protected void Button_Reject_Click(object sender, EventArgs e) { connection.Open(); SqlCommand updateReportStatus = new SqlCommand("UPDATE Report SET ReportStatus = @ReportStatus, Remarks = @Remarks WHERE Username = @AccountUsername AND CaseNumber = @CaseNumber", connection); updateReportStatus.Parameters.AddWithValue("@ReportStatus", "rejected"); updateReportStatus.Parameters.AddWithValue("@AccountUsername", Label6.Text); updateReportStatus.Parameters.AddWithValue("@CaseNumber", Session["caseNumberOfThisPendingReport"].ToString()); updateReportStatus.Parameters.AddWithValue("@Remarks", Label12_remarks.Text); updateReportStatus.ExecuteNonQuery(); connection.Close(); caseNumberOfReport = Session["caseNumberOfThisPendingReport"].ToString(); //Add to logs ActionLogs.Action action = ActionLogs.Action.BossRejectedReport; ActionLogs.Log(Context.User.Identity.Name, action); Session["rejectedMsg"] = "Report with the Case Number of <b><u><big>#" + Session["caseNumberOfThisPendingReport"].ToString() + "</b></u></big> has been <b>rejected</b>."; Response.Redirect("~/Content/BossConsole/PendingReports.aspx"); //ClientScript.RegisterStartupScript(GetType(), "alert", "alert('Report with the Case Number of #" + Session["caseNumberOfThisPendingReport"].ToString() + " has been rejected.'); window.location = 'PendingReports.aspx'; ", true); //ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('This report has been rejected.')", true); }
protected void btnSearch_Click(object sender, EventArgs e) { SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection.Open(); SqlDataReader dataReader = null; SqlCommand dateCommand = new SqlCommand("SELECT * FROM ErrorExceptionLogs WHERE (lower(Username) LIKE @txtSearchValue OR lower(ExceptionType) LIKE @txtSearchValue OR lower(ErrorMessage) LIKE @txtSearchValue OR lower(ErrorSource) LIKE @txtSearchValue OR lower(Location) LIKE @txtSearchValue) ORDER BY convert(datetime,Timestamp) DESC", connection); dateCommand.Parameters.AddWithValue("@txtSearchValue", "%" + txtSearchValue.Text.Trim().ToLower() + "%"); dataReader = dateCommand.ExecuteReader(); DataTable dt = new DataTable(); dt.Load(dataReader); GridView1.DataSource = dt; ViewState["Datable"] = dt; GridView1.DataBind(); if (dt.Rows.Count == 0) { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('There is no data found for this search.')", true); } connection.Close(); searchValue = txtSearchValue.Text; url = System.Web.HttpContext.Current.Request.Url.ToString(); //Add to logs ActionLogs.Action actionLog = ActionLogs.Action.SearchErrorLogs; ActionLogs.Log(Context.User.Identity.Name, actionLog); }
protected void btnSearch_Click(object sender, EventArgs e) { bool hasData = false; SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection.Open(); SqlDataReader dateReader = null; SqlCommand dateCommand = new SqlCommand("SELECT DISTINCT(convert(date, Timestamp)) AS Date FROM Logs WHERE lower(Action) LIKE @Action AND Username = @AccountUsername ORDER BY convert(date,Timestamp) DESC", connection); dateCommand.Parameters.AddWithValue("@Action", "%" + txtSearchValue.Text.Trim().ToLower() + "%"); dateCommand.Parameters.AddWithValue("@AccountUsername", bossUsername.Text); dateReader = dateCommand.ExecuteReader(); while (dateReader.Read()) { DateTime date = (DateTime)dateReader["Date"]; //Response.Write("Date : " + date + "<br>"); AddDateToPlaceholder(date); SqlConnection connection2 = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection2.Open(); SqlDataReader logReader = null; SqlCommand logCommand = new SqlCommand("SELECT Action, Timestamp