protected void _btnSignin_Click(object sender, EventArgs e)
{
acc.email = txtEmail.Text;
string password = txtPassword.Text;
DataRow dr = new AccountDataManager().getAccount(acc.email);
if (dr == null)
{
lblMessage.Text = "This email does not exist.";
}
else
{
acc.email = dr["email"].ToString();
acc.hashed_password = dr["password"].ToString();
acc.salt = dr["salt"].ToString();
if (acc.validatePassword(password))
{
Response.Cookies["userid"].Value = dr["id"].ToString();
Response.Cookies["userid"].Expires = DateTime.Now.AddDays(14);
Response.Redirect("/");
}
else
{
lblMessage.Text = "Wrong email or password.";
}
}
}
protected void btnChangePassword_Click(object sender, EventArgs e)
{
currentPassword = txtCurPassword.Text;
newPassword = txtPassword.Text;
DataRow dr = new AccountDataManager().getAccount(acc.id);
acc.email = dr["email"].ToString();
acc.hashed_password = dr["password"].ToString();
acc.salt = dr["salt"].ToString();
if (acc.validatePassword(currentPassword))
{
acc.changePassword(newPassword);
new AccountDataManager().updateAccount(acc);
lblMessage.Text = "Changed password successfully";
lblMessage.ForeColor = System.Drawing.Color.Blue;
}
else
{
lblMessage.Text = "Incorrect current password";
lblMessage.ForeColor = System.Drawing.Color.Red;
}
}