(packageResult);
}
}
if (packageResult != null)
{
itemsResult = null;
strSelect = "SELECT i.ItemID, i.ItemName, i.ItemPrice, i.ItemStockQuantity, i.ItemSupplier, p.Quantity FROM Item i, PackageItem p WHERE i.ItemID = p.ItemID AND p.PackageID = @packageID";
using (SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB))
{
cmdSelect.Parameters.Clear();
cmdSelect.Parameters.AddWithValue("@packageID", packageid);
using (SqlDataAdapter da = new SqlDataAdapter(cmdSelect))
{
itemsResult = new DataTable();
da.Fill(itemsResult);
}
}
Model.Entities.Package package;
List <PackageItems> packageItems = new List <PackageItems>();
if (itemsResult != null)
{
for (int j = 0; j < itemsResult.Rows.Count; j++)
{
packageItems.Add(new PackageItems(new Model.Entities.Item((string)itemsResult.Rows[j]["ItemID"], (string)itemsResult.Rows[j]["ItemName"], (decimal)itemsResult.Rows[j]["ItemPrice"],
(int)itemsResult.Rows[j]["ItemStockQuantity"], (string)itemsResult.Rows[j]["ItemSupplier"]), (int)itemsResult.Rows[j]["Quantity"]));
}
package = new Model.Entities.Package((string)packageResult.Rows[0]["PackageID"], (string)packageResult.Rows[0]["PackageName"], (decimal)packageResult.Rows[0]["PackagePrice"], (string)packageResult.Rows[0]["PackageSupport"], (string)packageResult.Rows[0]["PackageType"], (decimal)packageResult.Rows[0]["PrintingPricePerPaper"], packageItems);
}
else
{
package = new Model.Entities.Package((string)packageResult.Rows[0]["PackageID"], (string)packageResult.Rows[0]["PackageName"], (decimal)packageResult.Rows[0]["PackagePrice"], (string)packageResult.Rows[0]["PackageSupport"], (string)packageResult.Rows[0]["PackageType"], (decimal)packageResult.Rows[0]["PrintingPricePerPaper"]);
}
lblPackageID.Text = package.PackageID;
txtName.Text = package.PackageName;
txtPrice.Text = String.Format("{0:0.00}", package.PackagePrice);
ddlType.SelectedValue = package.PackageType;
if (ddlType.SelectedValue.Equals(Model.Entities.Package.TYPE_PRINTING))
{
string[] documentSupport = package.PackageSupport.Split(';');
foreach (string document in documentSupport)
{
for (int i = 0; i < cblSupport.Items.Count; i++)
{
if (cblSupport.Items[i].ToString().Equals(document))
{
cblSupport.Items[i].Selected = true;
}
}
}
txtPricePerPaper.Text = String.Format("{0:0.00}", package.PrintingPrice);
}
DataTable dtCurrentTable = (DataTable)ViewState["CurrentTable"];
DataRow drCurrentRow = null;
foreach (PackageItems packageitem in package.PackageItems)
{
//add new row
if (dtCurrentTable.Rows[0]["itemName"].Equals("N/A"))
{
dtCurrentTable.Rows[dtCurrentTable.Rows.Count - 1]["itemID"] = packageitem.Item.ItemID;
dtCurrentTable.Rows[dtCurrentTable.Rows.Count - 1]["itemName"] = packageitem.Item.ItemName;
dtCurrentTable.Rows[dtCurrentTable.Rows.Count - 1]["Column1"] = packageitem.Quantity;
}
else
{
drCurrentRow = dtCurrentTable.NewRow();
drCurrentRow["itemID"] = packageitem.Item.ItemID;
drCurrentRow["itemName"] = packageitem.Item.ItemName;
drCurrentRow["Column1"] = packageitem.Quantity;
dtCurrentTable.Rows.Add(drCurrentRow);
}
}
ViewState["CurrentTable"] = dtCurrentTable;
gvPackageItem.DataSource = dtCurrentTable;
gvPackageItem.DataBind();
SetPreviousData();
}
}
}
catch (Exception ex)
{
throw new Exception(ex.ToString());
}
}
else
{
lblError.Text = "Invalid PackageID. Please reselect your package to edit.";
}
}
public static string getEditPackageUrl(string packageID)
{
return(String.Format("EditPackage.aspx?PackageID={0}", HttpUtility.UrlEncode(ClassHashing.basicEncryption(packageID))));
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
string roles;
string username = txtname.Text.Trim();
string password = txtPassword.Text.Trim();
string toggleOption = toggleBtn_optionSelected();
var myCookie = new HttpCookie("UserCookie"); //instantiate an new cookie and give it a name
myCookie.Values.Add("SignInType", ClassHashing.basicEncryption(toggleOption)); //populate it with key, value pairs
myCookie.Expires = DateTime.Now.AddMinutes(481);
try
{
if (UserVerification.verifyUser(username, password, toggleOption))
{
//These session values are just for demo purpose to show the user details on master page
roles = UserVerification.GetUserRoles(username, toggleOption);
User user = UserVerification.getUserBasicInfo(username, toggleOption);
myCookie.Values.Add("UserInfo", ClassHashing.basicEncryption(ExpressPrintingSystem.Model.Entities.User.toCompactString(user)));
Response.Cookies.Add(myCookie);
setCompanyCookie(toggleOption, user.ID);
//Let us now set the authentication cookie so that we can use that later.
