protected void Page_Load(object sender, EventArgs e) { Response.Cache.SetCacheability(HttpCacheability.NoCache); Response.ExpiresAbsolute = DateTime.Now.AddMonths(-1); try { if (IsPostBack != null) { string userID = Request.QueryString["ui"]; string code = Request.QueryString["sp"]; string codePart = code; string myString = codePart.ToString(); string subString = myString.Substring(0, 32); objReset = new Reset(); DisableControls(); objEntReset = objReset.checkAunthentication(userID, subString); string clientValue = md5.CalculateMD5Hash(txtAnswerCheck.Text.Trim()); if (txtAnswerCheck.Text != "") { if (objEntReset != null && subString == clientValue.ToUpper()) { clsUserDetails obj = new clsUserDetails(); obj.GetUserDetails(int.Parse(userID)); if (subString == objEntReset.userAns && userID == objEntReset.userID) { EnableControls(); lblReset.Text = "Please Reset Your Password."; hplLogin.Enabled = true; btnUpdate.Enabled = true; lblPasswordMessage.Enabled = true; lblPasswordMessage.Text = "Password Must contain atleast 8 characters, including 1 digit, 1 Symbol & 1 UPPERCASE character"; } else { lblPasswordMessage.Text = "Unable to reset your password, please check your security answer."; btnUpdate.Enabled = false; } } else { lblPasswordMessage.Text = "Unable to reset your password, please check your security answer."; lblReset.Text = ""; btnUpdate.Enabled = false; } } } } catch (Exception ex) { logger.Error(ex); lblPasswordMessage.Text = ""; } }
public bool editAuthenticateUserSecurity(string userID, string passWord) { if (objConnection.Connection.State == ConnectionState.Closed) { objConnection.Connection.Open(); } SqlParameter[] param = new SqlParameter[] { new SqlParameter("@UserID", userID), new SqlParameter("@newPassword", passWord) }; objEnt = new clsEntReset(); objConnection.ExecuteNonQuery(clsConstant.SP_EDIT_ATHENTICATE_USER_SECURITY, CommandType.StoredProcedure, param); return(true); }
public clsEntReset checkAunthentication(string userid, string code) { SqlParameter[] param = new SqlParameter[] { new SqlParameter("@cUserIdentifier", userid), new SqlParameter("@cUserPassword", code) }; objEnt = new clsEntReset(); if (objConnection.Connection.State == ConnectionState.Closed) { objConnection.Connection.Open(); } reader = objConnection.ExecuteDataSetQuery(clsConstant.SP_ATHENTICATE_USER_SECURITY, CommandType.StoredProcedure, param); if (reader.Tables[0] != null && reader.Tables[0].Rows.Count > 0) { //------------------------ objEnt.userID = reader.Tables[0].Rows[0][0].ToString(); objEnt.userAns = reader.Tables[0].Rows[0][1].ToString(); //objEnt.userRequestDate = reader.Tables[0].Rows[0][2].ToString(); //objEnt.linkNo = reader.Tables[0].Rows[0][3].ToString(); } return(objEnt); }
protected void btnGetPsWd_Click(object sender, EventArgs e) { try { //if (Session["ForgetToken"] == null) //{ // Response.Redirect("~/Login.aspx"); //} //else //{ //call reader string result = txtForgetPassword.Text; string email_ID = ""; int check = result.IndexOf("@"); if (check != 0 && check != -1) { email_ID = txtForgetPassword.Text; txtForgetPassword.Text = ""; } objEnt = objForget.getPassword(txtForgetPassword.Text, email_ID); ////////////// ///Security Answer with userID ///////////// //string code = SimpleHash.HMACSha1(txtAnswer.Text.Trim(), clsConstant.INITVECTOR); string code = txtAnswer.Text; objReset = new Reset(); objEntReset = objReset.checkAunthentication(((objEnt.UserID).ToString()), code.ToUpper()); objForget.saveUserAnswer(objEnt.UserID, code.ToUpper()); if (objEnt != null && objEnt.UserName != null) { //string email = txtForgetPassword.Text; string userName = objEnt.UserName; //get value from Entity string passWord = objEnt.Password; string outPut = code.ToUpper() + "." + passWord; //string newPassword = Encryption.Decrypt(passWord.Trim(), clsConstant.INITVECTOR); string clientValue = txtForgetPassword.Text; string email = objEnt.email; //Send mail to the login user // if (objUtil.sendMail(email, userName, outPut, objEnt.UserID))//For localhost MailUtility obj = new MailUtility(); /****************hide by pramod *************/ // if (objUtil.SendEmail(email, userName, outPut, objEnt.UserID))//For the server hide by pramod // { if (SendMail(email, "Reset Password", "", userName, outPut, objEnt.UserID)) { lblMessage.Text = "Mail Delivered Successfully, Please Check Your Inbox"; lblMessage.ForeColor = System.Drawing.Color.White; btnGetPsWd.Enabled = false; Session["ForgetToken"] = null; } else { lblMessage.Text = "Unable to Send Mail"; lblMessage.ForeColor = System.Drawing.Color.White; } } /*********************new code added by pramod*******/ //if (obj.SendMail(email, "Regarding your Credentials","", userName, outPut, objEnt.UserID)) //{ // lblMessage.Text = "Mail Delivered Successfully, Please Check Your Inbox"; // lblMessage.ForeColor = System.Drawing.Color.White; // btnGetPsWd.Enabled = false; //} //else //{ // lblMessage.Text = "Unable to Send Mail"; // lblMessage.ForeColor = System.Drawing.Color.White; //} //} else { lblMessage.Text = "User or EmailID Does Not Exists"; lblMessage.ForeColor = System.Drawing.Color.White; } //} } catch (Exception ex) { logger.Error(ex); lblMessage.Text = ex.Message; lblMessage.ForeColor = System.Drawing.Color.White; } }