protected void btnSubmit_Click(object sender, EventArgs e) { // Verify user input. if (!Utilities.IsEmailValid(txtEmail.Text)) { lblErrMsg.Visible = true; lblErrMsg.Text = HttpContext.GetLocalResourceObject("~/Login.aspx", "ErrorInvalidEmail").ToString(); return; } if (!Utilities.IsPasswordValid(txtPwd1.Text)) { lblErrMsg.Visible = true; lblErrMsg.Text = HttpContext.GetLocalResourceObject("~/Profile.aspx", "ErrorInvalidPwd").ToString(); return; } if (txtPwd1.Text != txtPwd2.Text) { lblErrMsg.Visible = true; lblErrMsg.Text = HttpContext.GetLocalResourceObject("~/Profile.aspx", "ErrorPwdNoMatch").ToString(); return; } if (txtAccessCode.Text == "") { lblErrMsg.Visible = true; lblErrMsg.Text = GetLocalResourceObject("ErrorInvalidAccessCode").ToString(); return; } //if (txtCompanyCode.Text == "") //{ // lblErrMsg.Visible = true; // lblErrMsg.Text = HttpContext.GetLocalResourceObject("~/Login.aspx", "ErrorInvalidCompany").ToString(); // return; //} ClientSetting cs = ClientSettings.Get("astellas"); //txtCompanyCode.Text if (cs == null) { lblErrMsg.Visible = true; lblErrMsg.Text = HttpContext.GetLocalResourceObject("~/Login.aspx", "ErrorInvalidCompany").ToString(); return; } else { if (!cs.Enabled) { lblErrMsg.Visible = true; lblErrMsg.Text = HttpContext.GetLocalResourceObject("~/Login.aspx", "ErrorDisabledCompany").ToString(); return; } } //initialize connection string LmsUser.DBConnString = cs.EntityConnStr; // check lms_Entities db = new ClientDBEntities(); User_Info_Result userInfo = db.User_Info(txtEmail.Text.Trim()).FirstOrDefault(); if (userInfo == null) { lblErrMsg.Visible = true; lblErrMsg.Text = HttpContext.GetLocalResourceObject("~/Login.aspx", "ErrorUnknownEmail").ToString(); //"Error: Your email is not registered in the system."; } else { // user exists if (userInfo.activationCode == txtAccessCode.Text.Trim()) { // activate the user's account. User usr = db.Users.Where(u => u.userId == userInfo.userId).FirstOrDefault(); usr.enabled = true; usr.password = txtPwd1.Text.Trim(); db.SaveChanges(); // set session items. LmsUser.SetInfo(userInfo.userId, userInfo.firstName, userInfo.lastName, userInfo.role, cs.Name, cs.AssetsFolder); // write the session data to the log. Log.Info("User: "******" account verified. Logging in for the 1st time."); FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, false); } else { lblErrMsg.Visible = true; lblErrMsg.Text = GetLocalResourceObject("ErrorInvalidAccessCode").ToString(); } } }
protected void btnSubmit_Click(object sender, EventArgs e) { string email = Email.Text.Trim(); if (!Utilities.IsEmailValid(email)) { ErrorMsg.Visible = true; ErrorMsg.Text = GetLocalResourceObject("ErrorInvalidEmail").ToString(); return; } //if (CompanyCode.Text.Trim()=="") //{ // ErrorMsg.Visible = true; // ErrorMsg.Text = GetLocalResourceObject("ErrorNoCompany").ToString(); // return; //} //------------------------------------------------- //check company code - must have a valid company ID //------------------------------------------------- ClientSetting cs = ClientSettings.Get("astellas"); if (cs == null) { ErrorMsg.Visible = true; ErrorMsg.Text = GetLocalResourceObject("ErrorInvalidCompany").ToString(); return; } else { if (cs.Enabled) { //initialize user's unique connection string (company database) //this should be done 1st before any db-specific call LmsUser.DBConnString = cs.EntityConnStr; } else { ErrorMsg.Visible = true; ErrorMsg.Text = GetLocalResourceObject("ErrorDisabledCompany").ToString(); return; } } lms_Entities db = new ClientDBEntities(); User_Info_Result userInfo = db.User_Info(email).FirstOrDefault(); if (userInfo == null) { //no email record found ErrorMsg.Visible = true; ErrorMsg.Text = GetLocalResourceObject("ErrorUnknownEmail").ToString(); Log.Info("Login:\"" + email + "\" invalid email address."); } else { //------------------------------------------------- // ALL USERS must have an activation code, ie. they // have to setup their new personal password //------------------------------------------------- if (string.IsNullOrEmpty(userInfo.activationCode)) { // Redirect the user to the access code page. Response.Redirect("AccessCode.aspx?e=" + email + "&c=1"); } else { // user has an activation code, check if enabled if (userInfo.enabled) { //user is enabled... check password if (userInfo.password == Pwd.Text) { //password is good.. log user in LmsUser.SetInfo(userInfo.userId, userInfo.firstName, userInfo.lastName, userInfo.role, cs.Name, cs.AssetsFolder); // Write the session data to the log. Log.Info(email + " has logged in. (SessionID=" + Session.SessionID + ")"); FormsAuthentication.RedirectFromLoginPage(email, false); } else { ErrorMsg.Visible = true; ErrorMsg.Text = GetLocalResourceObject("ErrorInvalidPwd").ToString(); Log.Info("Login:\"" + email + "\" entered an incorrect password."); } } else { //user account is disabled, so no access given ErrorMsg.Visible = true; ErrorMsg.Text = GetLocalResourceObject("ErrorDisabledAcct").ToString(); Log.Info("Login:\"" + email + "\" account is disabled."); } } } }