public override string ResetPassword(string username, string answer)
{
T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);
if (u != null)
{
//generate new password
string newPass = RandomString(10);
string salt = GenerateSalt();
string hashpass = HashPassword(newPass, _PasswordFormat, salt);
//save updated hashed password and salt
if (db_Accounts.UpdateT_OE_USERS(u.USER_IDX, hashpass, salt, null, null, null, null, true, null, null, null, null, null, 0, null, null, null, null, null, null, null, null) == 1)
{
//encrypt username for email
string encryptOauth = new SimpleAES().Encrypt(newPass + "||" + username);
encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);
//send verification email to user
string msg = "Your EECIP password has been reset."
+ "\r\n\r\n Your username is: " + username
+ "\r\n\r\n You must click the following link to set your permanent password: "******"\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth
+ "\r\n\r\n "
+ "\r\n\r\n ABOUT EECIP"
+ "\r\n\r\n ----------"
+ "\r\n\r\n The E - Enterprise Community Inventory Platform (EECIP) is an online community and living project inventory for state, local, tribal, and other environmental agencies and their employees across the United States. This tool was developed under the E-Enterprise for the Environment initiative to support state, tribal, and U.S. EPA staff working to modernize the business of environmental protection.";
//send verification email to user
string messageHTML = "<p><b>Your EECIP password has been reset.</b></p>"
+ "<p>Your username is: " + username + "</p>"
+ "<p>You must click the following link to set your permanent password: </p>"
+ "<p><a href='" + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth + "'>Click Verification Link</a></p>"
+ "<p></p>"
+ "<p>ABOUT EECIP</p>"
+ "<p>----------</p>"
+ "<p>The E - Enterprise Community Inventory Platform (EECIP) is an online community and living project inventory for state, local, tribal, and other environmental agencies and their employees across the United States. This tool was developed under the E-Enterprise for the Environment initiative to support state, tribal, and U.S. EPA staff working to modernize the business of environmental protection.</p>";
if (Utils.SendEmail(null, u.EMAIL, null, null, "EECIP Password Reset", msg, null, "", messageHTML))
{
return("Success: Please check your email for password reset instructions.");
}
else
{
return("Error in sending email");
}
}
else
{
return("Error resetting password");
}
}
else
{
return("Error: Email does not exist in the system.");
}
}
public override string ResetPassword(string username, string answer)
{
T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);
if (u != null)
{
//generate new password
string newPass = RandomString(10);
string salt = GenerateSalt();
string hashpass = HashPassword(newPass, _PasswordFormat, salt);
//save updated hashed password and salt
if (db_Accounts.UpdateT_OE_USERS(u.USER_IDX, hashpass, salt, null, null, null, null, true, null, null, null, null, null, 0, null, null) == 1)
{
//encrypt username for email
string encryptOauth = new SimpleAES().Encrypt(newPass + "||" + username);
encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);
//send verification email to user
string msg = "Your EECIP password has been reset."
+ "\r\n\r\n Your username is: " + username
+ "\r\n\r\n You must click the following link to set your permanent password: "******"\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth;
//send verification email to user
string messageHTML = "<p><b>Your EECIP password has been reset.</b></p>"
+ "<p>Your username is: " + username + "</p>"
+ "<p>You must click the following link to set your permanent password: </p>"
+ "<p><a href='" + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth + "'>Click Verification Link</a></p>";
if (Utils.SendEmail(null, u.EMAIL, null, null, "EECIP Password Reset", msg, null, "", messageHTML))
{
return("Success: Please check your email for password reset instructions.");
}
else
{
return("Error in sending email");
}
}
else
{
return("Error resetting password");
}
}
else
{
return("Error: Email does not exist in the system.");
}
}
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
status = MembershipCreateStatus.Success;
//******************************** BEGIN VALIDATION ********************************************************
//Validate Username Length
if (username.Length > 150)
{
status = MembershipCreateStatus.InvalidEmail;
return(null);
}
T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);
if (u != null)
{
//Duplicate username found -return error
status = MembershipCreateStatus.DuplicateUserName;
return(null);
}
//******************************** END VALIDATION ***********************************************************
try
{
//Generate password and hash it
password = RandomString(10);
string salt = GenerateSalt();
string hashpass = HashPassword(password, _PasswordFormat, salt);
//create user record
int createUser = db_Accounts.CreateT_OE_USERS(username, hashpass, salt, "", "", email, true, true, null, null, null, 0);
if (createUser > 0) //Success
{
//encrypt username for email
string encryptOauth = new SimpleAES().Encrypt(password + "||" + username);
encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);
//send verification email to user
string message = "Welcome to EECIP."
