protected void btnChangePW_Click(object sender, EventArgs e) { if (captcha.IsValid && ASPxEdit.ValidateEditorsInContainer(this)) { //PopupChangePW.HeaderText = "Confirm"; //PopupChangePW.ShowOnPageLoad = true; string qry = "", _sPassword = ""; SqlCommand cmd = null; _sPassword = EncryptionClass.Encrypt(newPasswordCH.Text.ToString().Trim()); SqlConnection con = new SqlConnection(GlobalClass.SQLConnString()); con.Open(); qry = "UPDATE tbl_Users " + " SET Password = '******' " + " WHERE (PK = " + Session["CreatorKey"] + ")"; cmd = new SqlCommand(qry); cmd.Connection = con; cmd.ExecuteNonQuery(); con.Close(); ModalPopupExtenderLoading.Hide(); Response.Redirect("home.aspx"); } }
protected void UserList_RowUpdating(object sender, DevExpress.Web.Data.ASPxDataUpdatingEventArgs e) { ASPxGridView grid = sender as ASPxGridView; ASPxPageControl pageControl = grid.FindEditFormTemplateControl("UserPageControl") as ASPxPageControl; //ASPxTextBox entCode = pageControl.FindControl("EntityValue") as ASPxTextBox; ASPxComboBox entCode = pageControl.FindControl("EntityCode") as ASPxComboBox; ASPxTextBox buCode = pageControl.FindControl("BUValue") as ASPxTextBox; ASPxTextBox domainAcc = pageControl.FindControl("DomainAccount") as ASPxTextBox; ASPxTextBox userLevel = pageControl.FindControl("UserLevelValue") as ASPxTextBox; ASPxTextBox userStatus = pageControl.FindControl("UserStatusValue") as ASPxTextBox; SqlConnection conn = new SqlConnection(GlobalClass.SQLConnString()); conn.Open(); string PK = e.Keys[0].ToString(); string sEntCode = entCode.Value.ToString(); string sBUCode = buCode.Value.ToString(); string sDomainAcc = ""; if (domainAcc.Value != null) { sDomainAcc = EncryptionClass.Encrypt(domainAcc.Value.ToString()); } int sUserLevel = Convert.ToInt32(userLevel.Value.ToString()); int sUserStatus = Convert.ToInt32(userStatus.Value.ToString()); string update_User = "******" + " SET [EntityCode] = @EntCode, " + " [BUCode] = @BUCode, " + " [DomainAccount] = @DomainAccount, " + " [UserLevelKey] = @UserLevelKey, " + " [Active] = @Active " + " WHERE [PK] = @PK"; SqlCommand cmd = new SqlCommand(update_User, conn); cmd.Parameters.AddWithValue("@PK", PK); cmd.Parameters.AddWithValue("@EntCode", sEntCode); cmd.Parameters.AddWithValue("@BUCode", sBUCode); cmd.Parameters.AddWithValue("@DomainAccount", sDomainAcc); cmd.Parameters.AddWithValue("@UserLevelKey", sUserLevel); cmd.Parameters.AddWithValue("@Active", sUserStatus); cmd.CommandType = CommandType.Text; cmd.ExecuteNonQuery(); conn.Close(); BindUserList(); e.Cancel = true; grid.CancelEdit(); }
protected void OK_ChangePW_Click(object sender, EventArgs e) { string qry = "", _sPassword = ""; SqlCommand cmd = null; _sPassword = EncryptionClass.Encrypt(newPasswordCH.Text.ToString().Trim()); SqlConnection con = new SqlConnection(GlobalClass.SQLConnString()); con.Open(); qry = "UPDATE tbl_Users " + " SET Password = '******' " + " WHERE (PK = " + Session["CreatorKey"] + ")"; cmd = new SqlCommand(qry); cmd.Connection = con; cmd.ExecuteNonQuery(); con.Close(); ModalPopupExtenderLoading.Hide(); Response.Redirect("home.aspx"); }
protected void POGrid_RowInserting(object sender, DevExpress.Web.Data.ASPxDataInsertingEventArgs e) { ASPxGridView grid = sender as ASPxGridView; ASPxPageControl pageControl = grid.FindEditFormTemplateControl("GridPageControl") as ASPxPageControl; ASPxComboBox entity = pageControl.FindControl("EntityCode") as ASPxComboBox; ASPxTextBox entityname = pageControl.FindControl("EntityName") as ASPxTextBox; ASPxTextBox header = pageControl.FindControl("HeaderPath") as ASPxTextBox; ASPxTextBox line = pageControl.FindControl("LinePath") as ASPxTextBox; ASPxTextBox domain = pageControl.FindControl("Domain") as ASPxTextBox; ASPxTextBox uname = pageControl.FindControl("Uname") as ASPxTextBox; ASPxTextBox Pword = pageControl.FindControl("Pword") as ASPxTextBox; SqlConnection conn = new SqlConnection(GlobalClass.SQLConnString()); conn.Open(); string encrypted_password = EncryptionClass.Encrypt(Pword.Text); string insert = "INSERT INTO [dbo].