Esempio n. 1
0
        public override string ResetPassword(string username, string answer)
        {
            T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);

            if (u != null)
            {
                //generate new password
                string newPass  = RandomString(10);
                string salt     = GenerateSalt();
                string hashpass = HashPassword(newPass, _PasswordFormat, salt);

                //save updated hashed password and salt
                if (db_Accounts.UpdateT_OE_USERS(u.USER_IDX, hashpass, salt, null, null, null, null, true, null, null, null, null, null, 0, null, null, null, null, null, null, null, null) == 1)
                {
                    //encrypt username for email
                    string encryptOauth = new SimpleAES().Encrypt(newPass + "||" + username);
                    encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);

                    //send verification email to user
                    string msg = "Your EECIP password has been reset."
                                 + "\r\n\r\n Your username is: " + username
                                 + "\r\n\r\n You must click the following link to set your permanent password: "******"\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth
                                 + "\r\n\r\n "
                                 + "\r\n\r\n ABOUT EECIP"
                                 + "\r\n\r\n ----------"
                                 + "\r\n\r\n The E - Enterprise Community Inventory Platform (EECIP) is an online community and living project inventory for state, local, tribal, and other environmental agencies and their employees across the United States. This tool was developed under the E-Enterprise for the Environment initiative to support state, tribal, and U.S. EPA staff working to modernize the business of environmental protection.";


                    //send verification email to user
                    string messageHTML = "<p><b>Your EECIP password has been reset.</b></p>"
                                         + "<p>Your username is: " + username + "</p>"
                                         + "<p>You must click the following link to set your permanent password: </p>"
                                         + "<p><a href='" + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth + "'>Click Verification Link</a></p>"
                                         + "<p></p>"
                                         + "<p>ABOUT EECIP</p>"
                                         + "<p>----------</p>"
                                         + "<p>The E - Enterprise Community Inventory Platform (EECIP) is an online community and living project inventory for state, local, tribal, and other environmental agencies and their employees across the United States. This tool was developed under the E-Enterprise for the Environment initiative to support state, tribal, and U.S. EPA staff working to modernize the business of environmental protection.</p>";


                    if (Utils.SendEmail(null, u.EMAIL, null, null, "EECIP Password Reset", msg, null, "", messageHTML))
                    {
                        return("Success: Please check your email for password reset instructions.");
                    }
                    else
                    {
                        return("Error in sending email");
                    }
                }
                else
                {
                    return("Error resetting password");
                }
            }
            else
            {
                return("Error: Email does not exist in the system.");
            }
        }
Esempio n. 2
0
        public override string ResetPassword(string username, string answer)
        {
            T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);

            if (u != null)
            {
                //generate new password
                string newPass  = RandomString(10);
                string salt     = GenerateSalt();
                string hashpass = HashPassword(newPass, _PasswordFormat, salt);

                //save updated hashed password and salt
                if (db_Accounts.UpdateT_OE_USERS(u.USER_IDX, hashpass, salt, null, null, null, null, true, null, null, null, null, null, 0, null, null) == 1)
                {
                    //encrypt username for email
                    string encryptOauth = new SimpleAES().Encrypt(newPass + "||" + username);
                    encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);

                    //send verification email to user
                    string msg = "Your EECIP password has been reset."
                                 + "\r\n\r\n Your username is: " + username
                                 + "\r\n\r\n You must click the following link to set your permanent password: "******"\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth;

                    //send verification email to user
                    string messageHTML = "<p><b>Your EECIP password has been reset.</b></p>"
                                         + "<p>Your username is: " + username + "</p>"
                                         + "<p>You must click the following link to set your permanent password: </p>"
                                         + "<p><a href='" + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth + "'>Click Verification Link</a></p>";

                    if (Utils.SendEmail(null, u.EMAIL, null, null, "EECIP Password Reset", msg, null, "", messageHTML))
                    {
                        return("Success: Please check your email for password reset instructions.");
                    }
                    else
                    {
                        return("Error in sending email");
                    }
                }
                else
                {
                    return("Error resetting password");
                }
            }
            else
            {
                return("Error: Email does not exist in the system.");
            }
        }
Esempio n. 3
0
        public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
        {
            status = MembershipCreateStatus.Success;

            //******************************** BEGIN VALIDATION ********************************************************
            //Validate Username Length
            if (username.Length > 150)
            {
                status = MembershipCreateStatus.InvalidEmail;
                return(null);
            }

            T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);

            if (u != null)
            {
                //Duplicate username found -return error
                status = MembershipCreateStatus.DuplicateUserName;
                return(null);
            }
            //******************************** END VALIDATION ***********************************************************

            try
            {
                //Generate password and hash it
                password = RandomString(10);
                string salt     = GenerateSalt();
                string hashpass = HashPassword(password, _PasswordFormat, salt);