+ "\r\n\r\n Your username is: " + username
+ "\r\n\r\n You must activate your account by clicking the following link: "
+ "\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth
+ "\r\n\r\n After verifying your account you will be prompted to enter a permanent password.";
//send verification email to user
string messageHTML = "<p><b>Welcome to EECIP.</b></p>"
+ "<p>Your username is: " + username + "</p>"
+ "<p>You must activate your account by clicking the following link: </p>"
+ "<p><a href='" + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth + "'>Click Verification Link</a></p>"
+ "<p>After verifying your account you will be prompted to enter a permanent password.</p>";
bool EmailStatus = Utils.SendEmail(null, email, null, null, "Confirm Your EECIP Account", message, null, "", messageHTML);
//delete user if the email sending failed
if (EmailStatus == false)
{
status = MembershipCreateStatus.InvalidEmail;
db_Accounts.DeleteT_OE_USERS(createUser);
}
return(new MembershipUser(this.Name, username, createUser, email, passwordQuestion, null, isApproved, false, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now));
}
else
{
status = MembershipCreateStatus.ProviderError;
return(null);
}
}
catch (Exception exp)
{
throw exp;
}
}
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
status = MembershipCreateStatus.Success;
//******************************** BEGIN VALIDATION ********************************************************
//Validate Username Length
if (username.Length > 150)
{
status = MembershipCreateStatus.InvalidEmail;
return(null);
}
T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);
if (u != null)
{
//Duplicate username found -return error
status = MembershipCreateStatus.DuplicateUserName;
return(null);
}
//******************************** END VALIDATION ***********************************************************
try
{
//Generate password and hash it
password = RandomString(10);
string salt = GenerateSalt();
string hashpass = HashPassword(password, _PasswordFormat, salt);
//create user record
int createUser = db_Accounts.CreateT_OE_USERS(username, hashpass, salt, "", "", email, true, true, null, null, null, 0);
if (createUser > 0) //Success
{
//encrypt username for email
string encryptOauth = new SimpleAES().Encrypt(password + "||" + username);
encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);
//send verification email to user
string message = "Welcome to EECIP."
+ "\r\n\r\n Your username is: " + username
+ "\r\n\r\n You must activate your account by clicking the following link: "
+ "\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth
+ "\r\n\r\n After verifying your account you will be prompted to enter a permanent password."
+ "\r\n\r\n "
+ "\r\n\r\n ABOUT EECIP"
+ "\r\n\r\n ----------"
+ "\r\n\r\n The E - Enterprise Community Inventory Platform (EECIP) is an online community and living project inventory for state, local, tribal, and other environmental agencies and their employees across the United States. This tool was developed under the E-Enterprise for the Environment initiative to support state, tribal, and U.S. EPA staff working to modernize the business of environmental protection.";
//send verification email to user
string messageHTML = "<p><b>Welcome to EECIP.</b></p>"
+ "<p>Your username is: " + username + "</p>"
+ "<p>You must activate your account by clicking the following link: </p>"
+ "<p><a href='" + db_Ref.GetT_OE_APP_SETTING("PUBLIC_APP_PATH") + "/Account/Verify?oauthcrd=" + encryptOauth + "'>Click Verification Link</a></p>"
+ "<p>After verifying your account you will be prompted to enter a permanent password.</p>"
+ "<p></p>"
+ "<p>ABOUT EECIP</p>"
+ "<p>----------</p>"
+ "<p>The E - Enterprise Community Inventory Platform (EECIP) is an online community and living project inventory for state, local, tribal, and other environmental agencies and their employees across the United States. This tool was developed under the E-Enterprise for the Environment initiative to support state, tribal, and U.S. EPA staff working to modernize the business of environmental protection.</p>";
bool EmailStatus = Utils.SendEmail(null, email, null, null, "Confirm Your EECIP Account", message, null, "", messageHTML);
db_Ref.InsertT_OE_SYS_EMAIL_LOG(null, email, null, "Confirm Your EECIP Account", "", "Register");
//delete user if the email sending failed
if (EmailStatus == false)
{
status = MembershipCreateStatus.InvalidEmail;
db_Accounts.DeleteT_OE_USERS(createUser);
}
return(new MembershipUser(this.Name, username, createUser, email, passwordQuestion, null, isApproved, false, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now));
}
else
{
status = MembershipCreateStatus.ProviderError;
return(null);
}
}
catch (Exception exp)
{
throw exp;
}
}