private bool IsValidCredential(UserInfo uinfo)
{
bool IsValid = false;
if (uinfo.Password == hdnPassword.Value)
{
string clientMD5 = txtPassword.Text.Trim();
string serverMD5 = MD5HASH.GetMD5HashCode(uinfo.UserName + "#" + uinfo.Password + "#" + Session["CaptchaImageText"].ToString().ToLower());
if (!string.IsNullOrEmpty(serverMD5))
{
IsValid = serverMD5.Equals(clientMD5);
IsValid = true;
}
else
{
RemovedLoggedUser();
lblMessageDisplay.Text = "Invalid User name and password! Please Try Again";
}
}
if (IsValid == true)
{
return(true);
}
else
{
return(false);
}
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
try
{
lblMessageDisplay.Text = "";
string captchaString = Session["CaptchaImageText"].ToString();
if (!string.IsNullOrEmpty(txtUserName.Text) && !string.IsNullOrEmpty(txtEmail.Text))
{
lblMessageDisplay.Text = "Please enter either Username or Email at a time.";
//Please enter Valid Username or Email Address...!";
return;
}
if (!string.IsNullOrEmpty(txtEmail.Text))
{
//lblMessageDisplay.Text = "Please enter Valid Username or Email Address...!";
txtEmail.Attributes.Add("email", "1");
// return;
}
DataSet ds = new DataSet();
if (txtUserName.Text.Trim() == "" && txtEmail.Text.Trim() == "")
{
lblMessageDisplay.Text = "Please enter Valid Username or Email Address...!";
}
else if (!captchaString.Equals(txtCaptcha.Text))
{
txtCaptcha.Text = "";
lblMessageDisplay.Text = "Code entered does not match, please try again !";
return;
}
else if (txtUserName.Text.Trim() != "")
{
// If user has entered username while making a request of new password. (Zahir)
ds = AuthoProvider.IsUserExists(txtUserName.Text);
}
else
{
// If user has entered Email while making a request of new password. (Zahir)
ds = AuthoProvider.IsUserExists(txtEmail.Text.Trim());
}
if (ds.IsValid())
{
DataRow dr = ds.Tables[0].Rows[0];
CommonClass cRandom = new CommonClass();
string pwd = cRandom.RandomPassword(8); // Generating the new random password. (Zahir)
bool ifSuccess = cRandom.SendMail(pwd, Convert.ToString(dr["Email"])); // Sending new password to user on its registered email address. (Zahir)
if (ifSuccess)
{
// after email is sent successfull the new generated password is encrypted and stored in the database. (Zahir)
pwd = MD5HASH.GetMD5HashCode(pwd);
AuthoProvider.UpdateTemporaryPassword(Convert.ToString(dr["UserName"]), pwd, "F");
lblMessageDisplay.Text = "Your new Temporary Password is being sent to your Email, Please Check your Email...!";
Session["CaptchaImageText"] = null;
UserBAL.Instance.InsertAuditTrailDetail("Temporary Password has sent to registered Email", "Forgot Password");
}
else
{
lblMessageDisplay.Text = "Error Occured while sending Email...!";
}
}
else
{
lblMessageDisplay.Text = "Please enter Valid Username or Email Address...!";
}
}
catch (Exception ex)
{
LogHandler.LogFatal((ex.InnerException != null ? ex.InnerException.Message : ex.Message), ex, this.GetType());
Response.RedirectPermanent("~/ErrorPage.aspx", false);
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
Application["LoggedInUsers"] = null;
try
{
if (!IsLogedIn(txtUserName.Text.Trim()))
{
return;
}
MD5HASH.Encryptdata(txtPassword.Text);
if (Session["CaptchaImageText"] != null)
{
string captchaString = Session["CaptchaImageText"].ToString();
string hiddenPassword = hdnPassword.Value;
string mixedPassword = AESEncrytDecry.DecryptStringAES(hiddenPassword);
string[] mixedValue = mixedPassword.Split('#');
string codeNumber = mixedValue[1];
hdnPassword.Value = mixedValue[0];
if (!captchaString.Equals(codeNumber))
{
RemovedLoggedUser();
txtCaptcha.Text = "";
lblMessageDisplay.Text = "Code entered does not match, please try again !";
return;
}
else
{
DataSet ds = AuthoProvider.IsUserLocked(txtUserName.Text); // We are checking whether User is Locked from login or Not. (Zahir)
if (ds.IsValid()) // If any unsuccessfull login entry is found then dataset will contain rows for that particular user. (Zahir)
{
DataRow dr = ds.Tables[0].Rows[0];
int idLocked = Convert.ToInt16(dr[DataBaseFields.IsLocked]);
double totalSeconds = 0;
double seconds = 900;
if (idLocked > 0) // If IdLocked is 1 then User is not allowed to Login. (Zahir)
{
totalSeconds = (DateTime.Now - Convert.ToDateTime(dr[DataBaseFields.lock_time])).TotalSeconds;
if (totalSeconds <= seconds)
{
RemovedLoggedUser();
lblMessageDisplay.Text = "Your Id is being Locked, Please try after " + Math.Round((seconds - totalSeconds) / 60) + " Mins...!";
return;
}
else
{
// If the lock Time is passed then the entries is deleted for that particular user. (Zahir)
int n = AuthoProvider.DeleteLoginErrorInfo(txtUserName.Text);
checkAuthentication(); // call the function for redirecting user after checking username and password. (Zahir)
}
}
else
{
checkAuthentication();
}
}
else
{
checkAuthentication();
}
}
}
else
{
lblMessageDisplay.Text = "Session has been expired Please refresh page";
RemovedLoggedUser();
}
}
catch (Exception ex)
{
RemovedLoggedUser();
LogHandler.LogFatal((ex.InnerException != null ? ex.InnerException.Message : ex.Message), ex, this.GetType());
Response.RedirectPermanent("~/ErrorPage.aspx", false);
}
}