FROM Logs WHERE lower(Action) LIKE @Action AND Username = @AccountUsername AND convert(date, Timestamp) = convert(date,@Date) ORDER BY convert(date,Timestamp) ASC", connection2); logCommand.Parameters.AddWithValue("@Action", "%" + txtSearchValue.Text.Trim().ToLower() + "%"); logCommand.Parameters.AddWithValue("@AccountUsername", bossUsername.Text); logCommand.Parameters.AddWithValue("@Date", date); logReader = logCommand.ExecuteReader(); while (logReader.Read()) { hasData = true; string action = logReader["Action"].ToString(); DateTime actionDate = (DateTime)logReader["Timestamp"]; //Response.Write("Date : " + actionDate + " Action : " + action + "<br>"); AddActionToPlaceholder(action, actionDate); } } if (hasData == false) { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('There is no data found for this search.')", true); } searchValue = txtSearchValue.Text; url = System.Web.HttpContext.Current.Request.Url.ToString(); //Add to logs ActionLogs.Action actionLog = ActionLogs.Action.SearchBossLogs; ActionLogs.Log(Context.User.Identity.Name, actionLog); }
protected void btnSearchBoth_Click(object sender, EventArgs e) { string s = TextBox2.Text; DateTime datetimeDT; if (DateTime.TryParse(s, out datetimeDT)) { string date = s.ToString().Split(' ')[0]; date = String.Format("{0:dd/MM/yyyy}", date); DateTime InputDate = Convert.ToDateTime(date); SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection.Open(); SqlDataReader dataReader = null; SqlCommand dateCommand = new SqlCommand("SELECT * FROM ErrorExceptionLogs WHERE ((lower(Username) LIKE @txtSearchValue OR lower(ExceptionType) LIKE @txtSearchValue OR lower(ErrorMessage) LIKE @txtSearchValue OR lower(ErrorSource) LIKE @txtSearchValue OR lower(Location) LIKE @txtSearchValue) AND convert(date, Timestamp, 103) = convert(date,@Timestamp,103)) ORDER BY convert(date,Timestamp) DESC", connection); dateCommand.Parameters.AddWithValue("@txtSearchValue", "%" + TextBox1.Text.Trim().ToLower() + "%"); dateCommand.Parameters.AddWithValue("@Timestamp", InputDate); dataReader = dateCommand.ExecuteReader(); DataTable dt = new DataTable(); dt.Load(dataReader); GridView1.DataSource = dt; ViewState["Datable"] = dt; GridView1.DataBind(); if (dt.Rows.Count == 0) { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('There is no data found for this search.')", true); } connection.Close(); } searchValue = TextBox1.Text + " " + TextBox2.Text; url = System.Web.HttpContext.Current.Request.Url.ToString(); //Add to logs ActionLogs.Action actionLog = ActionLogs.Action.SearchErrorLogs; ActionLogs.Log(Context.User.Identity.Name, actionLog); }
protected void btnAuthenticate_Click(object sender, EventArgs e) { if (IsPostBack) { string inputUsername = Context.User.Identity.Name; string inputPassword = txtPasswordAuthenticate.Text; string dbUsername = ""; string dbPasswordHash = ""; string dbSalt = ""; SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection.Open(); SqlCommand myCommand = new SqlCommand("SELECT HashedPassword, Salt, Role, Username FROM UserAccount WHERE Username = @AccountUsername", connection); myCommand.Parameters.AddWithValue("@AccountUsername", inputUsername); SqlDataReader myReader = myCommand.ExecuteReader(); while (myReader.Read()) { dbPasswordHash = (myReader["HashedPassword"].ToString()); dbSalt = (myReader["Salt"].ToString()); dbUsername = (myReader["Username"].ToString()); } connection.Close(); string passwordHash = ComputeHash(inputPassword, new SHA512CryptoServiceProvider(), Convert.FromBase64String(dbSalt)); if (dbUsername.Equals(inputUsername.Trim())) { if (dbPasswordHash.Equals(passwordHash)) { Page.ClientScript.RegisterStartupScript(GetType(), "alert", "$('#myModal').modal('hide')", true); //Add to logs ActionLogs.Action action = ActionLogs.Action.ReauthenticatedDueToAccountLockout; ActionLogs.Log(Context.User.Identity.Name, action); } else { Page.ClientScript.RegisterStartupScript(GetType(), "alert", "$('#myModal').modal('show')", true); errormsgPasswordAuthenticate.Visible = true; } } } }
