protected void btnChangePW_Click(object sender, EventArgs e)
{
if (captcha.IsValid && ASPxEdit.ValidateEditorsInContainer(this))
{
//PopupChangePW.HeaderText = "Confirm";
//PopupChangePW.ShowOnPageLoad = true;
string qry = "", _sPassword = "";
SqlCommand cmd = null;
_sPassword = EncryptionClass.Encrypt(newPasswordCH.Text.ToString().Trim());
SqlConnection con = new SqlConnection(GlobalClass.SQLConnString());
con.Open();
qry = "UPDATE tbl_Users " +
" SET Password = '******' " +
" WHERE (PK = " + Session["CreatorKey"] + ")";
cmd = new SqlCommand(qry);
cmd.Connection = con;
cmd.ExecuteNonQuery();
con.Close();
ModalPopupExtenderLoading.Hide();
Response.Redirect("home.aspx");
}
}
protected void UserList_RowUpdating(object sender, DevExpress.Web.Data.ASPxDataUpdatingEventArgs e)
{
ASPxGridView grid = sender as ASPxGridView;
ASPxPageControl pageControl = grid.FindEditFormTemplateControl("UserPageControl") as ASPxPageControl;
//ASPxTextBox entCode = pageControl.FindControl("EntityValue") as ASPxTextBox;
ASPxComboBox entCode = pageControl.FindControl("EntityCode") as ASPxComboBox;
ASPxTextBox buCode = pageControl.FindControl("BUValue") as ASPxTextBox;
ASPxTextBox domainAcc = pageControl.FindControl("DomainAccount") as ASPxTextBox;
ASPxTextBox userLevel = pageControl.FindControl("UserLevelValue") as ASPxTextBox;
ASPxTextBox userStatus = pageControl.FindControl("UserStatusValue") as ASPxTextBox;
SqlConnection conn = new SqlConnection(GlobalClass.SQLConnString());
conn.Open();
string PK = e.Keys[0].ToString();
string sEntCode = entCode.Value.ToString();
string sBUCode = buCode.Value.ToString();
string sDomainAcc = "";
if (domainAcc.Value != null)
{
sDomainAcc = EncryptionClass.Encrypt(domainAcc.Value.ToString());
}
int sUserLevel = Convert.ToInt32(userLevel.Value.ToString());
int sUserStatus = Convert.ToInt32(userStatus.Value.ToString());
string update_User = "******" +
" SET [EntityCode] = @EntCode, " +
" [BUCode] = @BUCode, " +
" [DomainAccount] = @DomainAccount, " +
" [UserLevelKey] = @UserLevelKey, " +
" [Active] = @Active " +
" WHERE [PK] = @PK";
SqlCommand cmd = new SqlCommand(update_User, conn);
cmd.Parameters.AddWithValue("@PK", PK);
cmd.Parameters.AddWithValue("@EntCode", sEntCode);
cmd.Parameters.AddWithValue("@BUCode", sBUCode);
cmd.Parameters.AddWithValue("@DomainAccount", sDomainAcc);
cmd.Parameters.AddWithValue("@UserLevelKey", sUserLevel);
cmd.Parameters.AddWithValue("@Active", sUserStatus);
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
conn.Close();
BindUserList();
e.Cancel = true;
grid.CancelEdit();
}
protected void OK_ChangePW_Click(object sender, EventArgs e)
{
string qry = "", _sPassword = "";
SqlCommand cmd = null;
_sPassword = EncryptionClass.Encrypt(newPasswordCH.Text.ToString().Trim());
SqlConnection con = new SqlConnection(GlobalClass.SQLConnString());
con.Open();
qry = "UPDATE tbl_Users " +
" SET Password = '******' " +
" WHERE (PK = " + Session["CreatorKey"] + ")";
cmd = new SqlCommand(qry);
cmd.Connection = con;
cmd.ExecuteNonQuery();
con.Close();
ModalPopupExtenderLoading.Hide();
Response.Redirect("home.aspx");
}
