/// <summary>
/// Handles the Click event of the btnSubmit control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
/// <remarks></remarks>
protected void btnSubmit_Click(object sender, EventArgs e)
{
hdnErrormsgFromLoginNext.Value = "";
//Page.ClientScript.RegisterStartupScript(this.GetType(), "VKeyboard", "init();", true);
Session["AccountNumber"] = null;
_cardHolderId = Convert.ToInt32(Session["CardHolderId"]);
bool UserStatus = false;
if (hdnTabIndex.Value == "0" && (txtUsername.Text == "" || txtPassword.Text == ""))
{
LblErrorMessage.Text = Constants.InvalidUnamePwd;
DivERROR.Attributes.CssStyle.Add("display", "block");
return;
}
if (hdnTabIndex.Value == "1" && (txtUsername.Text == "" || txtOTP.Text == ""))
{
LblErrorMessage.Text = Constants.InvalidUnamePwd;
DivERROR.Attributes.CssStyle.Add("display", "block");
return;
}
var am = new CardHolderManager();
var cmn = new CardManager();
var chlm = new CardHolderLoginInfoManager();
var chdto = new List <CardHolderLogin_InfoDTO>();
string Paswd = txtPassword.Text.Trim();
txtPassword.Text = string.Empty;
string publicIp = Request.UserHostAddress;
var cardHolder = am.AuthenticateUser(txtUsername.Text.Trim(), publicIp);
if (hdnTabIndex.Value == "0" && String.CompareOrdinal(Paswd, cardHolder.User_pwd) != 0)
{
if (_cardHolderId == 0)
{
Response.Redirect("ErrorPage/CodeError.aspx");
}
int tries = 1;
chdto = chlm.getCardHolderLoginInfoByID(_cardHolderId);
if (chdto.Count > 0)
{
if (chdto[0].Login_Attempt_FirstDt <= System.DateTime.Today.AddDays(-1) &&
chdto[0].Login_Attempts < 3)
{
chlm.DeleteCardHolderLoginInfo(_cardHolderId);
}
else if (chdto.Count == 2)
{
if (chdto[1].Login_Attempt_SecondDt <= System.DateTime.Today.AddDays(-1) &&
chdto[1].Login_Attempts < 3)
{
chlm.DeleteCardHolderLoginInfo(_cardHolderId);
}
}
else if (chdto.Count == 3)
{
if (chdto[2].Login_Attempt_ThirdDt <= System.DateTime.Today.AddDays(-1) &&
chdto[2].Login_Attempts < 3)
{
chlm.DeleteCardHolderLoginInfo(_cardHolderId);
}
}
}
chdto = chlm.getCardHolderLoginInfoByID(_cardHolderId);
if (chdto.Count > 0)
{
if (chdto[0].Login_Attempt_FirstDt == System.DateTime.Today && chdto[0].Login_Attempts < 3)
{
tries = Convert.ToInt32(chdto[0].Login_Attempts) + 1;
}
if (chdto[0].Login_Attempt_FirstDt != null && chdto[0].Login_Attempts == 3)
{
if (chdto.Count > 1)
{
if (chdto[1].Login_Attempt_SecondDt == System.DateTime.Today && chdto[1].Login_Attempts < 3)
{
tries = Convert.ToInt32(chdto[1].Login_Attempts) + 1;
}
if (chdto[1].Login_Attempt_SecondDt != null && chdto[1].Login_Attempts == 3)
{
if (chdto.Count > 2)
{
if (chdto[2].Login_Attempt_ThirdDt == System.DateTime.Today &&
chdto[2].Login_Attempts < 3)
{
tries = Convert.ToInt32(chdto[2].Login_Attempts) + 1;
}
if (chdto[2].Login_Attempt_ThirdDt != null && chdto[2].Login_Attempts == 3)
{
//ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('" + Constants.BlockedAccount + "');", true);
// viewCheckUsernameError.Text = Constants.BlockedAccount;
ClearControls(EnumBlockedAccount);
}
else
{
chlm.UpdateCardHolderLoginInfoThird(new CardHolderLogin_InfoDTO()
{
CardHolder_Id = _cardHolderId,
Login_Attempts = tries,
Login_Attempt_ThirdDt = System.DateTime.Today
});
if (tries == 2)
{
lblMessage.Text = Constants.Leftwithonly1Attempt;
DivMessage.Attributes.CssStyle.Add("display", "block");
}
else
{
chlm.SetCardHolderParmenentDisable(_cardHolderId);
// ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('" + Constants.ContinuesBlockedAccount + "');", true);
//viewCheckUsernameError.Text = Constants.ContinuesBlockedAccount;
ClearControls(EnumContinuesBlockedAccount);
}
}
}
else
{
if (chdto[1].Login_Attempt_SecondDt != System.DateTime.Today)
{
chlm.SaveCardHolderLoginInfo(new CardHolderLogin_InfoDTO()
{
CardHolder_Id = _cardHolderId,
Login_Attempts = tries,