protected void Unnamed_LoggingOut(object sender, LoginCancelEventArgs e) { Context.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie); Session["AccountUsername"] = Context.User.Identity.Name; //Add to logs ActionLogs.Action action = ActionLogs.Action.Logout; ActionLogs.Log(Session["AccountUsername"].ToString(), action); connection.Open(); SqlCommand updateFirstLoginAccess = new SqlCommand("UPDATE UserAccount SET isFirstTimeAccessed = @isFirstTimeAccessed WHERE Username = @AccountUsername", connection); updateFirstLoginAccess.Parameters.AddWithValue("@isFirstTimeAccessed", "0"); updateFirstLoginAccess.Parameters.AddWithValue("@AccountUsername", Session["AccountUsername"].ToString()); updateFirstLoginAccess.ExecuteNonQuery(); connection.Close(); }
protected void btnSearch_Click(object sender, EventArgs e) { SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection.Open(); SqlDataReader dataReader = null; SqlCommand dateCommand = new SqlCommand("SELECT * FROM Report WHERE (lower(Username) LIKE @txtSearchValue OR lower(Subject) LIKE @txtSearchValue OR lower(CaseNumber) LIKE @txtSearchValue OR lower(ReportStatus) LIKE @txtSearchValue OR lower(Subject) LIKE @txtSearchValue) AND Username = @AccountUsername AND (ReportStatus = 'accepted' OR ReportStatus = 'pending' OR ReportStatus = 'rejected')", connection); dateCommand.Parameters.AddWithValue("@txtSearchValue", "%" + txtSearchValue.Text.Trim().ToLower() + "%"); dateCommand.Parameters.AddWithValue("@AccountUsername", Context.User.Identity.Name); dataReader = dateCommand.ExecuteReader(); DataTable dt = new DataTable(); dt.Load(dataReader); GridView1.DataSource = dt; //store viewstate ViewState["Datable"] = dt; GridView1.DataBind(); if (dt.Rows.Count == 0) { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('There is no data found for this search.')", true); } connection.Close(); searchValue = txtSearchValue.Text; url = System.Web.HttpContext.Current.Request.Url.ToString(); staffName = Context.User.Identity.Name; //Add to logs ActionLogs.Action actionLog = ActionLogs.Action.SearchByStaff; ActionLogs.Log(Context.User.Identity.Name, actionLog); }
protected void Unnamed_LoggingOut(object sender, LoginCancelEventArgs e) { Context.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie); // FormsAuthentication.SignOut(); // FormsAuthentication.RedirectToLoginPage(); Session["AccountUsername"] = Context.User.Identity.Name; //Add to logs ActionLogs.Action action = ActionLogs.Action.Logout; ActionLogs.Log(Session["AccountUsername"].ToString(), action); connection.Open(); SqlCommand updateFirstLoginAccess = new SqlCommand("UPDATE UserAccount SET isFirstTimeAccessed = @isFirstTimeAccessed WHERE Username = @AccountUsername", connection); updateFirstLoginAccess.Parameters.AddWithValue("@isFirstTimeAccessed", "0"); updateFirstLoginAccess.Parameters.AddWithValue("@AccountUsername", Session["AccountUsername"].ToString()); updateFirstLoginAccess.ExecuteNonQuery(); connection.Close(); //Response.Cache.SetCacheability(HttpCacheability.NoCache); //Response.Cache.SetExpires(DateTime.Now.AddSeconds(-1)); //Response.Cache.SetNoStore(); //Clear cookies //string[] cookies = Request.Cookies.AllKeys; //foreach (string cookie in cookies) //{ // Response.Cookies[cookie].Expires = DateTime.Now.AddDays(-1); //} //FormsAuthentication.SignOut(); //Session.Abandon(); //FormsAuthentication.RedirectToLoginPage(); //HttpContext.Current.ApplicationInstance.CompleteRequest(); }