protected void POGrid_RowInserting(object sender, DevExpress.Web.Data.ASPxDataInsertingEventArgs e)
{
ASPxGridView grid = sender as ASPxGridView;
ASPxPageControl pageControl = grid.FindEditFormTemplateControl("GridPageControl") as ASPxPageControl;
ASPxComboBox entity = pageControl.FindControl("EntityCode") as ASPxComboBox;
ASPxTextBox entityname = pageControl.FindControl("EntityName") as ASPxTextBox;
ASPxTextBox header = pageControl.FindControl("HeaderPath") as ASPxTextBox;
ASPxTextBox line = pageControl.FindControl("LinePath") as ASPxTextBox;
ASPxTextBox domain = pageControl.FindControl("Domain") as ASPxTextBox;
ASPxTextBox uname = pageControl.FindControl("Uname") as ASPxTextBox;
ASPxTextBox Pword = pageControl.FindControl("Pword") as ASPxTextBox;
SqlConnection conn = new SqlConnection(GlobalClass.SQLConnString());
conn.Open();
string encrypted_password = EncryptionClass.Encrypt(Pword.Text);
string insert = "INSERT INTO [dbo].[tbl_AXPOUploadingPath] ([Entity], [Entity Name], [POHeaderPath], [POLinePath], [Domain], [UserName], [Password]) VALUES (@Entity, @EntityName, @POHeaderPath, @POLinePath, @Domain, @UserName, @Password)";
SqlCommand cmd = new SqlCommand(insert, conn);
cmd.Parameters.AddWithValue("@Entity", entity.Text);
cmd.Parameters.AddWithValue("@EntityName", entityname.Text);
cmd.Parameters.AddWithValue("@POHeaderPath", header.Text);
cmd.Parameters.AddWithValue("@POLinePath", line.Text);
cmd.Parameters.AddWithValue("@Domain", domain.Text);
cmd.Parameters.AddWithValue("@UserName", uname.Text);
cmd.Parameters.AddWithValue("@Password", encrypted_password);
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
conn.Close();
grid.CancelEdit();
e.Cancel = true;
BindGrid();
}
protected void signUp_Click(object sender, EventArgs e)
{
int iEmployeeKey = 0;
//MRPClass.PrintString("pass clicked signup");
if (captcha.IsValid && ASPxEdit.ValidateEditorsInContainer(this))
{
ModalPopupExtenderLoading.Show();
//MRPClass.PrintString("pass inside validation");
DataTable dt = new DataTable();
SqlCommand cmd = null;
SqlDataAdapter adp;
string qry = "";
using (SqlConnection conHRIS = new SqlConnection(GlobalClass.SQLConnStringHRIS()))
{
//MRPClass.PrintString("pass inside hris");
qry = "SELECT PK, IDNumber FROM dbo.tbl_EmployeeIDNumber WHERE(IDNumber = '" + IDNumTextBox.Text.ToString() + "')";
cmd = new SqlCommand(qry);
cmd.Connection = conHRIS;
adp = new SqlDataAdapter(cmd);
adp.Fill(dt);
if (dt.Rows.Count > 0)
{
//MRPClass.PrintString("pass inside hris with id");
foreach (DataRow row in dt.Rows)
{
iEmployeeKey = Convert.ToInt32(row["PK"]);
}
}
else
{
//Page.ClientScript.RegisterStartupScript(this.GetType(), "alert",
// @"<script type=""text/javascript"">setTimeout(()=>{alert('ID Number not found in Employee MasterList!')},0);</script>");
ModalPopupExtenderLoading.Hide();
CreateAccntNotify.HeaderText = "Error...";
CreateAccntNotifyLbl.Text = "ID Number not found in Employee MasterList!";
CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red;
CreateAccntNotify.ShowOnPageLoad = true;
return;
}
dt.Clear();
conHRIS.Close();
}
DataTable dtUser = AccountClass.UserList();
//dtUser.CaseSensitive = true;
string expressionID = "EmployeeKey = '" + iEmployeeKey.ToString().Trim() + "'";