IP_Address = Request.UserHostAddress,
Login_Attempt_ThirdDt = System.DateTime.Today
});
lblMessage.Text = Constants.ThirdDayLeftwith2Attempts;
DivMessage.Attributes.CssStyle.Add("display", "block");
}
}
}
else
{
if (chdto[1].Login_Attempt_SecondDt != System.DateTime.Today)
{
chlm.SaveCardHolderLoginInfo(new CardHolderLogin_InfoDTO()
{
CardHolder_Id = _cardHolderId,
Login_Attempts = tries,
IP_Address = Request.UserHostAddress,
Login_Attempt_ThirdDt = System.DateTime.Today
});
lblMessage.Text = Constants.ThirdDayLeftwith2Attempts;
DivMessage.Attributes.CssStyle.Add("display", "block");
}
else
{
chlm.UpdateCardHolderLoginInfoSecond(new CardHolderLogin_InfoDTO()
{
CardHolder_Id = _cardHolderId,
Login_Attempts = tries,
Login_Attempt_SecondDt = System.DateTime.Today
});
if (tries == 2)
{
lblMessage.Text = Constants.SecndDayLeftwith1Attempts;
DivMessage.Attributes.CssStyle.Add("display", "block");
}
else
{
chlm.SetCardHolderInActive(_cardHolderId);
// ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('" + Constants.InactiveAttempts + "');", true);
// viewCheckUsernameError.Text = Constants.InactiveAttempts;
ClearControls(EnumInactiveAttempts);
}
}
}
}
else
{
if (chdto[0].Login_Attempt_FirstDt != System.DateTime.Today)
{
chlm.SaveCardHolderLoginInfo(new CardHolderLogin_InfoDTO()
{
CardHolder_Id = _cardHolderId,
Login_Attempts = tries,
IP_Address = Request.UserHostAddress,
Login_Attempt_SecondDt = System.DateTime.Today
});
lblMessage.Text = Constants.SecndDayLeftwith2Attempts;
DivMessage.Attributes.CssStyle.Add("display", "block");
}
}
}
else
{
if (chdto[0].Login_Attempt_FirstDt != System.DateTime.Today)
{
chlm.SaveCardHolderLoginInfo(new CardHolderLogin_InfoDTO()
{
CardHolder_Id = _cardHolderId,
Login_Attempts = tries,
IP_Address = Request.UserHostAddress,
Login_Attempt_SecondDt = System.DateTime.Today
});
lblMessage.Text = Constants.SecndDayLeftwith2Attempts;
DivMessage.Attributes.CssStyle.Add("display", "block");
}
else
{
chlm.UpdateCardHolderLoginInfofirst(new CardHolderLogin_InfoDTO()
{
CardHolder_Id = _cardHolderId,
Login_Attempts = tries,
Login_Attempt_FirstDt = System.DateTime.Today
});
if (tries == 2)
{
lblMessage.Text = Constants.Leftwith1Attempts;
DivMessage.Attributes.CssStyle.Add("display", "block");
}
else
{
chlm.SetCardHolderInActive(_cardHolderId);
//ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('" + Constants.InactiveAttempts + "');", true);
//viewCheckUsernameError.Text = Constants.InactiveAttempts;
ClearControls(EnumInactiveAttempts);
}
}
}
}
else
{
chlm.SaveCardHolderLoginInfo(new CardHolderLogin_InfoDTO()
{
CardHolder_Id = _cardHolderId,
Login_Attempts = tries,
IP_Address = Request.UserHostAddress,
Login_Attempt_FirstDt = System.DateTime.Today
});
lblMessage.Text = Constants.Leftwith2Attempts;
DivMessage.Attributes.CssStyle.Add("display", "block");
}
}
else if (hdnTabIndex.Value == "1" && String.CompareOrdinal(txtOTP.Text, hdnOTP.Value.ToString()) != 0)
{
lblMessage.Text = Constants.IncorrectOTP;
DivMessage.Attributes.CssStyle.Add("display", "block");
divIncorrectOTP.Attributes.CssStyle.Add("display", "flex");
divOTPSent.Attributes.CssStyle.Add("display", "block");
divremaining.Attributes.CssStyle.Add("display", "block");
hideResultMobile.Text = strMobile;
txtOTP.Focus();
StartOTPTimer();
return;
}
else
{
UserStatus = cmn.AuthenticateUserStatus(cardHolder.creditcard_acc_number.Decrypt());
if (UserStatus)
{
string blocked = Constants.BlockedAccount;
Session["AccountNumber"] = cardHolder.creditcard_acc_number.Decrypt();
if (cardHolder.IsPermanentDisable == true && cardHolder.IsActive == false)
{
//ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "return Blokalert('" + blocked + "');",true);
//hdnErrormsgFromLoginNext.Value = Constants.BlockedAccount;
