public static bool Update(dbo_LoginHistoryClass newdbo_LoginHistoryClass)
{
SqlConnection connection = SAMDataClass.GetConnection();
string updateProcedure = "[LoginHistoryUpdate]";
SqlCommand updateCommand = new SqlCommand(updateProcedure, connection);
updateCommand.CommandType = CommandType.StoredProcedure;
if (newdbo_LoginHistoryClass.User_ID != null)
{
updateCommand.Parameters.AddWithValue("@NewUser_ID", newdbo_LoginHistoryClass.User_ID);
}
else
{
updateCommand.Parameters.AddWithValue("@NewUser_ID", DBNull.Value);
}
if (newdbo_LoginHistoryClass.Login_Time.HasValue == true)
{
updateCommand.Parameters.AddWithValue("@NewLogin_Time", newdbo_LoginHistoryClass.Login_Time);
}
else
{
updateCommand.Parameters.AddWithValue("@NewLogin_Time", DBNull.Value);
}
if (newdbo_LoginHistoryClass != null)
{
updateCommand.Parameters.AddWithValue("@NewStatus", newdbo_LoginHistoryClass.Status);
}
else
{
updateCommand.Parameters.AddWithValue("@NewStatus", DBNull.Value);
}
updateCommand.Parameters.Add("@ReturnValue", System.Data.SqlDbType.Int);
updateCommand.Parameters["@ReturnValue"].Direction = ParameterDirection.Output;
try
{
connection.Open();
updateCommand.ExecuteNonQuery();
int count = System.Convert.ToInt32(updateCommand.Parameters["@ReturnValue"].Value);
if (count > 0)
{
return(true);
}
else
{
return(false);
}
}
catch (SqlException ex)
{
logger.Error(ex.Message);
return(false);
}
finally
{
connection.Close();
}
}
public static bool Add(dbo_LoginHistoryClass clsdbo_LoginHistory)
{
SqlConnection connection = SAMDataClass.GetConnection();
string insertProcedure = "[dbo].[LoginHistoryInsert]";
SqlCommand insertCommand = new SqlCommand(insertProcedure, connection);
insertCommand.CommandType = CommandType.StoredProcedure;
if (clsdbo_LoginHistory.User_ID != null)
{
insertCommand.Parameters.AddWithValue("@User_ID", clsdbo_LoginHistory.User_ID);
}
else
{
insertCommand.Parameters.AddWithValue("@User_ID", DBNull.Value);
}
if (clsdbo_LoginHistory.Login_Time.HasValue == true)
{
insertCommand.Parameters.AddWithValue("@Login_Time", clsdbo_LoginHistory.Login_Time);
}
else
{
insertCommand.Parameters.AddWithValue("@Login_Time", DBNull.Value);
}
if (clsdbo_LoginHistory != null)
{
insertCommand.Parameters.AddWithValue("@Status", clsdbo_LoginHistory.Status);
}
else
{
insertCommand.Parameters.AddWithValue("@Status", DBNull.Value);
}
insertCommand.Parameters.Add("@ReturnValue", System.Data.SqlDbType.Int);
insertCommand.Parameters["@ReturnValue"].Direction = ParameterDirection.Output;
try
{
connection.Open();
insertCommand.ExecuteNonQuery();
int count = System.Convert.ToInt32(insertCommand.Parameters["@ReturnValue"].Value);
if (count > 0)
{
return(true);
}
else
{
return(false);
}
}
catch (SqlException ex)
{
logger.Error(ex.Message);
return(false);
}
finally
{
connection.Close();
}
}
private void unlock_user()
{
System.Threading.Thread.Sleep(60000);
dbo_LoginHistoryClass login = new dbo_LoginHistoryClass();
login.Status = "Invalid Password(reset)";
login.User_ID = user_id;
dbo_LoginHistoryDataClass.Update(login);
login.Status = "reset";
login.Login_Time = DateTime.Now;
dbo_LoginHistoryDataClass.Add(login);
}
public static dbo_LoginHistoryClass Select_Record(dbo_LoginHistoryClass clsdbo_LoginHistoryPara)