string sortOrderID = "PK ASC";
DataRow[] foundRowsID;
foundRowsID = dtUser.Select(expressionID, sortOrderID);
if (foundRowsID.Length > 0)
{
//Page.ClientScript.RegisterStartupScript(this.GetType(), "alert",
// @"<script type=""text/javascript"">setTimeout(()=>{alert('Found Duplicate ID Number!')},0);</script>");
ModalPopupExtenderLoading.Hide();
CreateAccntNotify.HeaderText = "Error...";
CreateAccntNotifyLbl.Text = "Found Duplicate ID Number!";
CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red;
CreateAccntNotify.ShowOnPageLoad = true;
return;
}
dtUser.CaseSensitive = true;
string expressionName = "Lastname = '" + lastNameTextBox.Text.ToString().Trim() + "' AND Firstname = '" + firstNameTextBox.Text.ToString().Trim() + "'";
string sortOrderName = "PK ASC";
DataRow[] foundRowsName;
foundRowsName = dtUser.Select(expressionName, sortOrderName);
if (foundRowsName.Length > 0)
{
//Page.ClientScript.RegisterStartupScript(this.GetType(), "alert",
// @"<script type=""text/javascript"">setTimeout(()=>{alert('Found Duplicate Lastname and Firstname!')},0);</script>");
ModalPopupExtenderLoading.Hide();
CreateAccntNotify.HeaderText = "Error...";
CreateAccntNotifyLbl.Text = "Found Duplicate Lastname and Firstname!";
CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red;
CreateAccntNotify.ShowOnPageLoad = true;
return;
}
string expressionEmail = "Email = '" + eMailTextBox.Text.ToString().Trim() + "'";
string sortOrderEmail = "PK ASC";
DataRow[] foundRowsEmail;
foundRowsEmail = dtUser.Select(expressionEmail, sortOrderEmail);
if (foundRowsEmail.Length > 0)
{
//Page.ClientScript.RegisterStartupScript(this.GetType(), "alert",
// @"<script type=""text/javascript"">setTimeout(()=>{alert('Found Duplicate Email!')},0);</script>");
ModalPopupExtenderLoading.Hide();
CreateAccntNotify.HeaderText = "Error...";
CreateAccntNotifyLbl.Text = "Found Duplicate Email!";
CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red;
CreateAccntNotify.ShowOnPageLoad = true;
return;
}
string expressionUName = "Username = '******'";
string sortOrderUName = "PK ASC";
DataRow[] foundRowsUName;
foundRowsUName = dtUser.Select(expressionUName, sortOrderUName);
if (foundRowsUName.Length > 0)
{
//Page.ClientScript.RegisterStartupScript(this.GetType(), "alert",
// @"<script type=""text/javascript"">setTimeout(()=>{alert('Found Duplicate Username!')},0);</script>");
ModalPopupExtenderLoading.Hide();
CreateAccntNotify.HeaderText = "Error...";
CreateAccntNotifyLbl.Text = "Found Duplicate Username!";
CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red;
CreateAccntNotify.ShowOnPageLoad = true;
return;
}
using (SqlConnection con = new SqlConnection(GlobalClass.SQLConnString()))
{
string _sLastName, _sFirstName, _sEmail, _sUserName, _sPassword, _sIDNum;
int _Gender = 0;
_sLastName = EncryptionClass.Encrypt(GlobalClass.UpperCaseFirstLetter(lastNameTextBox.Text.ToString().Trim()));
_sFirstName = EncryptionClass.Encrypt(GlobalClass.UpperCaseFirstLetter(firstNameTextBox.Text.ToString().Trim()));
_Gender = gender_int;
_sEmail = EncryptionClass.Encrypt(eMailTextBox.Text.ToString().Trim());
