private bool IsValidCredential(UserInfo uinfo) { bool IsValid = false; if (uinfo.Password == hdnPassword.Value) { string clientMD5 = txtPassword.Text.Trim(); string serverMD5 = MD5HASH.GetMD5HashCode(uinfo.UserName + "#" + uinfo.Password + "#" + Session["CaptchaImageText"].ToString().ToLower()); if (!string.IsNullOrEmpty(serverMD5)) { IsValid = serverMD5.Equals(clientMD5); IsValid = true; } else { RemovedLoggedUser(); lblMessageDisplay.Text = "Invalid User name and password! Please Try Again"; } } if (IsValid == true) { return(true); } else { return(false); } }
protected void btnSubmit_Click(object sender, EventArgs e) { try { lblMessageDisplay.Text = ""; string captchaString = Session["CaptchaImageText"].ToString(); if (!string.IsNullOrEmpty(txtUserName.Text) && !string.IsNullOrEmpty(txtEmail.Text)) { lblMessageDisplay.Text = "Please enter either Username or Email at a time."; //Please enter Valid Username or Email Address...!"; return; } if (!string.IsNullOrEmpty(txtEmail.Text)) { //lblMessageDisplay.Text = "Please enter Valid Username or Email Address...!"; txtEmail.Attributes.Add("email", "1"); // return; } DataSet ds = new DataSet(); if (txtUserName.Text.Trim() == "" && txtEmail.Text.Trim() == "") { lblMessageDisplay.Text = "Please enter Valid Username or Email Address...!"; } else if (!captchaString.Equals(txtCaptcha.Text)) { txtCaptcha.Text = ""; lblMessageDisplay.Text = "Code entered does not match, please try again !"; return; } else if (txtUserName.Text.Trim() != "") { // If user has entered username while making a request of new password. (Zahir) ds = AuthoProvider.IsUserExists(txtUserName.Text); } else { // If user has entered Email while making a request of new password. (Zahir) ds = AuthoProvider.IsUserExists(txtEmail.Text.Trim()); } if (ds.IsValid()) { DataRow dr = ds.Tables[0].Rows[0]; CommonClass cRandom = new CommonClass(); string pwd = cRandom.RandomPassword(8); // Generating the new random password. (Zahir) bool ifSuccess = cRandom.SendMail(pwd, Convert.ToString(dr["Email"])); // Sending new password to user on its registered email address. (Zahir) if (ifSuccess) { // after email is sent successfull the new generated password is encrypted and stored in the database. (Zahir) pwd = MD5HASH.GetMD5HashCode(pwd); AuthoProvider.UpdateTemporaryPassword(Convert.ToString(dr["UserName"]), pwd, "F"); lblMessageDisplay.Text = "Your new Temporary Password is being sent to your Email, Please Check your Email...!"; Session["CaptchaImageText"] = null; UserBAL.Instance.InsertAuditTrailDetail("Temporary Password has sent to registered Email", "Forgot Password"); } else { lblMessageDisplay.Text = "Error Occured while sending Email...!"; } } else { lblMessageDisplay.Text = "Please enter Valid Username or Email Address...!"; } } catch (Exception ex) { LogHandler.LogFatal((ex.InnerException != null ? ex.InnerException.Message : ex.Message), ex, this.GetType()); Response.RedirectPermanent("~/ErrorPage.aspx", false); } }
protected void btnLogin_Click(object sender, EventArgs e) { Application["LoggedInUsers"] = null; try { if (!IsLogedIn(txtUserName.Text.Trim())) { return; } MD5HASH.Encryptdata(txtPassword.Text); if (Session["CaptchaImageText"] != null) { string captchaString = Session["CaptchaImageText"].ToString(); string hiddenPassword = hdnPassword.Value; string mixedPassword = AESEncrytDecry.DecryptStringAES(hiddenPassword); string[] mixedValue = mixedPassword.Split('#'); string codeNumber = mixedValue[1]; hdnPassword.Value = mixedValue[0]; if (!captchaString.Equals(codeNumber)) { RemovedLoggedUser(); txtCaptcha.Text = ""; lblMessageDisplay.Text = "Code entered does not match, please try again !"; return; } else { DataSet ds = AuthoProvider.IsUserLocked(txtUserName.Text); // We are checking whether User is Locked from login or Not. (Zahir) if (ds.IsValid()) // If any unsuccessfull login entry is found then dataset will contain rows for that particular user. (Zahir) { DataRow dr = ds.Tables[0].Rows[0]; int idLocked = Convert.ToInt16(dr[DataBaseFields.IsLocked]); double totalSeconds = 0; double seconds = 900; if (idLocked > 0) // If IdLocked is 1 then User is not allowed to Login. (Zahir) { totalSeconds = (DateTime.Now - Convert.ToDateTime(dr[DataBaseFields.lock_time])).TotalSeconds; if (totalSeconds <= seconds) { RemovedLoggedUser(); lblMessageDisplay.Text = "Your Id is being Locked, Please try after " + Math.Round((seconds - totalSeconds) / 60) + " Mins...!"; return; } else { // If the lock Time is passed then the entries is deleted for that particular user. (Zahir) int n = AuthoProvider.DeleteLoginErrorInfo(txtUserName.Text); checkAuthentication(); // call the function for redirecting user after checking username and password. (Zahir) } } else { checkAuthentication(); } } else { checkAuthentication(); } } } else { lblMessageDisplay.Text = "Session has been expired Please refresh page"; RemovedLoggedUser(); } } catch (Exception ex) { RemovedLoggedUser(); LogHandler.LogFatal((ex.InnerException != null ? ex.InnerException.Message : ex.Message), ex, this.GetType()); Response.RedirectPermanent("~/ErrorPage.aspx", false); } }