public static string SaveNotifications(object[] oAsset) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); acUI.AppGlobals ag = new acUI.AppGlobals(); string sErr = ""; string sMessengerOnOff = oAsset[0].ToString(); string sPollLoop = oAsset[1].ToString(); string sRetryDelay = oAsset[2].ToString(); string sRetryMaxAttempts = oAsset[3].ToString(); string sSMTPServerAddress = oAsset[4].ToString().Replace("'", "''"); string sSMTPUserAccount = oAsset[5].ToString().Replace("'", "''"); string sSMTPUserPassword = oAsset[6].ToString(); string sSMTPServerPort = oAsset[7].ToString(); string sFromEmail = oAsset[8].ToString().Replace("'", "''"); string sFromName = oAsset[9].ToString().Replace("'", "''"); string sAdminEmail = oAsset[10].ToString().Replace("'", "''"); // get the current settings for the logging string sOrigMessengerOnOff = ""; string sOrigPollLoop = ""; string sOrigRetryDelay = ""; string sOrigRetryMaxAttempts = ""; string sOrigSMTPServerAddress = ""; string sOrigSMTPUserAccount = ""; string sOrigSMTPServerPort = ""; string sOrigFromEmail = ""; string sOrigFromName = ""; string sOrigAdminEmail = ""; string sSQL = "select mode_off_on, loop_delay_sec, retry_delay_min, retry_max_attempts," + " smtp_server_addr, smtp_server_user, smtp_server_password, smtp_server_port, from_email, from_name, admin_email" + " from messenger_settings" + " where id = 1"; DataTable dt = new DataTable(); if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr)) { return("Unable to continue. " + sErr); } if (dt.Rows.Count > 0) { DataRow dr = dt.Rows[0]; sOrigMessengerOnOff = dr["mode_off_on"].ToString(); sOrigPollLoop = dr["loop_delay_sec"].ToString(); sOrigRetryDelay = dr["retry_delay_min"].ToString(); sOrigRetryMaxAttempts = dr["retry_max_attempts"].ToString(); sOrigSMTPServerAddress = dr["smtp_server_addr"].ToString(); sOrigSMTPUserAccount = dr["smtp_server_user"].ToString(); sOrigSMTPServerPort = dr["smtp_server_port"].ToString(); sOrigFromEmail = dr["from_email"].ToString(); sOrigFromName = dr["from_name"].ToString(); sOrigAdminEmail = dr["admin_email"].ToString(); } sSQL = "update messenger_settings set mode_off_on='{0}', loop_delay_sec={1}, retry_delay_min={2}, retry_max_attempts={3}, smtp_server_addr='{4}', smtp_server_user='******', smtp_server_port={6}, from_email='{7}', from_name='{8}', admin_email='{9}'"; //only update password if it has been changed. string sPasswordFiller = "($%#d@x!&"; if (sSMTPUserPassword != sPasswordFiller) { sSQL += ",smtp_server_password='******'"; } sSQL = string.Format(sSQL, sMessengerOnOff, sPollLoop, sRetryDelay, sRetryMaxAttempts, sSMTPServerAddress, sSMTPUserAccount, sSMTPServerPort, sFromEmail, sFromName, sAdminEmail, dc.EnCrypt(sSMTPUserPassword)); if (!dc.sqlExecuteUpdate(sSQL, ref sErr)) { return("Update failed: " + sErr); } else { //logging var sLogObject = "Manage Notifications"; ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Messenger On / Off", sOrigMessengerOnOff, sMessengerOnOff); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Poll Loop", sOrigPollLoop, sPollLoop); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Delay", sOrigRetryDelay, sRetryDelay); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Max Attempts", sOrigRetryMaxAttempts, sRetryMaxAttempts); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Address", sOrigSMTPServerAddress, sSMTPServerAddress); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP User Account", sOrigSMTPUserAccount, sSMTPUserAccount); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Port", sOrigSMTPServerPort, sSMTPServerPort); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Email", sOrigFromEmail, sFromEmail); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigFromName, sFromName); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigAdminEmail, sAdminEmail); // send a notification to the user that made the change if (sMessengerOnOff == "on") { // get the users email, if they do not have an email tell them no message was created. string sUsersEmail = null; string sUserID = ui.GetSessionUserID(); sSQL = "select email from users where user_id = '" + sUserID + "'"; if (!dc.sqlGetSingleString(ref sUsersEmail, sSQL, ref sErr)) { return("Unable to create test email: " + sErr); } string sUserName = ""; sUserName = ui.GetSessionUserFullName(); if (string.IsNullOrEmpty(sUsersEmail) || sUsersEmail.Length < 5) { // all good, no email so notify user return("Notification settings updated.