protected void Page_Load(object sender, System.EventArgs e)
{
ltMessage.Text = AppLogic.GetString("savenotification.aspx.cs.1", Customer.Current.SkinID, Customer.Current.LocaleSetting);
Int32 NotificationType = Int32.Parse(CommonLogic.QueryStringCanBeDangerousContent("NotificationType"));
String itemCode = CommonLogic.QueryStringCanBeDangerousContent("itemCode");
String ProductURL = CommonLogic.QueryStringCanBeDangerousContent("ProductURL") + "/" + InterpriseHelper.MakeItemLink(itemCode);
string[][] ruleloaddataset;
ruleloaddataset = new string[][] { new string[] { "ECOMMERCENOTIFICATION", "READECOMMERCENOTIFICATION", "@ContactCode", Customer.Current.ContactCode,
"@WebsiteCode", InterpriseHelper.ConfigInstance.WebSiteCode, "@ItemCode", itemCode, "@EmailAddress", Customer.Current.EMail } };
EcommerceNotificationDatasetGateway ruleDatasetContainer = new EcommerceNotificationDatasetGateway();
if (Interprise.Facade.Base.SimpleFacade.Instance.CurrentBusinessRule.LoadDataSet(
InterpriseHelper.ConfigInstance.OnlineCompanyConnectionString, ruleloaddataset, ruleDatasetContainer))
{
EcommerceNotificationDatasetGateway.EcommerceNotificationRow ruleDatasetContainernewRow;
if (ruleDatasetContainer.EcommerceNotification.Rows.Count == 0)
{
ruleDatasetContainernewRow = ruleDatasetContainer.EcommerceNotification.NewEcommerceNotificationRow();
}
else
{
ruleDatasetContainernewRow = ruleDatasetContainer.EcommerceNotification[0];
}
Boolean OnPriceDrop = AppLogic.CheckNotification(Customer.Current.ContactCode, Customer.Current.EMail, itemCode, 1);
Boolean OnItemAvail = AppLogic.CheckNotification(Customer.Current.ContactCode, Customer.Current.EMail, itemCode, 0);
if (NotificationType == 1)
{
OnPriceDrop = true;
}
else
{
OnItemAvail = true;
}
ruleDatasetContainernewRow.BeginEdit();
ruleDatasetContainernewRow.WebSiteCode = InterpriseHelper.ConfigInstance.WebSiteCode;
ruleDatasetContainernewRow.ItemCode = itemCode;
ruleDatasetContainernewRow.ContactCode = Customer.Current.ContactCode;
ruleDatasetContainernewRow.EmailAddress = Customer.Current.EMail;
ruleDatasetContainernewRow.NotifyOnPriceDrop = OnPriceDrop;
ruleDatasetContainernewRow.NotifyOnItemAvail = OnItemAvail;
ruleDatasetContainernewRow.ProductURL = ProductURL;
byte[] salt = InterpriseHelper.GenerateSalt();
byte[] iv = InterpriseHelper.GenerateVector();
string contactCodeCypher = InterpriseHelper.Encryption(Customer.Current.ContactCode, salt, iv);
string emailAddressCypher = InterpriseHelper.Encryption(Customer.Current.EMail, salt, iv);
ruleDatasetContainernewRow.EncryptedContactCode = contactCodeCypher + "|" + Convert.ToBase64String(salt) + "|" + Convert.ToBase64String(iv);
ruleDatasetContainernewRow.EncryptedEmailAddress = emailAddressCypher + "|" + Convert.ToBase64String(salt) + "|" + Convert.ToBase64String(iv);
ruleDatasetContainernewRow.EndEdit();
if (ruleDatasetContainer.EcommerceNotification.Rows.Count == 0)
{
ruleDatasetContainer.EcommerceNotification.AddEcommerceNotificationRow(ruleDatasetContainernewRow);
}
string[][] rulecommandset;
rulecommandset = new string[][] { new string[] { ruleDatasetContainer.EcommerceNotification.TableName, "CREATEECOMMERCENOTIFICATION",
"UPDATEECOMMERCENOTIFICATION", "DELETEECOMMERCENOTIFICATION" } };
if (Interprise.Facade.Base.SimpleFacade.Instance.CurrentBusinessRule.UpdateDataset(
InterpriseHelper.ConfigInstance.OnlineCompanyConnectionString, rulecommandset, ruleDatasetContainer))
{
ltMessage.Text = AppLogic.GetString("savenotification.aspx.cs.2", Customer.Current.SkinID, Customer.Current.LocaleSetting);
Response.Write("<script type=text/javascript language=javascript>window.top.close();</script>");
}
}
}
protected void RequestPassword_Click(object sender, EventArgs e)
{
ErrorPanel.Visible = true; // that is where the status msg goes, in all cases in this routine
//FireFox does not validate RequiredFieldValidator1.
