protected void btnLogin_Click(object sender, EventArgs e) { this.lblError.Text = string.Empty; this.lblError.Visible = false; this.btnResendValidationEmail.Visible = false; this.txtEmail.CssClass = this.txtEmail.CssClass.Replace("has-error", ""); this.txtPassword.CssClass = this.txtPassword.CssClass.Replace("has-error", ""); this.fgtxtEmail.CssClass = this.fgtxtEmail.CssClass.Replace("has-error", ""); this.fgtxtPassword.CssClass = this.fgtxtPassword.CssClass.Replace("has-error", ""); if (string.IsNullOrEmpty(this.txtEmail.Text.ToString())) { this.lblError.Text = "Please enter your email address"; this.lblError.Visible = true; this.fgtxtEmail.CssClass = this.fgtxtEmail.CssClass.Replace("form-group", "form-group has-error"); return; } if (string.IsNullOrEmpty(this.txtPassword.Text.ToString())) { this.lblError.Text = "Please enter your password"; this.lblError.Visible = true; this.fgtxtPassword.CssClass = this.fgtxtPassword.CssClass.Replace("form-group", "form-group has-error"); return; } string IPAddress = ""; try { IPAddress = GetIPAddress(); } catch { } string sql = "SELECT * FROM app_user WHERE emailaddress = @email AND userpassword = crypt(@password, userpassword);"; var paramList = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("email", this.txtEmail.Text), new KeyValuePair <string, string>("password", this.txtPassword.Text) }; DataSet ds = DataServices.DataSetFromSQL(sql, paramList); DataTable dt = ds.Tables[0]; if (dt.Rows.Count > 0) { //Valid User Session["UserDetailsSxn"] = dt; //Record Login string userid = "0"; try { userid = dt.Rows[0]["userid"].ToString(); } catch { } Session["userID"] = userid; string emailconfirmed = "False"; try { emailconfirmed = dt.Rows[0]["emailconfirmed"].ToString(); } catch { } string userFullName = ""; try { userFullName = dt.Rows[0]["firstname"].ToString() + " " + dt.Rows[0]["lastname"].ToString(); } catch { } Session["userFullName"] = userFullName; string userType = ""; try { userType = dt.Rows[0]["usertype"].ToString(); } catch { //Response.Redirect("Login.aspx"); } Session["userType"] = userType; string matchedclinicianid = ""; try { matchedclinicianid = dt.Rows[0]["matchedclinicianid"].ToString(); } catch { //Response.Redirect("Login.aspx"); } Session["matchedclinicianid"] = matchedclinicianid; this.hdnEmail.Value = this.txtEmail.Text; if (emailconfirmed == "False") { this.lblError.Text = "Your account has been created but you have not confirmed your email address yet.<br /><br />Please check your spam folder for the email containing the link to confirm your account"; this.btnResendValidationEmail.Visible = true; this.lblError.Visible = true; return; } string isauthorised = "False"; try { isauthorised = dt.Rows[0]["isauthorised"].ToString(); } catch { } if (isauthorised == "False") { this.lblError.Text = "Your account hasnot been authorised yet"; this.lblError.Visible = true; return; } sql = "INSERT INTO loginhistory (userid, emailaddress, ipaddress) VALUES (CAST(@userid AS INT), @emailaddress, @ipaddress);"; var paramListHistory = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("userid", userid), new KeyValuePair <string, string>("emailaddress", this.txtEmail.Text), new KeyValuePair <string, string>("ipaddress", IPAddress) }; DataServices.executeSQLStatement(sql, paramListHistory); Response.Redirect(this.lblRedirect.Text); } else { //Invalid User sql = "INSERT INTO failedlogin(emailaddress, ipaddress) VALUES ( @emailaddress, @ipaddress); "; var paramListFail = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("emailaddress", this.txtEmail.Text), new KeyValuePair <string, string>("ipaddress", IPAddress) }; DataServices.executeSQLStatement(sql, paramListFail); this.lblError.Text = "Invalid Username or Password"; this.lblError.Visible = true; } }