                //create user record
                int createUser = db_Accounts.CreateT_OE_USERS(username, hashpass, salt, "", "", email, true, true, null, null, null, 0);
                if (createUser > 0)  //Success
                {
                    //encrypt username for email
                    string encryptOauth = new SimpleAES().Encrypt(password + "||" + username);
                    encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);

                    //send verification email to user
                    string message = "Welcome to EECIP."
                                     + "\r\n\r\n Your username is: " + username
                                     + "\r\n\r\n You must activate your account by clicking the following link: "
                                     + "\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth
                                     + "\r\n\r\n After verifying your account you will be prompted to enter a permanent password.";

                    //send verification email to user
                    string messageHTML = "<p><b>Welcome to EECIP.</b></p>"
                                         + "<p>Your username is: " + username + "</p>"
                                         + "<p>You must activate your account by clicking the following link: </p>"
                                         + "<p><a href='" + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth + "'>Click Verification Link</a></p>"
                                         + "<p>After verifying your account you will be prompted to enter a permanent password.</p>";


                    bool EmailStatus = Utils.SendEmail(null, email, null, null, "Confirm Your EECIP Account", message, null, "", messageHTML);

                    //delete user if the email sending failed
                    if (EmailStatus == false)
                    {
                        status = MembershipCreateStatus.InvalidEmail;
                        db_Accounts.DeleteT_OE_USERS(createUser);
                    }

                    return(new MembershipUser(this.Name, username, createUser, email, passwordQuestion, null, isApproved, false, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now));
                }
                else
                {
                    status = MembershipCreateStatus.ProviderError;
                    return(null);
                }
            }
            catch (Exception exp)
            {
                throw exp;
            }
        }
Esempio n. 4
0
        public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
        {
            status = MembershipCreateStatus.Success;

            //******************************** BEGIN VALIDATION ********************************************************
            //Validate Username Length
            if (username.Length > 150)
            {
                status = MembershipCreateStatus.InvalidEmail;
                return(null);
            }

            T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);

            if (u != null)
            {
                //Duplicate username found -return error
                status = MembershipCreateStatus.DuplicateUserName;
                return(null);
            }
            //******************************** END VALIDATION ***********************************************************

            try
            {
                //Generate password and hash it
                password = RandomString(10);
                string salt     = GenerateSalt();
                string hashpass = HashPassword(password, _PasswordFormat, salt);

                //create user record
                int createUser = db_Accounts.CreateT_OE_USERS(username, hashpass, salt, "", "", email, true, true, null, null, null, 0);
                if (createUser > 0)  //Success
                {
                    //encrypt username for email
                    string encryptOauth = new SimpleAES().Encrypt(password + "||" + username);
                    encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);

                    //send verification email to user
                    string message = "Welcome to EECIP."
                                     + "\r\n\r\n Your username is: " + username
                                     + "\r\n\r\n You must activate your account by clicking the following link: "
                                     + "\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth
                                     + "\r\n\r\n After verifying your account you will be prompted to enter a permanent password."
                                     + "\r\n\r\n "
                                     + "\r\n\r\n ABOUT EECIP"
                                     + "\r\n\r\n ----------"
                                     + "\r\n\r\n The E - Enterprise Community Inventory Platform (EECIP) is an online community and living project inventory for state, local, tribal, and other environmental agencies and their employees across the United States. This tool was developed under the E-Enterprise for the Environment initiative to support state, tribal, and U.S. EPA staff working to modernize the business of environmental protection.";


                    //send verification email to user
                    string messageHTML = "<p><b>Welcome to EECIP.</b></p>"
                                         + "<p>Your username is: " + username + "</p>"
                                         + "<p>You must activate your account by clicking the following link: </p>"
                                         + "<p><a href='" + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth + "'>Click Verification Link</a></p>"
                                         + "<p>After verifying your account you will be prompted to enter a permanent password.</p>"
                                         + "<p></p>"
                                         + "<p>ABOUT EECIP</p>"
                                         + "<p>----------</p>"
                                         + "<p>The E - Enterprise Community Inventory Platform (EECIP) is an online community and living project inventory for state, local, tribal, and other environmental agencies and their employees across the United States. This tool was developed under the E-Enterprise for the Environment initiative to support state, tribal, and U.S. EPA staff working to modernize the business of environmental protection.</p>";



                    bool EmailStatus = Utils.SendEmail(null, email, null, null, "Confirm Your EECIP Account", message, null, "", messageHTML);
                    db_Ref.InsertT_OE_SYS_EMAIL_LOG(null, email, null, "Confirm Your EECIP Account", "", "Register");


                    //delete user if the email sending failed
                    if (EmailStatus == false)
                    {
                        status = MembershipCreateStatus.InvalidEmail;
                        db_Accounts.DeleteT_OE_USERS(createUser);
                    }

                    return(new MembershipUser(this.Name, username, createUser, email, passwordQuestion, null, isApproved, false, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now));
                }
                else
                {
                    status = MembershipCreateStatus.ProviderError;
                    return(null);
                }
            }
            catch (Exception exp)
            {
                throw exp;
            }
        }