//This code will double check forgotemail has value.
if (ForgotEMail.Text.Trim() == string.Empty)
{
ErrorMsgLabel.Text = AppLogic.GetString("signin.aspx.3", SkinID, ThisCustomer.LocaleSetting, true);
return;
}
//Decrypt connectionstring using salt & vector scheme implemented by Interprise.
ErrorMsgLabel.Text = string.Empty;
string PWD = string.Empty;
bool passwordValid = true;
string customerCode = string.Empty;
string contactCode = string.Empty;
bool exists = false;
string sql = string.Format("SELECT EntityCode, cc.ContactCode, Password,PasswordSalt,PasswordIV FROM CRMContact cc WITH (NOLOCK) INNER JOIN EcommerceCustomerActiveSites ecas ON cc.ContactCode = ecas.ContactCode WHERE IsAllowWebAccess=1 AND UserName= {0} AND ecas.WebSiteCode = {1} AND ecas.IsEnabled = 1", DB.SQuote(ForgotEMail.Text.ToLower()), DB.SQuote(InterpriseHelper.ConfigInstance.WebSiteCode));
using (var con = DB.NewSqlConnection())
{
con.Open();
using (var rs = DB.GetRSFormat(con, sql))
{
exists = rs.Read();
if (exists)
{
string pwdCypher = DB.RSField(rs, "Password");
string salt = DB.RSField(rs, "PasswordSalt");
string iv = DB.RSField(rs, "PasswordIV");
customerCode = DB.RSField(rs, "EntityCode");
contactCode = DB.RSField(rs, "ContactCode");
try
{
var tmpCrypto = new Interprise.Licensing.Base.Services.CryptoServiceProvider();
PWD = tmpCrypto.Decrypt(Convert.FromBase64String(pwdCypher),
Convert.FromBase64String(salt),
Convert.FromBase64String(iv));
}
catch
{
passwordValid = false;
}
}
else
{
ErrorMsgLabel.Text = AppLogic.GetString("lostpassword.aspx.4", SkinID, ThisCustomer.LocaleSetting, true);
return;
}
}
}
if (exists && !passwordValid)
{
byte[] salt = InterpriseHelper.GenerateSalt();
byte[] iv = InterpriseHelper.GenerateVector();
string newPassword = Guid.NewGuid().ToString("N").Substring(0, 8);
string newPasswordCypher = InterpriseHelper.Encryption(newPassword, salt, iv);
string saltBase64 = Convert.ToBase64String(salt);
string ivBase64 = Convert.ToBase64String(iv);
DB.ExecuteSQL("UPDATE CRMContact SET Password = {0}, PasswordSalt = {1}, PasswordIV = {2} WHERE EntityCode = {3} AND ContactCode = {4}", DB.SQuote(newPasswordCypher), DB.SQuote(saltBase64), DB.SQuote(ivBase64), DB.SQuote(customerCode), DB.SQuote(contactCode));
PWD = newPassword;
}
if (PWD.Length != 0)
{
string FromEMail = AppLogic.AppConfig("MailMe_FromAddress");
string EMail = ForgotEMail.Text;
bool SendWasOk = false;
try
{
string WhoisRequestingThePassword = "******" + ThisCustomer.LastIPAddress + "\r\n" + DateTime.Now.ToString();
string MsgBody = string.Empty;
MsgBody = InterpriseHelper.GetPasswordEmailTemplate(EMail);
if (MsgBody.Length > 0)
{
AppLogic.SendMail(AppLogic.AppConfig("StoreName") + " " + AppLogic.GetString("lostpassword.aspx.5", SkinID, ThisCustomer.LocaleSetting, true), MsgBody, true, FromEMail, FromEMail, EMail, EMail, "", AppLogic.AppConfig("MailMe_Server"));
SendWasOk = true;
}
else
{
ErrorMsgLabel.Text = AppLogic.GetString("lostpassword.aspx.4", SkinID, ThisCustomer.LocaleSetting, true);
}
}
catch { }
if (SendWasOk)
{
ErrorMsgLabel.Text = AppLogic.GetString("lostpassword.aspx.2", SkinID, ThisCustomer.LocaleSetting, true);
}
else
{
ErrorMsgLabel.Text = AppLogic.GetString("lostpassword.aspx.3", SkinID, ThisCustomer.LocaleSetting, true);
}
}
else
{
ErrorMsgLabel.Text = AppLogic.GetString("lostpassword.aspx.4", SkinID, ThisCustomer.LocaleSetting, true);
}
}