protected void cmdSubmit_Click(object sender, EventArgs e)
{
try
{
if (txtNewPassword.Text.Equals(txtConfirm.Text))
{
securityAgent = new CryptoProvider();
DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
DBAgent.AddParameter("@ParamLoginID", securityAgent.decryptText(Request.QueryString["UID"].Replace(" ", "+")));
DBAgent.AddParameter("@ParamNewPassword", securityAgent.EncryptText(txtNewPassword.Text));
DBAgent.AddParameter("@ParamIsTempPassword", 0);
DBAgent.ExecuteNonQuery("dbo.spUpdatePassword");
Session["Username"] = securityAgent.decryptText(Request.QueryString["UN"].Replace(" ", "+"));
Session["LoginID"] = securityAgent.decryptText(Request.QueryString["UID"].Replace(" ", "+"));
Response.Redirect("Dashboard.aspx");
}
}
catch (Exception ex)
{
lblErr.Text = "There was a problem processing your request. Please contact IT.";
lblErr.Visible = true;
CommonHelpers.writeLogToFile("cmdSubmit_Click: ResetPassword.aspx.aspx", ex.Message);
}
}
protected void gvQuestionnaireHistory_CustomButtonCallback(object sender, ASPxGridViewCustomButtonCallbackEventArgs e)
{
try
{
securityAgent = new CryptoProvider();
ASPxGridView gv = (ASPxGridView)sender;
object PQID = gv.GetRowValues(e.VisibleIndex, "PQID");
if (PQID != null)
{
gvQuestionnaireHistory.JSProperties["cpReportPQID"] = securityAgent.EncryptText(PQID.ToString());
}
}
catch (Exception ex)
{
CommonHelpers.writeLogToFile("gvQuestionnaireHistory_CustomButtonCallback: PatientList.aspx", ex.Message);
}
}
protected void cmdSave_Click(object sender, EventArgs e)
{
try
{
CryptoProvider securityAgent = new CryptoProvider();
int QuestionnaireID = 0;
DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
DBAgent.AddParameter("ParamQuestionnaireName", txtQuestionnaireName.Value);
object o = DBAgent.ExecuteScalar("spAddEditQuestionnaire", ConfigurationManager.AppSettings["DBName"]);
if (o != null)
{
QuestionnaireID = int.Parse(o.ToString());
}
listDataSource = (BindingList <Record>)Session["ConfigurationValues"];
if (QuestionnaireID > 0)
{
foreach (Record r in listDataSource)
{
DBAgent.AddParameter("ParamQuestionnaireID", QuestionnaireID);
DBAgent.AddParameter("ParamConfigID", r.ConfigID);
DBAgent.AddParameter("ParamMinValue", r.MinValue);
DBAgent.AddParameter("ParamMaxValue", r.MaxValue);
DBAgent.ExecuteNonQuery("spAddQuestionnaireConfig", ConfigurationManager.AppSettings["DBName"]);
}
Session["ConfigurationValues"] = null;
Response.Redirect("EditQuestionnaire.aspx?QID=" + securityAgent.EncryptText(QuestionnaireID.ToString()));
}
}
catch (Exception ex)
{
lblErr.Text = "There was a problem processing your request. Please contact IT.";
lblErr.Visible = true;
CommonHelpers.writeLogToFile("cmdSave_Click: NewQuestionnaire.aspx", ex.Message);
}
}
protected void cmdLogin_Click(object sender, EventArgs e)
{
try
{
lblErr.Text = "";
bool ValidUser = false;
bool TempPassword = false;
securityAgent = new CryptoProvider();
DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
DBAgent.AddParameter("@ParamUserName", txtUserName.Value);
string data = DBAgent.ExecuteStoredProcedure("dbo.spGetUserDetails");
if (string.IsNullOrEmpty(data))
{
ValidUser = false;
lblErr.Text = "Invalid Username/Password conbination. Please try again";
DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
DBAgent.AddParameter("@ParamRefID", 0);
DBAgent.AddParameter("@ParamRefType", "Users");
DBAgent.AddParameter("@ParamAction", "FL");
DBAgent.AddParameter("@ParamComment", "Login Failed - " + txtUserName.Value);
DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
}
else
{
DataSet ds = CommonHelpers.GetDataSetFromXml(data);
if (ds.Tables.Count > 0)
{
DataRow dRow = ds.Tables[0].Rows[0];
string upassword = "";
if ((bool.Parse(dRow["IsTempPassword"].ToString())))
{
upassword = dRow["Password"].ToString();
TempPassword = true;
}
else
{
TempPassword = false;
string test = securityAgent.EncryptText("ClarityApp");
upassword = securityAgent.decryptText(dRow["Password"].ToString().Replace(" ", "+"));
}
if (upassword.Equals(txtPassword.Value))
{
DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
DBAgent.AddParameter("@ParamRefID", dRow["LoginID"].ToString());
DBAgent.AddParameter("@ParamRefType", "Users");
DBAgent.AddParameter("@ParamAction", "LI");
DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
ValidUser = true;
Session["FullName"] = String.Format("{0}, {1}", dRow["LastName"], dRow["FirstName"]);
if (!TempPassword)
{
Session["LoginID"] = dRow["LoginID"].ToString();
Session["UserName"] = dRow["Username"].ToString();
Response.Redirect("Dashboard.aspx", true);
}
else
{
Response.Redirect(String.Format("ResetPassword.aspx?UN={0}&UID={1}", securityAgent.EncryptText(txtUserName.Text), securityAgent.EncryptText(dRow["LoginID"].ToString())), true);
}
}
else
{
ValidUser = false;
lblErr.Text = "Invalid Username/Password conbination. Please try again";
DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
DBAgent.AddParameter("@ParamRefID", 0);
DBAgent.AddParameter("@ParamRefType", "Users");
DBAgent.AddParameter("@ParamAction", "FL");
DBAgent.AddParameter("@ParamComment", "Login Failed - " + txtUserName.Value);
DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
}
}
}
}
catch (Exception ex)
{
lblErr.Text = "There was a problem processing your request. Please contact IT.";
lblErr.Visible = true;
CommonHelpers.writeLogToFile("cmdLogin_Click: Login.aspx", ex.Message);
}
}