Esempio n. 1
0
    /**Purpose: to insert user table for student users when it is added using csv file.
     * StudentId and Email will be given in the input UserVO list.
     * Password will be a combination of username and studentid. Salt will be added to it and then hashed
     * User will be inActive till they change password during first login.
     */
    public int AddStudentUsers(List <UserVO> instudentUsers)
    {
        int successCount = 0;

        try
        {
            DBConnection.conn.Open();
            foreach (UserVO user in instudentUsers)
            {
                user.UserName = OtherUtilities.GetUserNameFromEmail(user.EmailID);
                string salt         = PasswordGenerator.GenerateSalt();
                string hashPassword = PasswordGenerator.GenerateHash(user.UserName + user.StudentID + salt);
                user.Active     = ApplicationConstants.Active;
                user.Role       = ApplicationConstants.StudentRole;
                user.ResetKey   = " ";
                user.Password   = hashPassword;
                user.HashSalt   = salt;
                user.StaffID    = 0;
                user.FirstLogin = true;
            }
            InsertDataUsingSqlBulkCopy(instudentUsers, DBConnection.conn);
        }
        catch (SqlException e)
        {
            ExceptionUtility.LogException(e, "Error Page");
            throw e;
        }
        finally
        {
            if (DBConnection.conn != null)
            {
                DBConnection.conn.Close();
            }
        }
        return(successCount);
    }
Esempio n. 2
0
    // Add user details into database
    public string AddUser(UserVO inuser)
    {
        string status = "";

        try
        {
            DBConnection.conn.Open();
            inuser.UserName = OtherUtilities.GetUserNameFromEmail(inuser.EmailID);
            string salt         = PasswordGenerator.GenerateSalt();
            string hashPassword = PasswordGenerator.GenerateHash(inuser.UserName + inuser.StudentID + salt);
            inuser.Active = ApplicationConstants.Active;
            if (inuser.Role == ApplicationConstants.StaffRole)
            {
                inuser.StudentID = 0;
            }
            else if (inuser.Role == ApplicationConstants.StudentRole)
            {
                inuser.StaffID = 0;
            }
            inuser.ResetKey = "";
            inuser.Password = hashPassword;
            inuser.HashSalt = salt;
            //inuser.FirstLogin = true;
            string query = "INSERT INTO dbo.IlmpUser (UserName,StudentId,StaffId,Password,EmailId,HashSalt,ResetPassword,FirstLogin,Active, Role) "
                           + " VALUES (@UserName,@StudentId,@StaffId,@Password,@EmailId,@HashSalt,@ResetPassword, @FirstLogin, @Active,@Role) ";
            SqlCommand cmd = new SqlCommand(query, DBConnection.conn);
            cmd.Parameters.AddWithValue("@UserName", inuser.UserName);
            cmd.Parameters.AddWithValue("@StudentId", inuser.StudentID);
            cmd.Parameters.AddWithValue("@StaffId", inuser.StaffID);
            cmd.Parameters.AddWithValue("@EmailId", inuser.EmailID);
            cmd.Parameters.AddWithValue("@Password", hashPassword);
            cmd.Parameters.AddWithValue("@HashSalt", inuser.HashSalt);
            cmd.Parameters.AddWithValue("@ResetPassword", inuser.ResetKey);
            cmd.Parameters.AddWithValue("@FirstLogin", 1);
            cmd.Parameters.AddWithValue("@Active", inuser.Active);
            cmd.Parameters.AddWithValue("@Role", inuser.Role);
            int result = cmd.ExecuteNonQuery();
            if (result > 0)
            {
                status = inuser.UserName + " has been added successfully";
            }
            else
            {
                status = "Error in addition";
            }
        }
        catch (SqlException ex)
        {
            ExceptionUtility.LogException(ex, "Error Page");
            throw new CustomException(ApplicationConstants.UnhandledException + ": " + ex.Message);
        }
        catch (Exception ex)
        {
            ExceptionUtility.LogException(ex, "Error Page");
            throw new CustomException(ApplicationConstants.UnhandledException + ": " + ex.Message);
        }
        finally
        {
            if (DBConnection.conn != null)
            {
                DBConnection.conn.Close();
            }
        }
        return(status);
    }