protected void Page_Load(object sender, EventArgs e) { if (Request.Params.GetKey(0) == "SWITCH") { string pass = dh.RunQueryDirectly("Select * from SystemSettings Where SettingName='ENCRYPTION_KEY'", "SettingValue"); string UserID = Request.Params.Get(0); string RoleID = Request.Params.Get(1); string Password = sh.GetUniqueKey(8);//create a random password for the user. //deleting user string EncPassword = sh.EncryptString(Password, pass); bool inserted = dh.InsertData("ActivateUser", new object [] { int.Parse(UserID), EncPassword, DateTime.Now.ToString(), RoleID }); if (inserted) { Message.Text = "ACTION WAS SUCCESSFUL"; string SystemName = dh.GetData("GetSystemSetting", new string[] { "SYSTEM_NAME" }).Rows[0]["SettingValue"].ToString(); string To = dh.GetData("GetUserEmailByUserID", new string[] { UserID }).Rows[0]["Email"].ToString(); string ActionTaken = dh.GetData("GetUserEmailByUserID", new string[] { UserID }).Rows[0]["Activated"].ToString(); string UserName = dh.GetData("GetUserEmailByUserID", new string[] { UserID }).Rows[0]["fullname"].ToString(); string cred = "\nUse The Following Credentials\n" + "\nUsername: "******"\nPassword: "******"\n\n\n"; string contactAdmin = "\n\nContact The System Administrator\n" + dh.GetData("GetSystemSetting", new string[] { "SYSTEM_ADMIN_EMAIL" }).Rows[0]["SettingValue"].ToString() + "\n\n"; string detail1 = null, detail2 = null; if (ActionTaken.ToString() == "1") { detail1 = "ACTIVATED"; detail2 = detail1 + cred; } else { detail1 = "DE-ACTIVATED"; detail2 = detail1 + contactAdmin; }; string EmailText = "Hello " + UserName + ",\n\nYour " + SystemName + " Account has been " + detail2 + ".\n" + "\nBest Regards.\n" + SystemName; eh.SendEmail(To, EmailText, SystemName + " ACCOUNT " + detail1); } } if (Request.Params.GetKey(0) == "DEL") { string UserID = Request.Params.Get(0); //deleting user bool inserted = dh.InsertData("DeleteUserByID", new object [] { int.Parse(UserID) }); if (inserted) { Message.Text = "USER WAS DELETED"; } } BindData(); }
protected void AddUserBtn_Click(object sender, EventArgs e) { if (FName.Text.ToString() == "") { msg.Text = "ENTER THE FIRST NAME"; } else if (Email.Text.ToString() == "") { msg.Text = "ENTER AN EMAIL ADDRESS."; } else if (PhoneNo.Text.ToString() == "") { msg.Text = "ENTER A PHONE NUMBER."; } else { token = sh.GetUniqueKey(29); string Authority = Request.Url.GetLeftPart(UriPartial.Authority).TrimStart('/').TrimEnd('/'); string ApplicationPath = Request.ApplicationPath.TrimStart('/').TrimEnd('/'); string link = Authority + ApplicationPath + "/ResetAccount.aspx?RESET=" + token; string systemname = dh.GetData("GetSystemSetting", new object[] { "SYSTEM_NAME" }).Rows[0]["SettingValue"].ToString(); string pwd = sh.GetUniqueKey(5); string pass = dh.GetData("GetSystemSetting", new object[] { "ENCRYPTION_KEY" }).Rows[0]["SettingValue"].ToString(); //dh.RunQueryDirectly("Select * from SystemSettings Where SettingName='ENCRYPTION_KEY'", "SettingValue"); string EncPwd = sh.EncryptString(pwd, pass); dh.InsertData("AddNewUser", new object[] { FName.Text, LName.Text, Gender.SelectedValue.ToString(), District.SelectedValue.ToString(), Region.SelectedValue.ToString(), Country.SelectedValue.ToString(), Email.Text, PhoneNo.Text, int.Parse(UserID.Value.ToString()), IsActivated.SelectedValue.ToString(), UserRoles.SelectedValue.ToString(), EncPwd }); Subject = systemname + " Account Credentials"; EmailTxt = "Hello {},\n" + "Your {} Account Details Have Been Set To\n\n" + "USER NAME: " + Email.Text + " " + "PASSWORD: "******"\nOpen the link below To Reset Your Password.\n" + link + "\nOr Login with these same details." + "\n\nRegards\n" + "System Admin."; msg.Text = "USER ADDED."; bool tbl = dh.InsertData("ResetAccount", new object[] { token, Email.Text, DateTime.Now.AddHours(-48).ToString() }); eh.SendEmail(Email.Text, EmailTxt, Subject); } }
protected void Loginbtn_Click(object sender, EventArgs e) { int userId = 0; string roles = string.Empty; string userX = ""; string pass = dh.RunQueryDirectly("Select * from SystemSettings Where SettingName='ENCRYPTION_KEY'", "SettingValue"); string EncPwd = E.EncryptString(password.Text, pass); DataTable tbl = dh.GetData( "Validate_User", new object[] { email.Text, EncPwd } ); foreach (DataRow reader in tbl.Rows) { userX = reader["UserId"].ToString(); userId = Convert.ToInt32(userX); roles = reader["Roles"].ToString(); } switch (userId) { case -1: msg.Text = "Username and/or password is incorrect."; break; case -2: msg.Text = "Your Account has not been activated."; break; case 0: dh.InsertData("LogAuditTrail", new string[] { "LOG IN", DateTime.Now.ToString(), " USER " + Session["USERIDENTITY"].ToString() + "HAS LOGGED IN " }); Response.Redirect("account/account"); break; default: FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 701, email.Text, DateTime.Now, DateTime.Now.AddMinutes(60 * 24 * 2), true, roles, FormsAuthentication.FormsCookiePath ); string hash = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash); Session["CUSTOMERIDENTITY"] = userX; Session["CUTOMERROLE"] = roles; if (ticket.IsPersistent) { cookie.Expires = ticket.Expiration; } Response.Cookies.Add(cookie); Response.Redirect(FormsAuthentication.GetRedirectUrl(email.Text, true)); break; } }
protected void ResetPwd_Click(object sender, EventArgs e) { if (string.Compare(pwd1.Text, pwd2.Text) == 0) { string pass = dh.RunQueryDirectly("Select * from SystemSettings Where SettingName='ENCRYPTION_KEY'", "SettingValue"); string EncPwd = sh.EncryptString(pwd2.Text, pass); msg.Text = ""; token = Request.Params.Get(0); dh.InsertData("UpdateMyPassword", new object[] { EncPwd, token }); Response.Redirect("uLogin.aspx"); } else { msg.Text = "PASSWORDS DO NOT MATCH"; pwd1.Text = ""; pwd2.Text = ""; } }