protected void Page_Load(object sender, EventArgs e)
{
if (Request.Params.GetKey(0) == "SWITCH")
{
string pass = dh.RunQueryDirectly("Select * from SystemSettings Where SettingName='ENCRYPTION_KEY'", "SettingValue");
string UserID = Request.Params.Get(0);
string RoleID = Request.Params.Get(1);
string Password = sh.GetUniqueKey(8);//create a random password for the user.
//deleting user
string EncPassword = sh.EncryptString(Password, pass);
bool inserted = dh.InsertData("ActivateUser", new object [] {
int.Parse(UserID),
EncPassword,
DateTime.Now.ToString(),
RoleID
});
if (inserted)
{
Message.Text = "ACTION WAS SUCCESSFUL";
string SystemName = dh.GetData("GetSystemSetting", new string[] { "SYSTEM_NAME" }).Rows[0]["SettingValue"].ToString();
string To = dh.GetData("GetUserEmailByUserID", new string[] { UserID }).Rows[0]["Email"].ToString();
string ActionTaken = dh.GetData("GetUserEmailByUserID", new string[] { UserID }).Rows[0]["Activated"].ToString();
string UserName = dh.GetData("GetUserEmailByUserID", new string[] { UserID }).Rows[0]["fullname"].ToString();
string cred = "\nUse The Following Credentials\n" +
"\nUsername: "******"\nPassword: "******"\n\n\n";
string contactAdmin = "\n\nContact The System Administrator\n" + dh.GetData("GetSystemSetting", new string[] { "SYSTEM_ADMIN_EMAIL" }).Rows[0]["SettingValue"].ToString() + "\n\n";
string detail1 = null, detail2 = null;
if (ActionTaken.ToString() == "1")
{
detail1 = "ACTIVATED";
detail2 = detail1 + cred;
}
else
{
detail1 = "DE-ACTIVATED";
detail2 = detail1 + contactAdmin;
};
string EmailText = "Hello " + UserName + ",\n\nYour " +
SystemName +
" Account has been " + detail2 + ".\n" +
"\nBest Regards.\n" + SystemName;
eh.SendEmail(To, EmailText, SystemName + " ACCOUNT " + detail1);
}
}
if (Request.Params.GetKey(0) == "DEL")
{
string UserID = Request.Params.Get(0);
//deleting user
bool inserted = dh.InsertData("DeleteUserByID", new object [] { int.Parse(UserID) });
if (inserted)
{
Message.Text = "USER WAS DELETED";
}
}
BindData();
}
protected void AddUserBtn_Click(object sender, EventArgs e)
{
if (FName.Text.ToString() == "")
{
msg.Text = "ENTER THE FIRST NAME";
}
else if (Email.Text.ToString() == "")
{
msg.Text = "ENTER AN EMAIL ADDRESS.";
}
else if (PhoneNo.Text.ToString() == "")
{
msg.Text = "ENTER A PHONE NUMBER.";
}
else
{
token = sh.GetUniqueKey(29);
string Authority = Request.Url.GetLeftPart(UriPartial.Authority).TrimStart('/').TrimEnd('/');
string ApplicationPath = Request.ApplicationPath.TrimStart('/').TrimEnd('/');
string link = Authority + ApplicationPath + "/ResetAccount.aspx?RESET=" + token;
string systemname = dh.GetData("GetSystemSetting", new object[] { "SYSTEM_NAME" }).Rows[0]["SettingValue"].ToString();
string pwd = sh.GetUniqueKey(5);
string pass = dh.GetData("GetSystemSetting", new object[] { "ENCRYPTION_KEY" }).Rows[0]["SettingValue"].ToString(); //dh.RunQueryDirectly("Select * from SystemSettings Where SettingName='ENCRYPTION_KEY'", "SettingValue");
string EncPwd = sh.EncryptString(pwd, pass);
dh.InsertData("AddNewUser", new object[] {
FName.Text,
LName.Text,
Gender.SelectedValue.ToString(),
District.SelectedValue.ToString(),
Region.SelectedValue.ToString(),
Country.SelectedValue.ToString(),
Email.Text,
PhoneNo.Text,
int.Parse(UserID.Value.ToString()),
IsActivated.SelectedValue.ToString(),
UserRoles.SelectedValue.ToString(),
EncPwd
});
Subject = systemname + " Account Credentials";
EmailTxt = "Hello {},\n" +
"Your {} Account Details Have Been Set To\n\n" +
"USER NAME: " + Email.Text + " " +
"PASSWORD: "******"\nOpen the link below To Reset Your Password.\n"
+ link +
"\nOr Login with these same details." +
"\n\nRegards\n" +
"System Admin.";
msg.Text = "USER ADDED.";
bool tbl = dh.InsertData("ResetAccount", new object[] { token, Email.Text, DateTime.Now.AddHours(-48).ToString() });
eh.SendEmail(Email.Text, EmailTxt, Subject);
}
}
protected void Loginbtn_Click(object sender, EventArgs e)
{
int userId = 0;
string roles = string.Empty;
string userX = "";
string pass = dh.RunQueryDirectly("Select * from SystemSettings Where SettingName='ENCRYPTION_KEY'", "SettingValue");
string EncPwd = E.EncryptString(password.Text, pass);
DataTable tbl = dh.GetData(
"Validate_User",
new object[] { email.Text, EncPwd }
);
foreach (DataRow reader in tbl.Rows)
{
userX = reader["UserId"].ToString();
userId = Convert.ToInt32(userX);
roles = reader["Roles"].ToString();
}
switch (userId)
{
case -1:
msg.Text = "Username and/or password is incorrect.";
break;
case -2:
msg.Text = "Your Account has not been activated.";
break;
case 0:
dh.InsertData("LogAuditTrail", new string[] { "LOG IN", DateTime.Now.ToString(), " USER " + Session["USERIDENTITY"].ToString() + "HAS LOGGED IN " });
Response.Redirect("account/account");
break;
default:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
701, email.Text, DateTime.Now, DateTime.Now.AddMinutes(60 * 24 * 2),
true, roles, FormsAuthentication.FormsCookiePath
);
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
Session["CUSTOMERIDENTITY"] = userX;
Session["CUTOMERROLE"] = roles;
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
Response.Cookies.Add(cookie);
Response.Redirect(FormsAuthentication.GetRedirectUrl(email.Text, true));
break;
}
}
protected void ResetPwd_Click(object sender, EventArgs e)
{
if (string.Compare(pwd1.Text, pwd2.Text) == 0)
{
string pass = dh.RunQueryDirectly("Select * from SystemSettings Where SettingName='ENCRYPTION_KEY'", "SettingValue");
string EncPwd = sh.EncryptString(pwd2.Text, pass);
msg.Text = "";
token = Request.Params.Get(0);
dh.InsertData("UpdateMyPassword", new object[] { EncPwd, token });
Response.Redirect("uLogin.aspx");
}
else
{
msg.Text = "PASSWORDS DO NOT MATCH";
pwd1.Text = "";
pwd2.Text = "";
}
}