ClearControls(EnumBlockedAccount);
}
else if (cardHolder.IsPermanentDisable == true)
{
// ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('" + Constants.BlockedAccount + "');", true);
//viewCheckUsernameError.Text = Constants.BlockedAccount;
ClearControls(EnumBlockedAccount);
}
else if (cardHolder.IsActive == false)
{
// ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('" + Constants.InactiveAccount + "');", true);
//viewCheckUsernameError.Text = Constants.InactiveAccount;
ClearControls(EnumInactiveAccount);
}
else
{
Session["CardHolderId"] = cardHolder.CardHolder_Id;
chlm.DeleteCardHolderLoginInfo(_cardHolderId);
#region Create Session of IP and AntiFix for Privilege escalation (Horizontal)
// Random Token antifix
Random random = new Random();
string rndstr = random.Next(100000).ToString();
rndstr = Functions.GenerateHash(rndstr);
Session["STTLII"] = rndstr;
Response.Cookies["STTLII"].Value = rndstr;
Response.Cookies["STTLII"].HttpOnly = true;
//IP Of User
Session["STTLI"] = Functions.GenerateHash(Functions.GetIP());
Response.Cookies["STTLI"].Value = Functions.GenerateHash(Functions.GetIP());
Response.Cookies["STTLI"].HttpOnly = true;
#endregion
//Step 3 Submit CardHolder Master Data
CardHolderManager chm = new CardHolderManager();
CardHolder_MstDTO user = new CardHolder_MstDTO();
user.CardHolder_Id = _cardHolderId;
//chm.UpdateCardHolderLastLoginDetails(user);
chm.UpdateCardHolderDetailByID(user);
SetCookieAndRedirectToProfilePage(Encoder.HtmlEncode(txtUsername.Text.Trim()),
cardHolder.CardHolder_Id.ToString());
}
}
else
{
// ScriptManager.RegisterStartupScript(this, GetType(), "showalert", "alert('" + Constants.AccNotInNormalState + "');", true);
// viewCheckUsernameError.Text = Constants.AccNotInNormalState;
ClearControls(EnumAccNotInNormalState);
}
}
}
public static string SendOTP(string UserName)
{
//divPassword.Attributes.CssStyle.Add("display", "none");
// divOTP.Attributes.CssStyle.Add("display", "block");
// divIncorrectOTP.Attributes.CssStyle.Add("display", "flex");
// divOTPSent.Attributes.CssStyle.Add("display", "block");
// rfvPwd.Enabled = false;
// rfvOTP.Enabled = true;
string MobileNumber = string.Empty;
string EmailId = string.Empty;
string publicIp = HttpContext.Current.Request.UserHostAddress;
CardHolderManager chm = new CardHolderManager();
var cardHolder = chm.AuthenticateUser(UserName, publicIp);
if (cardHolder != null)
{
CardManager cm = new CardManager();
CH_CardDTO card = cm.GetCardByCreditCardNumber(new CH_CardDTO()
{
Cr_Account_Nbr = cardHolder.creditcard_acc_number.Decrypt()
});
if (card != null)
{
MobileNumber = hideMobileNumber = card.PHONE_MOBILE;
EmailId = hideEmailId = card.EMAIL_ID;
}
}
string MobileNum = "";
string OtpSuccess = string.Empty;
string jsonresult = string.Empty;
string OverRideEmail = ConfigurationManager.AppSettings["OverRideUserEmail"];
string OverRideMobile = ConfigurationManager.AppSettings["OverRideUserMobile"];
MobileNum = MobileNumber.Substring(0, 6);
strMobile = MobileNum.Replace(MobileNum, "xxxxxx") + MobileNumber.Substring(MobileNumber.Length - 4);
try
{
if (OtpSuccess == null || OtpSuccess == string.Empty)
{
if (!string.IsNullOrEmpty(OverRideMobile))
{
MobileNum = OverRideMobile;
}
if (!string.IsNullOrEmpty(ConfigurationManager.AppSettings["OverRideUserEmail"]))
{
EmailId = ConfigurationManager.AppSettings["OverRideUserEmail"];
}
OTPClient otp = new OTPClient();
long CardHolderId = CardHolderManager.GetLoggedInUser().CardHolder_Id;
OtpSuccess = otp.SendOTPRequest(MobileNumber, EmailId, Constants.ForgotUName, CardHolderId);
OTPval = OtpSuccess;
if (OtpSuccess != "0" && !string.IsNullOrEmpty(OtpSuccess))
{
int strsec = 20;
jsonresult = OtpSuccess + "," + strMobile + "," + strsec;
}
}
}
catch (Exception ex)
{
}
return(jsonresult);
}