protected void btnSearchBoth_Click(object sender, EventArgs e) { string s = TextBox2.Text; DateTime datetimeDT; if (DateTime.TryParse(s, out datetimeDT)) { string date = s.ToString().Split(' ')[0]; date = String.Format("{0:dd/MM/yyyy}", date); DateTime InputDate = Convert.ToDateTime(date); try { SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection.Open(); SqlCommand dateCommand = new SqlCommand("SELECT DISTINCT(Timestamp) AS [DD/MM/YYYY] FROM LOGS WHERE (Username = @AccountUsername AND convert(date, Timestamp, 103) = convert(date, @Timestamp, 103))", connection); dateCommand.Parameters.AddWithValue("@AccountUsername", bossUsername.Text); dateCommand.Parameters.AddWithValue("@Timestamp", InputDate); //dateCommand.Parameters.AddWithValue("@txtSearchValue", "%" + TextBox1.Text.Trim().ToLower() + "%"); var dbDate = (DateTime)dateCommand.ExecuteScalar(); if (dbDate != null) { AddDateToPlaceholder(dbDate); SqlConnection connection2 = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection2.Open(); SqlDataReader logReader = null; SqlCommand logCommand = new SqlCommand("SELECT Action, Timestamp FROM Logs WHERE (Username = @AccountUsername AND convert(date, Timestamp, 103) = convert(date, @Timestamp, 103) AND lower(Action) LIKE @txtSearchValue) ORDER BY convert(date, Timestamp, 103) ASC", connection2); logCommand.Parameters.AddWithValue("@AccountUsername", bossUsername.Text); logCommand.Parameters.AddWithValue("@Timestamp", dbDate); logCommand.Parameters.AddWithValue("@txtSearchValue", "%" + TextBox1.Text.Trim().ToLower() + "%"); logReader = logCommand.ExecuteReader(); while (logReader.Read()) { string action = logReader["Action"].ToString(); string actionDate = logReader["Timestamp"].ToString(); //Response.Write("Date : " + actionDate + " Action : " + action + "<br>"); DateTime actionDateDT = Convert.ToDateTime(actionDate); AddActionToPlaceholder(action, actionDateDT); } } } catch (System.NullReferenceException exc) { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('There is no data found for this search.')", true); } } else { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('Please check that you have entered a correct format in DD/MM/YYYY.')", true); } searchValue = TextBox1.Text + " " + TextBox2.Text; url = System.Web.HttpContext.Current.Request.Url.ToString(); //Add to logs ActionLogs.Action actionLog = ActionLogs.Action.SearchBossLogs; ActionLogs.Log(Context.User.Identity.Name, actionLog); }
protected void btnSearchDate_Click(object sender, EventArgs e) { string s = txtSearchValueDate.Text; DateTime dt; if (DateTime.TryParse(s, out dt)) { string date = s.ToString().Split(' ')[0]; date = String.Format("{0:dd/MM/yyyy}", date); DateTime InputDate = Convert.ToDateTime(date); //String hour = s.ToString().Split(' ')[1].Split(':')[0]; //Response.Write(hour + "\n"); //String min = s.ToString().Split(' ')[1].Split(':')[1]; //Response.Write(min + "\n"); //String sec = s.ToString().Split(' ')[1].Split(':')[2]; //Response.Write(sec + "\n"); //string time = hour + ":" + min + ":" + sec; //if (txtSearchValueDate.Text.Contains(time)) //{ // ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('Please check that you have entered a correct format in