{
dbo_LoginHistoryClass clsdbo_LoginHistory = new dbo_LoginHistoryClass();
SqlConnection connection = SAMDataClass.GetConnection();
string selectProcedure = "[dbo].[LoginHistorySelect]";
SqlCommand selectCommand = new SqlCommand(selectProcedure, connection);
selectCommand.CommandType = CommandType.StoredProcedure;
selectCommand.Parameters.AddWithValue("@User_ID", clsdbo_LoginHistoryPara.User_ID);
try
{
connection.Open();
SqlDataReader reader
= selectCommand.ExecuteReader(CommandBehavior.SingleRow);
if (reader.Read())
{
clsdbo_LoginHistory.User_ID = reader["User_ID"] is DBNull ? null : reader["User_ID"].ToString();
clsdbo_LoginHistory.Login_Time = reader["Login_Time"] is DBNull ? null : (DateTime?)reader["Login_Time"];
clsdbo_LoginHistory.Status = reader["Status"] is DBNull ? null : reader["Status"].ToString();
}
else
{
clsdbo_LoginHistory = null;
}
reader.Close();
}
catch (SqlException ex)
{
logger.Error(ex.Message);
return(clsdbo_LoginHistory);
}
finally
{
connection.Close();
}
return(clsdbo_LoginHistory);
}
protected void btnLogin_Click(object sender, EventArgs e)
{
logger.Info(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType.ToString() + " " + System.Reflection.MethodBase.GetCurrentMethod().Name);
try
{
if (Session["LOGIN_USER_ID"] != null)
{
Session.Remove("LOGIN_USER_ID");
}
List <dbo_LoginHistoryClass> item = dbo_LoginHistoryDataClass.Search(txtUser.Text);
logger.Info("item.Count " + item.Count);
//if (item.Count >= 3)
if (item.Count >= 5)
{
item.OrderByDescending(f => f.Login_Time);
TimeSpan?result = DateTime.Now - item[0].Login_Time;
// int hours = result.Hours;
int minutes = result.Value.Minutes;
//if (minutes >= 10)
if (minutes >= 1)
{
dbo_LoginHistoryClass login = new dbo_LoginHistoryClass();
login.Status = "Invalid Password(reset)";
login.User_ID = txtUser.Text;
dbo_LoginHistoryDataClass.Update(login);
login.Status = "reset";
login.Login_Time = DateTime.Now;
dbo_LoginHistoryDataClass.Add(login);
}
else
{
//Show("Lockout effective period 10 minutes");
Show("Lockout effective period 1 minutes");
return;
}
}
string Username = string.Empty;
string Password = string.Empty;
Username = txtUser.Text;
Password = txtPassword.Text;
logger.Info("Username " + Username + " Password " + Password);
dbo_UserClass user_class = dbo_UserDataClass.VerifyPassword(Username, Password);
int days = 0;
if (user_class != null)
{
if (user_class.Status == "Active")
{
List <dbo_PasswordHistoryClass> history = dbo_PasswordHistoryDataClass.Search(user_class.Username).OrderBy(f => f.Last_Password_Change_Or_Reset).ToList();
if (history.Count < 1)
{
dbo_PasswordHistoryClass password = new dbo_PasswordHistoryClass();
password.Last_Password_Change_Or_Reset = DateTime.Now;
password.Password = Password;
password.User_ID = Username;
dbo_PasswordHistoryDataClass.Add(password);
}
logger.Info("history.Count " + history.Count);
if (history.Count != 0)
{
DateTime?his_date = history[history.Count - 1].Last_Password_Change_Or_Reset;
TimeSpan?result_ = DateTime.Now - his_date;
days = result_.Value.Days;
logger.Info("days " + days);
}
else
{
days = 0;
}
//TimeSpan? result_ = DateTime.Now - his_date;
//int days = result_.Value.Days;
int cal_expire = 90 - days;
