// Populates the grid view of all the employers for Admin Secion public List<Employer> GetListOfEmployersAdmin() { List<Employer> ListOfEmployersAdmin = new List<Employer>(); try { using (SqlConnection Cxn = new SqlConnection(CxnString)) { using (SqlCommand Cmd = new SqlCommand("spGetEmployersAdmin", Cxn)) { Cxn.Open(); dr = Cmd.ExecuteReader(); while (dr.Read()) { Employer AdminEmployer = new Employer(); int empID = Convert.ToInt32(dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpID))); string empUsername = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpUsername)).ToString(); string empEmail = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpEmail)).ToString(); string empPhone = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpPhone)).ToString(); AdminEmployer.EmployerID = empID; AdminEmployer.EmployerUsername = empUsername; AdminEmployer.EmployerEmail = empEmail; AdminEmployer.EmployerPhone = empPhone; ListOfEmployersAdmin.Add(AdminEmployer); } Cxn.Close(); dr.Close(); } } } catch (SqlException ex) { throw; } return ListOfEmployersAdmin; }
// activate employer profile public bool ActivateEmpProfile(Employer employer) { try { DALRecruiterWebsiteManager DALMngr = new DALRecruiterWebsiteManager(); bool result = DALMngr.UpdateEmpProfile(employer); return result; } catch (Exception ex) { throw; } }
// create employer profile public bool CreateEmployerProfile(Employer Emp) { bool result = false; // 'using DAL; namespace allows for the created of an instance of the public class DALRecruiterWebsiteManager() DALRecruiterWebsiteManager DALRWebMngr = new DALRecruiterWebsiteManager(); try { result = DALRWebMngr.CreateEmpProfile(Emp); } catch (Exception ex) { throw; } return result; }
private void CreateNewEmpProfile() { // creates strings from name, email, phone textboxes string empUName = txtEmpSUUsername.Text.ToString(); string empEmail = txtEmpSUEmail.Text.ToString(); string empPhone = txtEmpSUPhone.Text.ToString(); string empPassword = txtEmpSUPassword.Text.ToString(); bool runValidation = RunValidation(empUName, empEmail, empPhone, empPassword); if (runValidation) { string empActivationCode = Guid.NewGuid().ToString(); bool empAccActive = false; // if passwords user entered match, do the following if (txtEmpSUPassword.Text == txtEmpSUPasswordConfirm.Text) { // creates a string for salted and hashed password // password is salted and hashed using the method CreateHash() // from the PassordHash class the source code of which comes from // https://github.com/defuse/password-hashing/blob/master/compatible/PasswordHash.cs // we learned how to implement the PasswordHash class from // https://www.youtube.com/watch?v=AR7_SHnptZc string saltHashReturned = PasswordHash.CreateHash(txtEmpSUPassword.Text); // from the first colon to the second is the 'salt' // from the second colon to the end is the 'hash' saltHashReturned = PasswordHash.CreateHash(txtEmpSUPassword.Text); int commaIndex = saltHashReturned.IndexOf(":"); string extractedString = saltHashReturned.Substring(0, commaIndex); commaIndex = saltHashReturned.IndexOf(":"); extractedString = saltHashReturned.Substring(commaIndex + 1); commaIndex = extractedString.IndexOf(":"); string salt = extractedString.Substring(0, commaIndex); commaIndex = extractedString.IndexOf(":"); extractedString = extractedString.Substring(commaIndex + 1); string hash = extractedString; Employer emp = new Employer(empUName, empEmail, empPhone, salt, saltHashReturned, empActivationCode, empAccActive); // 'using BLL;' namespace creates new instance of that class // string parameters are passed in BLLRecruiterWebsiteManager BLLRWebMngr = new BLLRecruiterWebsiteManager(); try { bool result = BLLRWebMngr.CreateEmployerProfile(emp); if (result) { Session["EmployerID"] = emp.EmployerID; SendActivationMail(empEmail, empUName, empActivationCode); Page.ClientScript.RegisterStartupScript(this.GetType(), "message", "confirm('Activation Email Sent')", true); Response.Redirect("~/EmployerActivation.aspx"); } else { Page.ClientScript.RegisterStartupScript(this.GetType(), "message", "alert('Error: try again)", true); } } catch (Exception ex) { Response.Write(ex.Message); throw; } } else { // error in the code here - neither message displaying //txtEmpSUPassword.Text = "Passwords do not match!"; txtEmpSUPassword.Text = "Passwords don't match!"; } } }