DD/MM/YYYY!')", true); //} try { SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection.Open(); SqlCommand dateCommand = new SqlCommand("SELECT * FROM ErrorExceptionLogs WHERE convert(date, Timestamp, 103) = convert(date,@Timestamp,103)", connection); //OR convert(time(0), Timestamp) = @Time) //SELECT (convert(varchar(15), Timestamp, 108)) FROM ErrorExceptionLogs dateCommand.Parameters.AddWithValue("@Timestamp", InputDate); //dateCommand.Parameters.AddWithValue("@Time", time); SqlDataReader dataReader = dateCommand.ExecuteReader(); DataTable dt2 = new DataTable(); dt2.Load(dataReader); GridView1.DataSource = dt2; ViewState["Datable"] = dt; GridView1.DataBind(); if (dt2.Rows.Count == 0) { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('There is no data found for this search.')", true); } connection.Close(); } catch (System.NullReferenceException exc) { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('There is no data found for this search.')", true); } } else { ClientScript.RegisterStartupScript(this.GetType(), "alert", "alert('Please check that you have entered a correct format in DD/MM/YYYY.')", true); } searchValue = txtSearchValueDate.Text; url = System.Web.HttpContext.Current.Request.Url.ToString(); //Add to logs ActionLogs.Action actionLog = ActionLogs.Action.SearchErrorLogs; ActionLogs.Log(Context.User.Identity.Name, actionLog); }
protected void LogIn(object sender, EventArgs e) { string inputUsername = username.Text; string inputPassword = password.Text; string dbUsername = ""; string dbPasswordHash = ""; string dbSalt = ""; string dbStatus = ""; connection.Open(); SqlCommand myCommand = new SqlCommand("SELECT HashedPassword, Salt, Role, Username FROM UserAccount WHERE Username = @AccountUsername", connection); myCommand.Parameters.AddWithValue("@AccountUsername", inputUsername); SqlDataReader myReader = myCommand.ExecuteReader(); while (myReader.Read()) { dbPasswordHash = (myReader["HashedPassword"].ToString()); dbSalt = (myReader["Salt"].ToString()); dbStatus = (myReader["Role"].ToString()); dbUsername = (myReader["Username"].ToString()); } connection.Close(); string passwordHash = ComputeHash(inputPassword, new SHA512CryptoServiceProvider(), Convert.FromBase64String(dbSalt)); if (IsValid) { if (dbUsername.Equals(inputUsername.Trim())) { if (dbPasswordHash.Equals(passwordHash)) { if (dbStatus.Equals("Staff")) { Session["AccountUsername"] = inputUsername; //Add to logs ActionLogs.Action action = ActionLogs.Action.Login; ActionLogs.Log(username.Text, action); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username.Text, DateTime.Now, DateTime.Now.AddMinutes(10), false, username.Text); String encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Add(authCookie); Response.Redirect("~/Content/StaffConsole/NewReport.aspx"); } } else { IncorrectInputLabel.Text = "Incorrect username/password"; } } else { IncorrectInputLabel.Text = "Incorrect username/password"; } if (dbUsername.Equals(inputUsername) && dbPasswordHash.Equals(passwordHash) && dbStatus.Equals("Boss")) { Session["AccountUsername"] = username.Text; //Add to logs ActionLogs.Action action = ActionLogs.Action.Login; ActionLogs.Log(username.Text, action); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username.Text, DateTime.Now, DateTime.Now.AddMinutes(10), false, username.Text); String encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Add(authCookie); Response.Redirect("~/Content/BossConsole/PendingReports.aspx"); } } }