_sUserName = EncryptionClass.Encrypt(userNameTextBox.Text.ToString().Trim());
_sPassword = EncryptionClass.Encrypt(passwordTextBox.Text.ToString().Trim());
_sIDNum = EncryptionClass.Encrypt(IDNumTextBox.Text.ToString().Trim());
con.Open();
qry = "INSERT INTO tbl_Users " +
" (Lastname, Firstname, Username, Password, Email, EmployeeKey, Gender) " +
" VALUES ('" + _sLastName + "', '" + _sFirstName + "', '" + _sUserName + "', " +
" '" + _sPassword + "', '" + _sEmail + "', " + iEmployeeKey + ", " + _Gender + ")";;
try
{
cmd = new SqlCommand(qry);
cmd.Connection = con;
cmd.ExecuteNonQuery();
con.Close();
//Page.ClientScript.RegisterStartupScript(this.GetType(), "alert",
// @"<script type=""text/javascript"">setTimeout(()=>{alert('You have successfully registered')},0);</script>");
//MRPClass.PrintString("pass saved");
ModalPopupExtenderLoading.Hide();
CreateAccntNotify.HeaderText = "Info";
CreateAccntNotifyLbl.Text = "You is successfully registered.";
CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Black;
CreateAccntNotify.ShowOnPageLoad = true;
Response.Redirect("default.aspx");
}
catch (SqlException ex)
{
//MRPClass.PrintString(ex.ToString());
con.Close();
//Page.ClientScript.RegisterStartupScript(this.GetType(), "alert",
// @"<script type=""text/javascript"">setTimeout(()=>{alert('" + ex.ToString() + "')},0);</script>");
CreateAccntNotify.HeaderText = "Error...";
CreateAccntNotifyLbl.Text = ex.ToString();
CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red;
CreateAccntNotify.ShowOnPageLoad = true;
}
}
}
}
protected void POGrid_RowUpdating(object sender, DevExpress.Web.Data.ASPxDataUpdatingEventArgs e)
{
ASPxGridView grid = sender as ASPxGridView;
ASPxPageControl pageControl = grid.FindEditFormTemplateControl("GridPageControl") as ASPxPageControl;
ASPxComboBox entity = pageControl.FindControl("EntityCode") as ASPxComboBox;
ASPxTextBox entityname = pageControl.FindControl("EntityName") as ASPxTextBox;
ASPxTextBox header = pageControl.FindControl("HeaderPath") as ASPxTextBox;
ASPxTextBox line = pageControl.FindControl("LinePath") as ASPxTextBox;
ASPxTextBox domain = pageControl.FindControl("Domain") as ASPxTextBox;
ASPxTextBox uname = pageControl.FindControl("Uname") as ASPxTextBox;
ASPxTextBox Pword = pageControl.FindControl("Pword") as ASPxTextBox;
ASPxCheckBox checkbox = pageControl.FindControl("AllowPassword") as ASPxCheckBox;
SqlConnection conn = new SqlConnection(GlobalClass.SQLConnString());
conn.Open();
SqlCommand cmd = null;
string PK = e.Keys[0].ToString();
string update = "";
string[] arr = entity.Text.ToString().Split(';');
string entity_string = arr[0];
if (checkbox.Checked)
{
string encrypted_password = EncryptionClass.Encrypt(Pword.Text);
update = "UPDATE [dbo].[tbl_AXPOUploadingPath] SET [Entity] = @Entity, [Entity Name] = @EntityName, [POHeaderPath] = @POHeaderPath, [POLinePath] = @POLinePath, [Domain] = @Domain, [UserName] = @UserName, [Password] = @Password WHERE [PK] = @PK";
cmd = new SqlCommand(update, conn);
cmd.Parameters.AddWithValue("@Entity", entity_string);
cmd.Parameters.AddWithValue("@EntityName", entityname.Text);
cmd.Parameters.AddWithValue("@POHeaderPath", header.Text);