if (cal_expire <= 0)
{
// Show("รหัสผ่านของท่านหมดอายุ");
ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM",
"alert('รหัสผ่านของท่านหมดอายุ');window.location.href='ForgotPassword.aspx'", true);
}
Request.Cookies.Remove("User_ID");
if (Request.Cookies["User_ID"] != null && !string.IsNullOrEmpty(Request.Cookies["User_ID"].Value))
{
Response.Cookies.Set(Request.Cookies["User_ID"]);
}
else
{
Response.Cookies.Set(new HttpCookie("User_ID", user_class.User_ID));
}
Response.Cookies["User_ID"].Expires = DateTime.Now.AddDays(1);
dbo_LoginHistoryClass login = new dbo_LoginHistoryClass();
login.Status = "Invalid Password(reset)";
login.User_ID = txtUser.Text;
dbo_LoginHistoryDataClass.Update(login);
//login.User_ID = txtUser.Text;
login.Status = "Success";
login.Login_Time = DateTime.Now;
dbo_LoginHistoryDataClass.Add(login);
if (cal_expire <= 15)
{
// Show(string.Format("รหัสผ่านจะหมดอายุภายใน {0} วัน กรุณาเปลี่ยนรหัสผ่านใหม่ก่อนวันหมดอายุ", cal_expire));
// string script = string.Format("window.location.href='Views/Home.aspx'", "");
//==========================Old=====================================
//string baseurl = GetBaseUrl();
//string url = string.Format("{0}changepwd?username={1}", baseurl, Username);
//ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM",
// "alert('รหัสผ่านจะหมดอายุภายใน " + cal_expire.ToString() + " วัน กรุณาเปลี่ยนรหัสผ่านใหม่ก่อนวันหมดอายุ');window.location.href='Views/Home.aspx'", true);
Session["LOGIN_USER_ID"] = user_class.User_ID;
string baseurl = GetBaseUrl();
string url = string.Format("{0}Views/Home.aspx", baseurl);
ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM",
"alert('รหัสผ่านจะหมดอายุภายใน " + cal_expire.ToString() + " วัน กรุณาเปลี่ยนรหัสผ่านใหม่ก่อนวันหมดอายุ');window.location.href='Views/Home.aspx'", true);
//ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM",
// "alert('รหัสผ่านจะหมดอายุภายใน " + cal_expire.ToString() + " วัน กรุณาเปลี่ยนรหัสผ่านใหม่ก่อนวันหมดอายุ');window.location.href='" + url + "'", true);
}
else
{
Session["LOGIN_USER_ID"] = user_class.User_ID;
Response.Redirect("Views/Home.aspx");
}
}
else
{
Show("ชื่อผู้ใช้งานหรือรหัสผ่านไม่ถูกต้อง กรุณาตรวจสอบข้อมูลอีกครั้ง");
}
}
else
{
Show("ชื่อผู้ใช้งานหรือรหัสผ่านไม่ถูกต้อง กรุณาตรวจสอบข้อมูลอีกครั้ง");
dbo_LoginHistoryClass login = new dbo_LoginHistoryClass();
login.User_ID = txtUser.Text;
login.Status = "Invalid Password";
login.Login_Time = DateTime.Now;
dbo_LoginHistoryDataClass.Add(login);
}
}
catch (Exception ex)
{
logger.Error(ex.Message);
}
}
protected void btnOK_Click(object sender, EventArgs e)
{
try
{
Regex r = new Regex("^(?=.*[a-zA-Z])(?=.*[0-9])");
List <dbo_PasswordHistoryClass> item = dbo_PasswordHistoryDataClass.Search(txtUserName.Value);
dbo_PasswordHistoryClass pass = item.OrderByDescending(f => f.Last_Password_Change_Or_Reset).Take(3).FirstOrDefault(f => f.Password == txtNewPassword.Text);
if (txtNewPassword.Text != txtConfirmPassword.Text)
{
System.Threading.Thread.Sleep(500);
ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true);
Show("รหัสผ่านไม่ตรงกับยืนยันรหัสผ่าน");
//string script = @"swal(""กรุณาระบุรหัสผ่านอีกครั้ง"");";
//ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", script, true);
}
