private void InsertInfo()
{
SqlConnection con = new SqlConnection(Login.GetConnectionString());
string MiddleName = "ddd";
string Country = "ksa";
string City = "Riyadh";
string state = "Riyadh";
string Sql = "insert into LH_User(FirstName,LastName,Password,Email,Mobile,Create_Date,Update_Date,UserName,MiddleName,Country,City,State,activationCode) values(@val1,@val2,@val3,@val4,@val5,@val6,@val7,@val8,'ddd','ksa','Riyadh','Riyadh',@activation)";
try
{
string activationCode = Guid.NewGuid().ToString();
if (txtUname.Text == "" || txtEmail.Value == "" || txtFname.Value == "" || txtLname.Value == "" || txtMobile.Text == "" || txtPswd.Text == "" || txtremail.Value == "" || txtrePswd.Text == "")
{
Response.Redirect("SignUp.aspx");
}
// string brecordexist = "Username already exist";
else
{
con.Open();
}
SqlCommand cmd = new SqlCommand(Sql, con);
cmd.Parameters.AddWithValue("@val1", txtFname.Value);
cmd.Parameters.AddWithValue("@val2", txtLname.Value);
cmd.Parameters.AddWithValue("@val3", txtPswd.Text);
cmd.Parameters.AddWithValue("@val4", txtEmail.Value);
cmd.Parameters.AddWithValue("@val5", txtMobile.Text);
cmd.Parameters.AddWithValue("@val6", DateTime.Now);
cmd.Parameters.AddWithValue("@val7", DateTime.Now);
cmd.Parameters.AddWithValue("@val8", txtUname.Text);
cmd.Parameters.AddWithValue("@activation", activationCode);
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
string baseUrl = Request.Url.Scheme + "://" + Request.Url.Authority +
Request.ApplicationPath.TrimEnd('/') + "/";
Login.sendEmail(txtEmail.Value, baseUrl + "activation.aspx?c=" + activationCode);
}
catch (Exception ex)
{
string msg = "Insert Error:";
msg += ex.Message;
throw new Exception(msg);
}
finally
{
con.Close();
Session["UserName"] = txtUname.Text;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Request.QueryString["c"] != null)
{
int id = -1;
string email = null;
string code = Request.QueryString["c"];
SqlConnection con = new SqlConnection(Login.GetConnectionString());
string query = "select id,Email from LH_User where activationCode = @code";
con.Open();
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.AddWithValue("@code", code);
SqlDataReader dr = cmd.ExecuteReader();
if (!dr.HasRows)
{
Response.Write("Activation Failed.");
}
else
{
while (dr.Read())
{
id = int.Parse(dr["id"].ToString());
email = dr["email"].ToString();
con.Close();
con.Open();
query = "update LH_user set active = 1 where id = @id";
cmd = new SqlCommand(query, con);
cmd.Parameters.AddWithValue("@id", id);
cmd.ExecuteReader();
con.Close();
break;
}
Login.sendEmail(email, "Account Activated.");
activationtxt.Visible = true;
error.Visible = false;
}
}
else
{
activationtxt.Visible = false;
error.Visible = true;
}
}
public static string doResetPassword(string password, int id, string email, string code)
{
SqlConnection con = new SqlConnection(Login.GetConnectionString());
try
{
SqlConnection con1 = new SqlConnection(Login.GetConnectionString());
string query1 = "select id,Email from LH_User where resetCode = @code";
con.Open();
SqlCommand cmd1 = new SqlCommand(query1, con1);
cmd1.Parameters.AddWithValue("@code", code);
SqlDataReader dr1 = cmd1.ExecuteReader();
if (!dr1.HasRows)
{
return("diffrent code");
}
string query = "update LH_User set Password = @password where id = @id";
con.Open();
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.AddWithValue("@id", id);
cmd.Parameters.AddWithValue("@password", password);
SqlDataReader dr = cmd.ExecuteReader();
con.Close();
Login.sendEmail(email, "Password Reset Finished. ;)");
return("Password Reset Done.");
}
catch (Exception)
{
con.Close();
return("Failed to reset the password.");
}
}