\n\nNo email on file for user " + sUserName + " - unable to send a test message"); } else { // create a test email ui.SendEmailMessage(sUsersEmail, ag.APP_COMPANYNAME + " Account Management", ag.APP_COMPANYNAME + " Messenger configuration change.", "<html><head></head><body><p>" + sUserName + ",</p><p>This is a test mail to confirm the smtp server that you have configured.</p><p>Do not reply to this message, and feel free to delete it.</p><p>Regards,\n\n" + ag.APP_COMPANYNAME + " Administration team.</p></body></html>", ref sErr); if (sErr != "") { return("Update completed. Unable to create test message: " + sErr); } } return("Notification settings updated. A test email will be sent to " + sUsersEmail + "."); } else { return("Notification settings updated."); } } }
public static string ResetPassword(string sUserID) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); acUI.AppGlobals ag = new acUI.AppGlobals(); string sSQL = null; string sErr = null; //get the details of this user sSQL = "select u.username, u.full_name, u.email, u.authentication_type" + " from users u " + " where u.user_id = '" + sUserID + "'"; DataRow dr = null; if (!dc.sqlGetDataRow(ref dr, sSQL, ref sErr)) { throw new Exception(sErr); } if (dr != null) { if (!string.IsNullOrEmpty(dr["email"].ToString())) { string sEmail = dr["email"].ToString(); string sNewPassword = dc.GenerateNewPassword(); sSQL = "update users set user_password = '******' where user_id = '" + sUserID + "'"; if (!dc.sqlExecuteUpdate(sSQL, ref sErr)) { throw new Exception(sErr); } // add security log ui.WriteObjectAddLog(Globals.acObjectTypes.User, sUserID, sUserID, "Password Reset"); //email out the password string sBody = ""; if (!dc.sqlGetSingleString(ref sBody, "select new_user_email_message from login_security_settings where id = 1", ref sErr)) { throw new Exception(sErr); } //default message if undefined in the table if (string.IsNullOrEmpty(sBody)) { sBody = dr["full_name"].ToString() + " - your password has been reset by an Administrator." + Environment.NewLine + Environment.NewLine + "Your temporary password is: " + sNewPassword + "." + Environment.NewLine; } //replace our special tokens with the values sBody = sBody.Replace("##FULLNAME##", dr["full_name"].ToString()).Replace("##USERNAME##", dr["username"].ToString()).Replace("##PASSWORD##", sNewPassword); if (!ui.SendEmailMessage(sEmail.Trim(), ag.APP_COMPANYNAME + " Account Management", "Account Action in " + ag.APP_NAME, sBody, ref sErr)) { throw new Exception(sErr); } } else { return("Unable to reset - user does not have an email address defined."); } } return(""); }
public static string SaveNotifications(object[] oAsset) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); acUI.AppGlobals ag = new acUI.AppGlobals(); string sErr = ""; string sMessengerOnOff = oAsset[0].ToString(); string sPollLoop = oAsset[1].ToString(); string sRetryDelay = oAsset[2].ToString(); string sRetryMaxAttempts = oAsset[3].ToString(); string sSMTPServerAddress = oAsset[4].ToString().Replace("'", "''"); string sSMTPUserAccount = oAsset[5].ToString().Replace("'", "''"); string sSMTPUserPassword = oAsset[6].ToString(); string sSMTPServerPort = oAsset[7].ToString(); string sFromEmail = oAsset[8].ToString().Replace("'", "''"); string sFromName = oAsset[9].ToString().Replace("'", "''"); string sAdminEmail = oAsset[10].ToString().Replace("'", "''"); // get the current settings for the logging string sOrigMessengerOnOff = ""; string sOrigPollLoop = ""; string sOrigRetryDelay = ""; string sOrigRetryMaxAttempts = ""; string sOrigSMTPServerAddress = ""; string sOrigSMTPUserAccount = ""; string sOrigSMTPServerPort = ""; string sOrigFromEmail = ""; string sOrigFromName = ""; string sOrigAdminEmail = ""; string sSQL = "select mode_off_on, loop_delay_sec, retry_delay_min, retry_max_attempts," + " smtp_server_addr, smtp_server_user, smtp_server_password, smtp_server_port, from_email, from_name, admin_email" + " from messenger_settings" + " where id = 1"; DataTable dt = new DataTable(); if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr)) { return "Unable to continue. " + sErr; } if (dt.Rows.Count > 0) { DataRow dr = dt.Rows[0]; sOrigMessengerOnOff = dr["mode_off_on"].ToString(); sOrigPollLoop = dr["loop_delay_sec"].ToString(); sOrigRetryDelay = dr["retry_delay_min"].ToString(); sOrigRetryMaxAttempts = dr["retry_max_attempts"].ToString(); sOrigSMTPServerAddress = dr["smtp_server_addr"].ToString(); sOrigSMTPUserAccount = dr["smtp_server_user"].ToString(); sOrigSMTPServerPort = dr["smtp_server_port"].ToString(); sOrigFromEmail = dr["from_email"].ToString(); sOrigFromName = dr["from_name"].ToString(); sOrigAdminEmail = dr["admin_email"].ToString(); } sSQL = "update messenger_settings set mode_off_on='{0}', loop_delay_sec={1}, retry_delay_min={2}, retry_max_attempts={3}, smtp_server_addr='{4}', smtp_server_user='******', smtp_server_port={6}, from_email='{7}', from_name='{8}', admin_email='{9}'"; //only update password if it has been changed. string sPasswordFiller = "($%#d@x!&"; if (sSMTPUserPassword != sPasswordFiller) { sSQL += ",smtp_server_password='******'"; } sSQL = string.Format(sSQL, sMessengerOnOff, sPollLoop, sRetryDelay, sRetryMaxAttempts, sSMTPServerAddress, sSMTPUserAccount, sSMTPServerPort, sFromEmail, sFromName, sAdminEmail, dc.EnCrypt(sSMTPUserPassword)); if (!dc.sqlExecuteUpdate(sSQL, ref sErr)) { return "Update failed: " + sErr; } else { //logging var sLogObject = "Manage Notifications"; ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Messenger On / Off", sOrigMessengerOnOff, sMessengerOnOff); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Poll Loop", sOrigPollLoop, sPollLoop); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Delay", sOrigRetryDelay, sRetryDelay); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Max Attempts", sOrigRetryMaxAttempts, sRetryMaxAttempts); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Address", sOrigSMTPServerAddress, sSMTPServerAddress); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP User Account", sOrigSMTPUserAccount, sSMTPUserAccount); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Port", sOrigSMTPServerPort, sSMTPServerPort); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Email", sOrigFromEmail, sFromEmail); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigFromName, sFromName); ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigAdminEmail, sAdminEmail); // send a notification to the user that made the change if (sMessengerOnOff == "on") { // get the users email, if they do not have an email tell them no message was created. string sUsersEmail = null; string sUserID = ui.GetSessionUserID(); sSQL = "select email from users where user_id = '" + sUserID + "'"; if (!dc.sqlGetSingleString(ref sUsersEmail, sSQL, ref sErr)) { return "Unable to create test email: " + sErr; } string sUserName = ""; sUserName = ui.GetSessionUserFullName(); if (string.IsNullOrEmpty(sUsersEmail) || sUsersEmail.Length < 5) { // all good, no email so notify user return "Notification settings updated.\n\nNo email on file for user " + sUserName + " - unable to send a test message"; } else { // create a test email ui.SendEmailMessage(sUsersEmail, ag.APP_COMPANYNAME + " Account Management", ag.APP_COMPANYNAME + " Messenger configuration change.", "<html><head></head><body><p>" + sUserName + ",</p><p>This is a test mail to confirm the smtp server that you have configured.</p><p>Do not reply to this message, and feel free to delete it.</p><p>Regards,\n\n" + ag.APP_COMPANYNAME + " Administration team.</p></body></html>", ref sErr); if (sErr != "") { return "Update completed. Unable to create test message: " + sErr; } } return "Notification settings updated. A test email will be sent to " + sUsersEmail + "."; } else { return "Notification settings updated."; } } }