[tbl_AXPOUploadingPath] ([Entity], [Entity Name], [POHeaderPath], [POLinePath], [Domain], [UserName], [Password]) VALUES (@Entity, @EntityName, @POHeaderPath, @POLinePath, @Domain, @UserName, @Password)"; SqlCommand cmd = new SqlCommand(insert, conn); cmd.Parameters.AddWithValue("@Entity", entity.Text); cmd.Parameters.AddWithValue("@EntityName", entityname.Text); cmd.Parameters.AddWithValue("@POHeaderPath", header.Text); cmd.Parameters.AddWithValue("@POLinePath", line.Text); cmd.Parameters.AddWithValue("@Domain", domain.Text); cmd.Parameters.AddWithValue("@UserName", uname.Text); cmd.Parameters.AddWithValue("@Password", encrypted_password); cmd.CommandType = CommandType.Text; cmd.ExecuteNonQuery(); conn.Close(); grid.CancelEdit(); e.Cancel = true; BindGrid(); }
protected void signUp_Click(object sender, EventArgs e) { int iEmployeeKey = 0; //MRPClass.PrintString("pass clicked signup"); if (captcha.IsValid && ASPxEdit.ValidateEditorsInContainer(this)) { ModalPopupExtenderLoading.Show(); //MRPClass.PrintString("pass inside validation"); DataTable dt = new DataTable(); SqlCommand cmd = null; SqlDataAdapter adp; string qry = ""; using (SqlConnection conHRIS = new SqlConnection(GlobalClass.SQLConnStringHRIS())) { //MRPClass.PrintString("pass inside hris"); qry = "SELECT PK, IDNumber FROM dbo.tbl_EmployeeIDNumber WHERE(IDNumber = '" + IDNumTextBox.Text.ToString() + "')"; cmd = new SqlCommand(qry); cmd.Connection = conHRIS; adp = new SqlDataAdapter(cmd); adp.Fill(dt); if (dt.Rows.Count > 0) { //MRPClass.PrintString("pass inside hris with id"); foreach (DataRow row in dt.Rows) { iEmployeeKey = Convert.ToInt32(row["PK"]); } } else { //Page.ClientScript.RegisterStartupScript(this.GetType(), "alert", // @"<script type=""text/javascript"">setTimeout(()=>{alert('ID Number not found in Employee MasterList!')},0);</script>"); ModalPopupExtenderLoading.Hide(); CreateAccntNotify.HeaderText = "Error..."; CreateAccntNotifyLbl.Text = "ID Number not found in Employee MasterList!"; CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red; CreateAccntNotify.ShowOnPageLoad = true; return; } dt.Clear(); conHRIS.Close(); } DataTable dtUser = AccountClass.UserList(); //dtUser.CaseSensitive = true; string expressionID = "EmployeeKey = '" + iEmployeeKey.ToString().Trim() + "'"; string sortOrderID = "PK ASC"; DataRow[] foundRowsID; foundRowsID = dtUser.Select(expressionID, sortOrderID); if (foundRowsID.Length > 0) { //Page.ClientScript.RegisterStartupScript(this.GetType(), "alert", // @"<script type=""text/javascript"">setTimeout(()=>{alert('Found Duplicate ID Number!')},0);</script>"); ModalPopupExtenderLoading.Hide(); CreateAccntNotify.HeaderText = "Error..."; CreateAccntNotifyLbl.Text = "Found Duplicate ID Number!"; CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red; CreateAccntNotify.ShowOnPageLoad = true; return; } dtUser.CaseSensitive = true; string expressionName = "Lastname = '" + lastNameTextBox.Text.ToString().Trim() + "' AND Firstname = '" + firstNameTextBox.Text.ToString().Trim() + "'"; string sortOrderName = "PK ASC"; DataRow[] foundRowsName; foundRowsName = dtUser.Select(expressionName, sortOrderName); if (foundRowsName.Length > 0) { //Page.ClientScript.RegisterStartupScript(this.GetType(), "alert", // @"<script type=""text/javascript"">setTimeout(()=>{alert('Found Duplicate Lastname and Firstname!')},0);</script>"); ModalPopupExtenderLoading.Hide(); CreateAccntNotify.HeaderText = "Error..."; CreateAccntNotifyLbl.Text = "Found Duplicate Lastname and Firstname!"; CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red; CreateAccntNotify.ShowOnPageLoad = true; return; } string expressionEmail = "Email = '" + eMailTextBox.Text.ToString().Trim() + "'"; string sortOrderEmail = "PK ASC"; DataRow[] foundRowsEmail; foundRowsEmail = dtUser.Select(expressionEmail, sortOrderEmail); if (foundRowsEmail.Length > 0) { //Page.ClientScript.RegisterStartupScript(this.GetType(), "alert", // @"<script type=""text/javascript"">setTimeout(()=>{alert('Found Duplicate Email!')