protected void Page_Load(object sender, EventArgs e){ Employer Emp = new Employer(); string Sesh = string.Empty; if (Session["EmployerID"] == null) { Response.Redirect("~/EmployerLogin.aspx"); } else { Sesh = Session["EmployerID"].ToString(); int SessionEmployerID = int.Parse(Sesh); List<JobApplication> Application = new List<JobApplication>(); BLL.BLLRecruiterWebsiteManager RequestJobApplicant = new BLL.BLLRecruiterWebsiteManager(); Application = RequestJobApplicant.GetApplicationsFormDatabase(SessionEmployerID); GridView1.DataSource = from t in Application select new { // CHANGED t.JobIdApplied, t.EmpidApplied, t.FullName, t.ContactNumber, t.Email, t.CoverLetter, t.UploadCvPath }; GridView1.DataBind(); List<Job> JobList = new List<Job>(); BLL.BLLRecruiterWebsiteManager RequestJobList = new BLL.BLLRecruiterWebsiteManager(); JobList = RequestJobList.ListJobs(SessionEmployerID); /* DataSet ds = new DataSet(); DataTable dt = new DataTable("myTable"); dt.Columns.Add("JobID", typeof(int)); dt.Columns.Add("EmpID", typeof(int)); dt.Columns.Add("Category",typeof(string)); dt.Columns.Add("Title", typeof(string)); dt.Columns.Add("Location",typeof(string)); dt.Columns.Add("Requirements",typeof(string)); dt.Columns.Add("Salary",typeof(decimal)); foreach (var item in JobList) { DataRow dr = dt.NewRow(); dr["JobID"] = item.JobID; dr["EmpID"] = item.EmpID; dr["Category"] = item.Category; dr["Title"] = item.Title; dr["Location"] = item.Location; dr["Requirements"] = item.Requirements; dr["Salary"] = item.Salary; dt.Rows.Add(dr); } ds.Tables.Add(dt); * * */ GridView2.DataSource = from x in JobList orderby x.DateCreated ascending select new { x.JobID, x.EmpID, x.Category, x.Title, x.Company, x.Location, x.Description, x.Type, x.Terms, x.Salary, x.DateCreated }; GridView2.DataBind(); } }
// activation emp profile public bool UpdateEmpProfile(Employer Emp) { bool result = false; try { using (SqlConnection Cxn = new SqlConnection(CxnString)) { using (SqlCommand Cmd = new SqlCommand("spActiveEmpProfile", Cxn)) { // declares sql command as stored procedure Cmd.CommandType = CommandType.StoredProcedure; // declares parameters of stored procedure SqlParameter UpdateUserNameParam = new SqlParameter("@EmpUsername", SqlDbType.NVarChar, 20); SqlParameter UpdateAccountActive = new SqlParameter("@EmpAccountActive", SqlDbType.Bit); // sets stored procedure parameters to the parameters of this method UpdateUserNameParam.Value = Emp.EmployerUsername; UpdateAccountActive.Value = Emp.EmployerAccountActive; // adds parameters to the command Cmd.Parameters.Add(UpdateUserNameParam); Cmd.Parameters.Add(UpdateAccountActive); // opens up sql db connection, executes sql command and closes the connection Cxn.Open(); int i = Cmd.ExecuteNonQuery(); if (i > 0) { result = true; } Cxn.Close(); } } } catch (SqlException ex) { // only throws the sql connection as ex.Message // cannot be displayed to screen from this data layer class throw; } return result; }
// returns list of employers public List<Employer> GetListOfEmployers() { // declares variable string to be returned by method List<Employer> EmpList = new List<Employer>(); try { using (SqlConnection Cxn = new SqlConnection(CxnString)) { using (SqlCommand Cmd = new SqlCommand("spGetAllEmp", Cxn)) { // declares sql command as stored procedure Cmd.CommandType = CommandType.StoredProcedure; // open connection to Cxn.Open(); // creates DataReader for reading data from database dr = Cmd.ExecuteReader(); // while loop to start reading data while (dr.Read()) { int empID = Convert.ToInt32(dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpID))); string empUsername = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpUsername)).ToString(); string empEmail = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpEmail)).ToString(); string empPhone = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpPhone)).ToString(); string empSalt = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpSalt)).ToString(); string empSaltPwd = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpSaltPwd)).ToString(); string empAccKey = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpActivationKey)).ToString(); bool empAccActive = (dr.GetBoolean(Convert.ToInt32(Emp_GetObject.SP_GetAccountActive))); Employer Emp = new Employer(empUsername, empEmail, empPhone, empSalt, empSaltPwd, empAccKey, empAccActive); Emp.EmployerID = empID; EmpList.Add(Emp); } // close both data reader and database connection dr.Close(); Cxn.Close(); } } return EmpList; } catch (Exception ex) { throw; } }