cmd.Parameters.AddWithValue("@POLinePath", line.Text);
cmd.Parameters.AddWithValue("@Domain", domain.Text);
cmd.Parameters.AddWithValue("@UserName", uname.Text);
cmd.Parameters.AddWithValue("@Password", encrypted_password);
cmd.Parameters.AddWithValue("@PK", PK);
cmd.CommandType = CommandType.Text;
}
else
{
update = "UPDATE [dbo].[tbl_AXPOUploadingPath] SET [Entity] = @Entity, [Entity Name] = @EntityName, [POHeaderPath] = @POHeaderPath, [POLinePath] = @POLinePath, [Domain] = @Domain, [UserName] = @UserName WHERE [PK] = @PK";
cmd = new SqlCommand(update, conn);
cmd.Parameters.AddWithValue("@Entity", entity_string);
cmd.Parameters.AddWithValue("@EntityName", entityname.Text);
cmd.Parameters.AddWithValue("@POHeaderPath", header.Text);
cmd.Parameters.AddWithValue("@POLinePath", line.Text);
cmd.Parameters.AddWithValue("@Domain", domain.Text);
cmd.Parameters.AddWithValue("@UserName", uname.Text);
cmd.Parameters.AddWithValue("@PK", PK);
cmd.CommandType = CommandType.Text;
}
try
{
cmd.ExecuteNonQuery();
}
catch (Exception exc)
{
MRPClass.PrintString(exc.Message);
}
conn.Close();
grid.CancelEdit();
e.Cancel = true;
BindGrid();
}
public ProductManagerController(IRepository <Product> productContext, IRepository <ProductCategory> productCatergoryContext)
{
context = productContext;
productCategories = productCatergoryContext;
encrypt.Encrypt();
}
protected void btnChangePW_Click(object sender, EventArgs e)
{
if (txtOldPassword.Text.ToString().Trim() == "")
{
lblerror.Text = "Please supply old password";
txtOldPassword.Focus();
return;
}
if (txtNewPassword.Text.ToString().Trim() == "")
{
lblerror.Text = "Please supply new password";
txtOldPassword.Focus();
return;
}
if (txtConfirmPassword.Text.ToString().Trim() == "")
{
lblerror.Text = "Please supply confirm password";
txtOldPassword.Focus();
return;
}
//if (txtNewPassword.Text.ToString().Trim() != txtConfirmPassword.Text.ToString().Trim())
//{
// lblerror.Text = "Password not match";
// txtConfirmPassword.Focus();
// return;
//}
string NewPW = txtNewPassword.Text.ToString().Trim();
string ConPW = txtConfirmPassword.Text.ToString().Trim();
bool result = NewPW.Equals(ConPW, StringComparison.CurrentCulture);
if (result == false)
{
lblerror.Text = "Password not match";
txtOldPassword.Focus();
return;
}
DataTable dtUser = AccountClass.UserList();
dtUser.CaseSensitive = true;
string expression = "UserName = '******' AND Password = '******'";
string sortOrder = "PK ASC";
DataRow[] foundRows;
foundRows = dtUser.Select(expression, sortOrder);
if (foundRows.Length > 0)
{
SqlConnection conn = new SqlConnection(GlobalClass.SQLConnString());
conn.Open();
string update_User = "******" +
" SET [Password] = @Password " +
" WHERE [PK] = @PK";
SqlCommand cmd = new SqlCommand(update_User, conn);
cmd.Parameters.AddWithValue("@PK", Session["CreatorKey"].ToString());
cmd.Parameters.AddWithValue("@Password", EncryptionClass.Encrypt(txtNewPassword.Text.ToString().Trim()));
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
conn.Close();
Response.Redirect("home.aspx");
}
else
{
lblerror.Text = "Incorrect old password";
txtOldPassword.Focus();
return;
}
}