},0);</script>"); ModalPopupExtenderLoading.Hide(); CreateAccntNotify.HeaderText = "Error..."; CreateAccntNotifyLbl.Text = "Found Duplicate Email!"; CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red; CreateAccntNotify.ShowOnPageLoad = true; return; } string expressionUName = "Username = '******'"; string sortOrderUName = "PK ASC"; DataRow[] foundRowsUName; foundRowsUName = dtUser.Select(expressionUName, sortOrderUName); if (foundRowsUName.Length > 0) { //Page.ClientScript.RegisterStartupScript(this.GetType(), "alert", // @"<script type=""text/javascript"">setTimeout(()=>{alert('Found Duplicate Username!')},0);</script>"); ModalPopupExtenderLoading.Hide(); CreateAccntNotify.HeaderText = "Error..."; CreateAccntNotifyLbl.Text = "Found Duplicate Username!"; CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red; CreateAccntNotify.ShowOnPageLoad = true; return; } using (SqlConnection con = new SqlConnection(GlobalClass.SQLConnString())) { string _sLastName, _sFirstName, _sEmail, _sUserName, _sPassword, _sIDNum; int _Gender = 0; _sLastName = EncryptionClass.Encrypt(GlobalClass.UpperCaseFirstLetter(lastNameTextBox.Text.ToString().Trim())); _sFirstName = EncryptionClass.Encrypt(GlobalClass.UpperCaseFirstLetter(firstNameTextBox.Text.ToString().Trim())); _Gender = gender_int; _sEmail = EncryptionClass.Encrypt(eMailTextBox.Text.ToString().Trim()); _sUserName = EncryptionClass.Encrypt(userNameTextBox.Text.ToString().Trim()); _sPassword = EncryptionClass.Encrypt(passwordTextBox.Text.ToString().Trim()); _sIDNum = EncryptionClass.Encrypt(IDNumTextBox.Text.ToString().Trim()); con.Open(); qry = "INSERT INTO tbl_Users " + " (Lastname, Firstname, Username, Password, Email, EmployeeKey, Gender) " + " VALUES ('" + _sLastName + "', '" + _sFirstName + "', '" + _sUserName + "', " + " '" + _sPassword + "', '" + _sEmail + "', " + iEmployeeKey + ", " + _Gender + ")";; try { cmd = new SqlCommand(qry); cmd.Connection = con; cmd.ExecuteNonQuery(); con.Close(); //Page.ClientScript.RegisterStartupScript(this.GetType(), "alert", // @"<script type=""text/javascript"">setTimeout(()=>{alert('You have successfully registered')},0);</script>"); //MRPClass.PrintString("pass saved"); ModalPopupExtenderLoading.Hide(); CreateAccntNotify.HeaderText = "Info"; CreateAccntNotifyLbl.Text = "You is successfully registered."; CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Black; CreateAccntNotify.ShowOnPageLoad = true; Response.Redirect("default.aspx"); } catch (SqlException ex) { //MRPClass.PrintString(ex.ToString()); con.Close(); //Page.ClientScript.RegisterStartupScript(this.GetType(), "alert", // @"<script type=""text/javascript"">setTimeout(()=>{alert('" + ex.ToString() + "')},0);</script>"); CreateAccntNotify.HeaderText = "Error..."; CreateAccntNotifyLbl.Text = ex.ToString(); CreateAccntNotifyLbl.ForeColor = System.Drawing.Color.Red; CreateAccntNotify.ShowOnPageLoad = true; } } } }
protected void POGrid_RowUpdating(object sender, DevExpress.Web.Data.ASPxDataUpdatingEventArgs e) { ASPxGridView grid = sender as ASPxGridView; ASPxPageControl pageControl = grid.FindEditFormTemplateControl("GridPageControl") as ASPxPageControl; ASPxComboBox entity = pageControl.FindControl("EntityCode") as ASPxComboBox; ASPxTextBox entityname = pageControl.FindControl("EntityName") as ASPxTextBox; ASPxTextBox header = pageControl.FindControl("HeaderPath") as ASPxTextBox; ASPxTextBox line = pageControl.FindControl("LinePath") as ASPxTextBox; ASPxTextBox domain = pageControl.FindControl("Domain") as ASPxTextBox; ASPxTextBox uname = pageControl.FindControl("Uname") as ASPxTextBox; ASPxTextBox Pword = pageControl.FindControl("Pword") as ASPxTextBox; ASPxCheckBox checkbox = pageControl.FindControl("AllowPassword") as ASPxCheckBox; SqlConnection conn = new SqlConnection(GlobalClass.SQLConnString()); conn.Open(); SqlCommand cmd = null; string PK = e.Keys[0].ToString(); string update = ""; string[] arr = entity.Text.ToString().Split(';'); string entity_string = arr[0]; if (checkbox.Checked) { string encrypted_password = EncryptionClass.Encrypt(Pword.Text); update = "UPDATE [dbo].