else if (txtNewPassword.Text.Length < 8)
{
System.Threading.Thread.Sleep(500);
ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true);
Show("รหัสผ่านควรมีอย่างน้อย 8 ตัวอักษร");
}
else if (!r.IsMatch(txtNewPassword.Text))
{
System.Threading.Thread.Sleep(500);
ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true);
Show("รหัสผ่านควรประกอบด้วยตัวเลขและตัวอักษร");
}
else if (pass != null)
{
System.Threading.Thread.Sleep(500);
ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true);
Show("รหัสผ่านต้องไม่ซ้ำกันกับ 3 ครั้งที่ผ่านมา");
}
else
{
// Page.Validate("ValidatePassword");
//if (Page.IsValid)
//{
string Username = string.Empty;
string Password = string.Empty;
Username = CommonDataClass.User_ID;
Password = txtConfirmPassword.Text;
//dbo_UserClass user_class = dbo_UserDataClass.VerifyPassword(Username, Password);
//if (user_class != null)
//{
dbo_UserClass oclsdbo_User = new dbo_UserClass();
//dbo_UserClass clsdbo_User = new dbo_UserClass();
//oclsdbo_User.User_ID = txtUserName.Value;
List <dbo_UserClass> users = dbo_UserDataClass.Search(string.Empty, string.Empty, string.Empty, string.Empty
, string.Empty, string.Empty, string.Empty, string.Empty, null, txtUserName.Value, string.Empty);
if (users.Count > 0)
{
oclsdbo_User = users[0];
//dbo_UserDataClass.Select_Record(CommonDataClass.User_ID);
oclsdbo_User.Password = txtConfirmPassword.Text;
string User_ID = HttpContext.Current.Request.Cookies["User_ID"].Value;
bool success = false;
success = dbo_UserDataClass.UpdatePassword(oclsdbo_User, User_ID);
if (success)
{
System.Threading.Thread.Sleep(500);
ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true);
Show("เปลี่ยนรหัสผ่านสำเร็จ");
dbo_PasswordHistoryClass password = new dbo_PasswordHistoryClass();
password.Last_Password_Change_Or_Reset = DateTime.Now;
password.Password = txtNewPassword.Text;
password.User_ID = txtUserName.Value;
dbo_PasswordHistoryDataClass.Add(password);
Request.Cookies.Remove("User_ID");
if (Request.Cookies["User_ID"] != null && !string.IsNullOrEmpty(Request.Cookies["User_ID"].Value))
{
// Response.Cookies.Remove();
Response.Cookies.Set(Request.Cookies["User_ID"]);
}
else
{
Response.Cookies.Set(new HttpCookie("User_ID", oclsdbo_User.User_ID));
}
Response.Cookies["User_ID"].Expires = DateTime.Now.AddDays(1);
dbo_LoginHistoryClass login = new dbo_LoginHistoryClass();
login.User_ID = oclsdbo_User.User_ID;
login.Status = "Success";
login.Login_Time = DateTime.Now;
dbo_LoginHistoryDataClass.Add(login);
//Response.Redirect("~/Views/Home.aspx");
//string script = @"swal(""เปลี่ยนรหัสผ่านสำเร็จ"");";
//ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", script, true);
}
}
else
{
System.Threading.Thread.Sleep(500);
ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAMWAIT", "myApp.hidePleaseWait();", true);
Show("ไม่พบชื่อผู้ใช้ในระบบ");
}
//UpdateRecord();
//}
//else
//{
// Show("กรุณาตรวจสอบชื่อผู้ใช้งานและรหัสผ่านอีกครั้ง");
// //string script = @"swal(""กรุณาตรวจสอบชื่อผู้ใช้งานและรหัสผ่านอีกครั้ง."");";
// //ScriptManager.RegisterStartupScript(this.Page, Page.GetType(), "SAM", script, true);
//}
//}
//else
//{
// Show("กรุณาตรวจสอบรหัสผ่านอีกครั้ง");
//}
}
}
catch (Exception ex)
{
logger.Error(ex.Message);
}
}