// log in for emloyers public Employer GetEmpLogin(string empUName, string empSHPwd) { // declares variable string to be returned by method Employer Emp = null; try { using (SqlConnection Cxn = new SqlConnection(CxnString)) { using (SqlCommand Cmd = new SqlCommand("spGetEmpLogin", Cxn)) { // declares sql command as stored procedure Cmd.CommandType = CommandType.StoredProcedure; // declares parameters of stored procedure SqlParameter InsertUserNameParam = new SqlParameter("@EmpUsername", SqlDbType.NVarChar, 20); // sets stored procedure parameter to the parameter of this method InsertUserNameParam.Value = empUName; // adds parameters to the command Cmd.Parameters.Add(InsertUserNameParam); // open connection to Cxn.Open(); // creates DataReader for reading data from database dr = Cmd.ExecuteReader(); // while loop to start reading data while (dr.Read()) { int empID = Convert.ToInt32(dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpID))); string empUsername = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpID)).ToString(); string empEmail = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpEmail)).ToString(); string empPhone = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpPhone)).ToString(); string empSalt = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpSalt)).ToString(); string empSaltPwd = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpSaltPwd)).ToString(); string empAccKey = dr.GetValue(Convert.ToInt32(Emp_GetObject.SP_GetEmpActivationKey)).ToString(); bool empAccActive = (dr.GetBoolean(Convert.ToInt32(Emp_GetObject.SP_GetAccountActive))); Emp = new Employer(empUsername, empEmail, empPhone, empSalt, empSaltPwd, empAccKey, empAccActive); Emp.EmployerID = empID; } // close both data reader and database connection dr.Close(); Cxn.Close(); } } return Emp; } catch (Exception ex) { throw; } }
// creates an employer profile. public bool CreateEmpProfile(Employer Emp) { bool result = false; try { using (SqlConnection Cxn = new SqlConnection(CxnString)) { using(SqlCommand Cmd = new SqlCommand("spCreateEmpProfile",Cxn)) { // declares sql command as stored procedure Cmd.CommandType = CommandType.StoredProcedure; // declares parameters of stored procedure SqlParameter InsertUserNameParam = new SqlParameter("@EmpUsername", SqlDbType.NVarChar, 20); SqlParameter InsertEmailParam = new SqlParameter("@EmpEmail", SqlDbType.NVarChar, 100); SqlParameter InsertPhoneParam = new SqlParameter("@EmpPhone", SqlDbType.NVarChar, 20); SqlParameter InsertSaltParam = new SqlParameter("@EmpSalt", SqlDbType.NVarChar, 100); SqlParameter InsertSlowHashSalt = new SqlParameter("@EmpSlowHashSalt", SqlDbType.NVarChar, 256); SqlParameter InsertActivationKey = new SqlParameter("@EmpActivationKey", SqlDbType.NVarChar, 256); SqlParameter InsertAccountActive = new SqlParameter("@EmpAccountActive", SqlDbType.Bit); SqlParameter InsertEmpIDParam = new SqlParameter("@empid", SqlDbType.Int); // sets stored procedure parameters to the parameters of this method InsertUserNameParam.Value = Emp.EmployerUsername; InsertEmailParam.Value = Emp.EmployerEmail; InsertPhoneParam.Value = Emp.EmployerPhone; InsertSaltParam.Value = Emp.EmployerSalt; InsertSlowHashSalt.Value = Emp.EmployerSaltHashPwd; InsertActivationKey.Value = Emp.EmployerActivationKey; InsertAccountActive.Value = Emp.EmployerAccountActive; InsertEmpIDParam.Direction = ParameterDirection.Output; // adds parameters to the command Cmd.Parameters.Add(InsertUserNameParam); Cmd.Parameters.Add(InsertEmailParam); Cmd.Parameters.Add(InsertPhoneParam); Cmd.Parameters.Add(InsertSaltParam); Cmd.Parameters.Add(InsertSlowHashSalt); Cmd.Parameters.Add(InsertActivationKey); Cmd.Parameters.Add(InsertAccountActive); Cmd.Parameters.Add(InsertEmpIDParam); // opens up sql db connection, executes sql command and closes the connection Cxn.Open(); int i = Cmd.ExecuteNonQuery(); if(i > 0) { // returns employer ID from database via sql output Emp.EmployerID = Convert.ToInt32(InsertEmpIDParam.Value); result = true; } Cxn.Close(); } } } catch (SqlException ex) { // only throws the sql connection as ex.Message // cannot be displayed to screen from this data layer class throw; } return result; }