[tbl_AXPOUploadingPath] SET [Entity] = @Entity, [Entity Name] = @EntityName, [POHeaderPath] = @POHeaderPath, [POLinePath] = @POLinePath, [Domain] = @Domain, [UserName] = @UserName, [Password] = @Password WHERE [PK] = @PK"; cmd = new SqlCommand(update, conn); cmd.Parameters.AddWithValue("@Entity", entity_string); cmd.Parameters.AddWithValue("@EntityName", entityname.Text); cmd.Parameters.AddWithValue("@POHeaderPath", header.Text); cmd.Parameters.AddWithValue("@POLinePath", line.Text); cmd.Parameters.AddWithValue("@Domain", domain.Text); cmd.Parameters.AddWithValue("@UserName", uname.Text); cmd.Parameters.AddWithValue("@Password", encrypted_password); cmd.Parameters.AddWithValue("@PK", PK); cmd.CommandType = CommandType.Text; } else { update = "UPDATE [dbo].[tbl_AXPOUploadingPath] SET [Entity] = @Entity, [Entity Name] = @EntityName, [POHeaderPath] = @POHeaderPath, [POLinePath] = @POLinePath, [Domain] = @Domain, [UserName] = @UserName WHERE [PK] = @PK"; cmd = new SqlCommand(update, conn); cmd.Parameters.AddWithValue("@Entity", entity_string); cmd.Parameters.AddWithValue("@EntityName", entityname.Text); cmd.Parameters.AddWithValue("@POHeaderPath", header.Text); cmd.Parameters.AddWithValue("@POLinePath", line.Text); cmd.Parameters.AddWithValue("@Domain", domain.Text); cmd.Parameters.AddWithValue("@UserName", uname.Text); cmd.Parameters.AddWithValue("@PK", PK); cmd.CommandType = CommandType.Text; } try { cmd.ExecuteNonQuery(); } catch (Exception exc) { MRPClass.PrintString(exc.Message); } conn.Close(); grid.CancelEdit(); e.Cancel = true; BindGrid(); }
public ProductManagerController(IRepository <Product> productContext, IRepository <ProductCategory> productCatergoryContext) { context = productContext; productCategories = productCatergoryContext; encrypt.Encrypt(); }
protected void btnChangePW_Click(object sender, EventArgs e) { if (txtOldPassword.Text.ToString().Trim() == "") { lblerror.Text = "Please supply old password"; txtOldPassword.Focus(); return; } if (txtNewPassword.Text.ToString().Trim() == "") { lblerror.Text = "Please supply new password"; txtOldPassword.Focus(); return; } if (txtConfirmPassword.Text.ToString().Trim() == "") { lblerror.Text = "Please supply confirm password"; txtOldPassword.Focus(); return; } //if (txtNewPassword.Text.ToString().Trim() != txtConfirmPassword.Text.ToString().Trim()) //{ // lblerror.Text = "Password not match"; // txtConfirmPassword.Focus(); // return; //} string NewPW = txtNewPassword.Text.ToString().Trim(); string ConPW = txtConfirmPassword.Text.ToString().Trim(); bool result = NewPW.Equals(ConPW, StringComparison.CurrentCulture); if (result == false) { lblerror.Text = "Password not match"; txtOldPassword.Focus(); return; } DataTable dtUser = AccountClass.UserList(); dtUser.CaseSensitive = true; string expression = "UserName = '******' AND Password = '******'"; string sortOrder = "PK ASC"; DataRow[] foundRows; foundRows = dtUser.Select(expression, sortOrder); if (foundRows.Length > 0) { SqlConnection conn = new SqlConnection(GlobalClass.SQLConnString()); conn.Open(); string update_User = "******" + " SET [Password] = @Password " + " WHERE [PK] = @PK"; SqlCommand cmd = new SqlCommand(update_User, conn); cmd.Parameters.AddWithValue("@PK", Session["CreatorKey"].ToString()); cmd.Parameters.AddWithValue("@Password", EncryptionClass.Encrypt(txtNewPassword.Text.ToString().Trim())); cmd.CommandType = CommandType.Text; cmd.ExecuteNonQuery(); conn.Close(); Response.Redirect("home.aspx"); } else { lblerror.Text = "Incorrect old password"; txtOldPassword.Focus(); return; } }