public static string SaveNewUser(object[] oUser) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); acUI.AppGlobals ag = new acUI.AppGlobals(); string sSql = null; string sErr = null; // check the number of properties if (oUser.Length != 10) { return("Incorrect list of user properties"); } string sLoginID = oUser[0].ToString(); string sFullName = oUser[1].ToString(); string sAuthType = oUser[2].ToString(); string sUserPassword = oUser[3].ToString(); string sGeneratePW = oUser[4].ToString(); string sForcePasswordChange = oUser[5].ToString(); string sUserRole = oUser[6].ToString(); string sEmail = oUser[7].ToString(); string sStatus = oUser[8].ToString(); string sGroupArray = oUser[9].ToString(); // checks that cant be done on the client side // is the name unique? string sInuse = ""; if (!dc.sqlGetSingleString(ref sInuse, "select user_id from users where username = '******' limit 1", ref sErr)) { return("sErr"); } else { if (!string.IsNullOrEmpty(sInuse)) { return("Login ID '" + sLoginID + "' is unavailable, please choose another."); } } // password string sPassword = null; if (sAuthType == "local") { if (sGeneratePW == "1") //generate an initial strong password { sUserPassword = dc.GenerateNewPassword(); } sPassword = "******" + dc.EnCrypt(sUserPassword) + "'"; } else if (sAuthType == "ldap") { sPassword = "******"; } else { return("Unknown Authentication Type."); } // passed client and server validations, create the user string sNewUserID = ui.NewGUID(); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // all good, save the new user and redirect to the user edit page. sSql = "insert users" + " (user_id,username,full_name,authentication_type,user_password,force_change,email,status,user_role)" + " values " + "('" + sNewUserID + "'," + "'" + sLoginID.Trim().Replace("'", "''") + "'," + "'" + sFullName.Trim().Replace("'", "''") + "'," + "'" + sAuthType + "'," + sPassword + "," + "'" + sForcePasswordChange + "'," + "'" + sEmail.Trim() + "'," + "'" + sStatus + "'," + "'" + sUserRole + "'" + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } #region "groups" // add user groups, if there are any if (sGroupArray.Length > 0) { ArrayList aGroups = new ArrayList(sGroupArray.Split(',')); foreach (string sGroupName in aGroups) { sSql = "insert object_tags (object_id, object_type, tag_name)" + " values ('" + sNewUserID + "', 1, '" + sGroupName + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } } #endregion oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // add security log ui.WriteObjectAddLog(Globals.acObjectTypes.User, sNewUserID, sFullName.Trim().Replace("'", "''"), ""); //email out the password string sBody = ""; if (!dc.sqlGetSingleString(ref sBody, "select new_user_email_message from login_security_settings where id = 1", ref sErr)) { throw new Exception(sErr); } //default message if undefined in the table if (string.IsNullOrEmpty(sBody)) { sBody = sFullName + " - an account has been created for you in " + ag.APP_NAME + "." + Environment.NewLine + Environment.NewLine + "Your User Name: " + sLoginID + "." + Environment.NewLine + "Your temporary password: "******"." + Environment.NewLine; } //replace our special tokens with the values sBody = sBody.Replace("##FULLNAME##", sFullName).Replace("##USERNAME##", sLoginID); if (sGeneratePW == "1") { sBody = sBody.Replace("##PASSWORD##", sUserPassword); } else { sBody = sBody.Replace("##PASSWORD##", "Will be provided by an Administrator."); } if (!ui.SendEmailMessage(sEmail.Trim(), ag.APP_COMPANYNAME + " Account Management", "Welcome to " + ag.APP_COMPANYNAME, sBody, ref sErr)) { throw new Exception(sErr); } // no errors to here, so return an empty string return(""); }