protected void btnRegister_Click(object sender, EventArgs e) { string haserr = "form-group has-error"; string noerr = "form-group"; this.lblError.Text = string.Empty; this.lblError.Visible = false; this.fgEmail.CssClass = noerr; this.fgPassword.CssClass = noerr; this.fgEmail.CssClass = noerr; this.fgPassword.CssClass = noerr; this.fgConfirmPassword.CssClass = noerr; this.fgMatchedOrganisation.CssClass = noerr; this.fgMatchedClinician.CssClass = noerr; this.fgFirstName.CssClass = noerr; this.fgLastName.CssClass = noerr; this.fgDOB.CssClass = noerr; this.fgTnCs.CssClass = noerr; if (this.ddlMatchedOrganisation.SelectedIndex == 0) { this.lblError.Text = "Please select an organisation"; this.lblError.Visible = true; this.fgMatchedOrganisation.CssClass = haserr; return; } if (this.ddlMatchedClinician.SelectedIndex == 0) { this.lblError.Text = "Please select a clinician"; this.lblError.Visible = true; this.fgMatchedClinician.CssClass = haserr; return; } if (string.IsNullOrEmpty(this.txtFirstName.Text.ToString())) { this.lblError.Text = "Please enter your first name"; this.lblError.Visible = true; this.fgFirstName.CssClass = haserr; return; } if (string.IsNullOrEmpty(this.txtLastName.Text.ToString())) { this.lblError.Text = "Please enter your last name"; this.lblError.Visible = true; this.fgLastName.CssClass = haserr; return; } if (string.IsNullOrEmpty(this.txtDOB.Text.ToString())) { this.lblError.Text = "Please enter your date of birth"; this.lblError.Visible = true; this.fgDOB.CssClass = haserr; return; } else { DateTime DTm; try { DTm = Convert.ToDateTime(this.txtDOB.Text); } catch { this.lblError.Text = "Please enter your date of birth in the format dd/mm/yyyy"; this.lblError.Visible = true; this.fgDOB.CssClass = haserr; return; } } if (string.IsNullOrEmpty(this.txtRegistrationEmail.Text.ToString())) { this.lblError.Text = "Please enter your email address"; this.lblError.Visible = true; this.fgEmail.CssClass = haserr; return; } if (CheckEmailAddress() == 1) { this.lblError.Text = "This email address has already been registered"; this.lblError.Visible = true; this.fgEmail.CssClass = haserr; return; } if (string.IsNullOrEmpty(this.txtRegistrationPassword.Text.ToString())) { this.lblError.Text = "Please enter a password"; this.lblError.Visible = true; this.fgPassword.CssClass = haserr; return; } if (string.IsNullOrEmpty(this.txtConfirmPassword.Text.ToString())) { this.lblError.Text = "Please confirm your password"; this.lblError.Visible = true; this.fgConfirmPassword.CssClass = haserr; return; } if (this.txtRegistrationPassword.Text != this.txtConfirmPassword.Text) { this.lblError.Text = "Passwords do not match"; this.lblError.Visible = true; this.fgConfirmPassword.CssClass = haserr; this.fgPassword.CssClass = haserr; return; } if (!this.chkAcceptTnCs.Checked) { this.lblError.Text = "Please accept the terms and conditions"; this.lblError.Visible = true; this.fgTnCs.CssClass = haserr; return; } string sql = "INSERT INTO app_user(usertype, userpassword, matchedorganisationid, matchedclinicianid, nhsnumber, emailaddress, firstname, lastname, dateofbirth, acceptedtermsandconditions)"; sql += " VALUES (@usertype, crypt(@userpassword, gen_salt('bf', 8)), CAST(@matchedorganisationid AS INT), CAST(@matchedclinicianid AS INT), @nhsnumber, @emailaddress, @firstname, @lastname, CAST(@dateofbirth AS date), CAST(@acceptedtermsandconditions AS BOOL))"; string