FormsAuthentication.SetAuthCookie(username, false);
//Login successful lets put him to requested page
string returnUrl = Request.QueryString["ReturnUrl"] as string;
rememberMe();
if (returnUrl != null)
{
Response.Redirect(returnUrl);
}
else
{
if (toggleOption.Equals("Staff"))
{
Response.Redirect("~/Staff/Printing/viewPrintingRequest.aspx");
}
else
{
Response.Redirect("~/masterPageTest.aspx");
}
}
}
else if (UserVerification.isActivatedUser(username, toggleOption))
{
Response.Write("<script LANGUAGE='JavaScript' >alert('Your account is not activated, please check your social media for account activation link.')</script>");
Response.Cookies.Add(myCookie);
}
else
{
Response.Write("<script LANGUAGE='JavaScript' >alert('Login Failed')</script>");
Response.Cookies.Add(myCookie);
}
}
catch (Exception ex)
{
Response.Write("<script LANGUAGE='JavaScript' >alert('Your username or password is invalid.')</script>");
Response.Cookies.Add(myCookie);
}
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
SqlConnection conPrintDB;
string connStr = ConfigurationManager.ConnectionStrings["printDBServer"].ConnectionString;
conPrintDB = new SqlConnection(connStr);
conPrintDB.Open();
try
{
string strInsert;
SqlCommand cmdInsert;
strInsert = "Insert Into CompanyStaff (StaffName, StaffEmail, StaffPassword, StaffNRIC, StaffDOB, StaffPhoneNo, StaffSalt, StaffRole, CompanyID) Values (@staffName, @staffEmail,@staffPassword, @staffNRIC, @staffDOB, @staffPhoneNo, @staffSalt, @staffRole, @companayID); SELECT MAX(StaffID) from CompanyStaff where StaffName=@staffName and StaffPhoneNo=@staffPhoneNo";
byte[] generatedSalt = ClassHashing.generateSalt();
byte[] hashPassword = { 0, 0 };//empty password when checkbox for password setting is not checked
if (chkPassSet.Checked)
{
hashPassword = ClassHashing.generateSaltedHash(txtPassword.Text, generatedSalt);
}
cmdInsert = new SqlCommand(strInsert, conPrintDB);
cmdInsert.Parameters.AddWithValue("@staffName", txtName.Text);
cmdInsert.Parameters.AddWithValue("@staffEmail", txtEmail.Text);
cmdInsert.Parameters.AddWithValue("@staffPassword", hashPassword);
cmdInsert.Parameters.AddWithValue("@staffNRIC", txtNRIC.Text);
cmdInsert.Parameters.AddWithValue("@staffDOB", cldBOD.SelectedDate);
cmdInsert.Parameters.AddWithValue("@staffPhoneNo", txtPhoneNo.Text);
cmdInsert.Parameters.AddWithValue("@staffSalt", generatedSalt);
cmdInsert.Parameters.AddWithValue("@staffRole", UserVerification.ROLE_STAFF);
cmdInsert.Parameters.AddWithValue("@companayID", Request.Cookies["CompanyID"].Value);
var staffID = cmdInsert.ExecuteScalar();
if (!chkPassSet.Checked)
{
string strSelect = "SELECT CompanyName FROM Company WHERE CompanyID = @companyID";
SqlCommand cmdSelect = new SqlCommand(strSelect, conPrintDB);
cmdSelect.Parameters.AddWithValue("@companyID", Request.Cookies["CompanyID"].Value);
var companyName = cmdSelect.ExecuteScalar();
string verificationCode = UserVerification.getVerificationCode(staffID + txtNRIC.Text, generatedSalt);
//then it will generate a url to activate the account and send it to the staff
string verificationLink = DOMAIN_NAME + Page.ResolveUrl("~/StaffAccountActivation.aspx?VC=" + HttpUtility.UrlEncode(verificationCode));
string emailContent = EmailClass.populateActivationEmail((string)companyName, verificationLink);// content of the email
EmailClass emailClass = new EmailClass(txtEmail.Text, "Staff Account Activation", emailContent, true);
if (EmailClass.isCredentialed())
{
EmailCredential credential = (EmailCredential)Session["EmailCredential"];
emailClass.sendEmail(credential);
}
else
{
Session["tempEmail"] = emailClass;
Response.Redirect(ResolveUrl("~/Staff/VerifyEmail.aspx?ReturnURL=" + Request.Url.AbsoluteUri));
}
}
lblError.Text = "Successfully added";
}
catch (Exception ex)
{
lblError.Text = "An error occured when register staff :" + ex.ToString();
}
finally
{
conPrintDB.Close();
}
}
public static string getVerificationCode(string text, byte[] salt)
{ //verification code is generated by combining staff id and NRIC and random salt;
return(Convert.ToBase64String(ClassHashing.generateSaltedHash(text, salt)));
}