acceptedtermsandconditions = "False"; if (this.chkAcceptTnCs.Checked) { acceptedtermsandconditions = "True"; } var paramListSave = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("usertype", this.ddlUserType.SelectedValue), new KeyValuePair <string, string>("userpassword", this.txtRegistrationPassword.Text), new KeyValuePair <string, string>("matchedorganisationid", this.ddlMatchedOrganisation.SelectedValue), new KeyValuePair <string, string>("matchedclinicianid", this.ddlMatchedClinician.SelectedValue), new KeyValuePair <string, string>("nhsnumber", this.txtNHSNo.Text), new KeyValuePair <string, string>("emailaddress", this.txtRegistrationEmail.Text), new KeyValuePair <string, string>("firstname", this.txtFirstName.Text), new KeyValuePair <string, string>("lastname", this.txtLastName.Text), new KeyValuePair <string, string>("dateofbirth", this.txtDOB.Text), new KeyValuePair <string, string>("acceptedtermsandconditions", acceptedtermsandconditions) }; DataServices.executeSQLStatement(sql, paramListSave); this.hdnEmail.Value = this.txtRegistrationEmail.Text; sendConfirmationEmail(); Response.Redirect("RegistrationThankYou.aspx?id=patient"); }
private void GetUserData(string id) { string sql = "SELECT * FROM app_user WHERE userid = CAST(@userid AS INT);"; var paramList = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("userid", id) }; DataSet ds = DataServices.DataSetFromSQL(sql, paramList); DataTable dt = ds.Tables[0]; if (dt.Rows.Count > 0) { string userFullName = dt.Rows[0]["firstname"].ToString() + " " + dt.Rows[0]["lastname"].ToString(); try { this.lblUserFullName.Text = userFullName.ToUpper(); } catch { } switch (Session["userType"].ToString().ToLower()) { case "patient": break; case "clinician": try { this.lblUniqueID.Text = dt.Rows[0]["nhsnumber"].ToString(); } catch { } break; case "super user": try { this.lblUniqueID.Text = dt.Rows[0]["nhsnumber"].ToString(); } catch { } break; } try { this.lblDoB.Text = dt.Rows[0]["dateofbirth"].ToString().Substring(0, 10);; } catch { } try { this.lblUserType.Text = dt.Rows[0]["usertype"].ToString(); } catch { } try { this.hdnEmail.Value = dt.Rows[0]["emailaddress"].ToString(); } catch { } try { this.hdnMatchedclinicianid.Value = dt.Rows[0]["matchedclinicianid"].ToString(); } catch { } string currentStatus = "Currently Unauthorised"; string currentStatusClass = "alert alert-info"; bool isAuthorised = false; try { isAuthorised = System.Convert.ToBoolean(dt.Rows[0]["isauthorised"].ToString()); } catch { } bool isRejected = false; try { isRejected = System.Convert.ToBoolean(dt.Rows[0]["isrejected"].ToString()); } catch { } if (isAuthorised) { currentStatus = "Currently Authorised"; currentStatusClass = "alert alert-success"; this.btnAuthorise.Visible = false; //this.btnReject.Visible = false; } if (isRejected) { currentStatus = "Currently Rejected"; currentStatusClass = "alert alert-danger"; this.btnReject.Visible = false; } this.lblCurrentStatus.Text = currentStatus; this.pnlCurrentStatus.CssClass = currentStatusClass; } }
public static int SendMail(string messageBody, string messageSubject, string emailTo, out string msg) { string emailhost = ""; string emailuser = ""; string emailpassword = ""; Int16 emailport = 0; bool emailusetls = false; string emailfromaddress = ""; string emailfromname = "Physical Health App"; string sql = "SELECT * FROM systemsetup WHERE systemsetupid = 1;"; DataSet ds = DataServices.DataSetFromSQL(sql, null); DataTable dt = ds.Tables[0]; if (dt.Rows.Count > 0) { try { emailhost = dt.Rows[0]["emailhost"].ToString(); } catch { } try { emailuser = dt.Rows[0]["emailuser"].ToString(); } catch { } try { emailpassword = dt.Rows[0]["emailpassword"].ToString(); } catch { } try { emailport = System.Convert.ToInt16(dt.Rows[0]["emailport"].ToString()); } catch { } try { emailusetls = System.Convert.ToBoolean(dt.Rows[0]["emailusetls"].ToString()); } catch { } try { emailfromaddress = dt.Rows[0]["emailfromaddress"].ToString(); } catch { } try { emailfromname = dt.Rows[0]["emailfromname"].ToString(); } catch { } } if (string.IsNullOrEmpty(emailhost)) { msg = "Email not configured"; return(0); } MailMessage Message = new MailMessage(); Message.Subject = messageSubject; Message.Body = messageBody; Message.From = new System.Net.Mail.MailAddress(emailfromaddress, emailfromname); Message.ReplyToList.Add(Message.From); Message.IsBodyHtml = true; Message.To.Add(new MailAddress(emailTo)); SmtpClient client = new SmtpClient(); client.Host = emailhost; client.Port = emailport; client.UseDefaultCredentials = true; client.DeliveryMethod = SmtpDeliveryMethod.Network; client.EnableSsl = emailusetls; client.Credentials = new NetworkCredential(emailuser, emailpassword); try { client.Send(Message); msg = "Email sent successfully"; return(1); } catch (Exception ex) { msg = "Problem with email account: " + ex.ToString(); return(0); } }
protected void btnRegister_Click(object sender, EventArgs e) { string haserr = "form-group has-error"; string noerr = "form-group"; this.lblError.Text = string.Empty; this.lblError.Visible = false; this.fgEmail.CssClass = noerr; this.fgPassword.CssClass = noerr; this.fgEmail.CssClass = noerr; this.fgPassword.CssClass = noerr; this.fgConfirmPassword.CssClass = noerr; this.fgMatchedOrganisation.CssClass = noerr; this.fgFirstName.CssClass = noerr; this.fgLastName.CssClass = noerr; this.fgGMCCode.CssClass = noerr; //if (this.ddlMatchedOrganisation.SelectedIndex == 0) //{ // this.lblError.Text = "Please select an organisation"; // this.lblError.Visible = true; // this.fgMatchedOrganisation.CssClass = haserr; // return; //} if (string.IsNullOrEmpty(this.txtFirstName.Text.ToString())) { this.lblError.Text = "Please enter your first name"; this.lblError.Visible = true; this.fgFirstName.CssClass = haserr; return; } if (string.IsNullOrEmpty(this.txtLastName.Text.ToString())) { this.lblError.Text = "Please enter your last name"; this.lblError.Visible = true; this.fgLastName.CssClass = haserr; return; } //if (string.IsNullOrEmpty(this.txtGMCCode.Text.ToString())) //{ // this.lblError.Text = "Please enter your GMC Number"; // this.lblError.Visible = true; // this.fgGMCCode.CssClass = haserr; // return; //} if (string.IsNullOrEmpty(this.txtRegistrationEmail.Text.ToString())) { this.lblError.Text = "Please enter your email address"; this.lblError.Visible = true; this.fgEmail.CssClass = haserr; return; } if (CheckEmailAddress() == 1) { this.lblError.Text = "This email address has already been registered"; this.lblError.Visible = true; this.fgEmail.CssClass = haserr; return; } if (string.IsNullOrEmpty(this.txtRegistrationPassword.Text.ToString())) { this.lblError.Text = "Please enter a password"; this.lblError.Visible = true; this.fgPassword.CssClass = haserr; return; } if (string.IsNullOrEmpty(this.txtConfirmPassword.Text.ToString())) { this.lblError.Text = "Please confirm your password"; this.lblError.Visible = true; this.fgConfirmPassword.CssClass = haserr; return; } if (this.txtRegistrationPassword.Text != this.txtConfirmPassword.Text) { this.lblError.Text = "Passwords do not match"; this.lblError.Visible = true; this.fgConfirmPassword.CssClass = haserr; this.fgPassword.CssClass = haserr; return; } string sql = "INSERT INTO app_user(usertype, userpassword, gmccode, matchedorganisationid, emailaddress, firstname, lastname, organisationid, isclinician, isactive, emailconfirmed, issysadmin, isauthorised)"; sql += " VALUES (@usertype, crypt(@userpassword, gen_salt('bf', 8)), @gmccode, CAST(@matchedorganisationid AS INT), @emailaddress, @firstname, @lastname, CAST(@organisationid AS INT), true, true, true, true, true)"; var paramListSave = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("usertype", this.ddlUserType.SelectedValue), new KeyValuePair <string, string>("userpassword", this.txtRegistrationPassword.Text), new KeyValuePair <string, string>("matchedorganisationid", this.ddlMatchedOrganisation.SelectedValue), new KeyValuePair <string, string>("organisationid", this.ddlMatchedOrganisation.SelectedValue), new KeyValuePair <string, string>("gmccode", this.txtGMCCode.Text), new KeyValuePair <string, string>("emailaddress", this.txtRegistrationEmail.Text), new KeyValuePair <string, string>("firstname", this.txtFirstName.Text), new KeyValuePair <string, string>("lastname", this.txtLastName.Text) }; DataServices.executeSQLStatement(sql, paramListSave); Response.Redirect("RegistrationThankYou.aspx?id=patient"); }
private void GetTestData(string id) { string sql = "SELECT * FROM app_test WHERE testid = CAST(@testid AS INT);"; var paramList = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("testid", id) }; DataSet ds = DataServices.DataSetFromSQL(sql, paramList); DataTable dt = ds.Tables[0]; if (dt.Rows.Count > 0) { string patientid = ""; try { patientid = dt.Rows[0]["patientid"].ToString(); this.hdnPatientID.Value = patientid; GetPatientData(patientid); } catch { } string testtypeid = ""; try { testtypeid = dt.Rows[0]["testtypeid"].ToString(); GetTestType(testtypeid); } catch { } try { this.lbltestnumericresult.Text = dt.Rows[0]["testnumericresult"].ToString(); } catch { } try { this.lblunitstext.Text = dt.Rows[0]["unitstext"].ToString(); } catch { } try { this.lbllowerreferencerange.Text = dt.Rows[0]["lowerreferencerange"].ToString(); } catch { } try { this.lblupperreferencerange.Text = dt.Rows[0]["upperreferencerange"].ToString(); } catch { } try { this.lblclinicianmessage.Text = dt.Rows[0]["clinicianmessage"].ToString(); } catch { } try { this.lblnexttestdate.Text = dt.Rows[0]["nexttestdate"].ToString().Substring(0, 10);; } catch { } } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { string id = ""; try { id = Request.QueryString["id"].ToString(); } catch { Response.Redirect("Default.aspx"); return; } this.hdnTestId.Value = id; GetTestData(id); //this.lblError.Visible = false; switch (Session["userType"].ToString().ToLower()) { case "patient": //Response.Redirect("Unauthorised.aspx"); //this.lblSummaryType.Text = "My Summary"; if (this.hdnPatientID.Value != Session["userID"].ToString()) { Response.Redirect("Unauthorised.aspx"); } else { //Update test to viewed by patient string sql = "UPDATE app_test SET patienthasviewed = true, patientvieweddate = NOW() WHERE testid = CAST(@testid AS INT) AND COALESCE(patienthasviewed, false) = false;"; var paramList = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("testid", id) }; DataServices.executeSQLStatement(sql, paramList); } break; case "clinician": //this.lblSummaryType.Text = "New Result"; if (Session["userID"].ToString() != this.hdnMatchedclinicianid.Value) { Response.Redirect("Unauthorised.aspx"); } break; case "super user": Response.Redirect("Unauthorised.aspx"); break; } this.hdnUserId.Value = Session["userID"].ToString(); } }