protected void btnSaveAsPDF_Click(object sender, EventArgs e) { //string inputUsername = Context.User.Identity.Name; //string inputUsername = Session["AccountUsername"].ToString(); string rStatus = "accepted"; dbCaseNumber = Session["caseNumberOfThisSelectedReport"].ToString(); SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString); connection.Open(); SqlCommand myCommand = new SqlCommand("SELECT CaseNumber, Username, Date, Subject, Description, Remarks, CreatedDateTime FROM Report WHERE ReportStatus = @reportStatus AND CaseNumber = @cNum", connection); //myCommand.Parameters.AddWithValue("@AccountUsername", inputUsername); //Taking the latest report of that user only. //Should be click on a particular report number - thats the report that we should take myCommand.Parameters.AddWithValue("@reportStatus", rStatus); myCommand.Parameters.AddWithValue("@cNum", dbCaseNumber); SqlDataReader myReader = myCommand.ExecuteReader(); while (myReader.Read()) { //dbCaseNumber = (myReader["CaseNumber"].ToString()); dbUsername = (myReader["Username"].ToString()); dbDate = (myReader["Date"].ToString()); dbSubject = (myReader["Subject"].ToString()); dbDescription = (myReader["Description"].ToString()); dbRemarks = (myReader["Remarks"].ToString()); dbCreatedDateTime = (myReader["CreatedDateTime"].ToString()); } connection.Close(); //Creating a pdf document PdfDocument doc = new PdfDocument(); //Create a page PdfPageBase page = doc.Pages.Add(); //Draw the contents of page AlignText(page); // + Encryption (Joanne) doc.Security.KeySize = PdfEncryptionKeySize.Key128Bit; doc.Security.OwnerPassword = "******"; doc.Security.UserPassword = PasswordTxt.Text; doc.Security.Permissions = PdfPermissionsFlags.Print | PdfPermissionsFlags.FillFields; //// + DigitalSignature Method 1 (KaiTat) //String pfxPath = @"C:\\Program Files (x86)\\e-iceblue\\Spire.pdf\\Demos\\Data\\Demo.pfx"; //PdfCertificate digi = new PdfCertificate(pfxPath, "e-iceblue"); //PdfSignature signature = new PdfSignature(doc, page, digi, "demo"); //signature.ContactInfo = "Harry Hu"; //signature.Certificated = true; //signature.DocumentPermissions = PdfCertificationFlags.AllowFormFill; //KT Digital Signature Method 2 PdfSignatureField signaturefield = new PdfSignatureField(page, "Signature"); signaturefield.BorderWidth = 1.0f; signaturefield.BorderStyle = PdfBorderStyle.Solid; signaturefield.BorderColor = new PdfRGBColor(System.Drawing.Color.Black); signaturefield.HighlightMode = PdfHighlightMode.Outline; signaturefield.Bounds = new RectangleF(350, 600, 100, 100); doc.Form.Fields.Add(signaturefield); // + Watermark - Text (Joanne) string wmText = "Report #" + dbCaseNumber + " by " + Context.User.Identity.Name; PdfTilingBrush brush = new PdfTilingBrush(new SizeF(page.Canvas.ClientSize.Width / 2, page.Canvas.ClientSize.Height / 3)); brush.Graphics.SetTransparency(0.3f); brush.Graphics.Save(); brush.Graphics.TranslateTransform(brush.Size.Width / 2, brush.Size.Height / 2); brush.Graphics.RotateTransform(-45); brush.Graphics.DrawString(wmText, new PdfFont(PdfFontFamily.Helvetica, 20), PdfBrushes.Black, 0, 0, new PdfStringFormat(PdfTextAlignment.Center)); brush.Graphics.Restore(); brush.Graphics.SetTransparency(1); page.Canvas.DrawRectangle(brush, new RectangleF(new PointF(1, 1), page.Canvas.ClientSize)); //Save pdf to a location //doc.SaveToFile("C:\\Users\\User\\Desktop\\CreatePDFTest" + dbCaseNumber + ".pdf"); doc.SaveToFile("C:\\Saved PDF\\" + dbCaseNumber + ".pdf"); //Kt testing //doc.SaveToFile("C:\\Users\\Kai Tat\\Desktop\\CreatePDFTest" + dbCaseNumber + ".pdf"); //Launching the PDF File System.Diagnostics.Process.Start("C:\\Saved PDF\\" + dbCaseNumber + ".pdf"); //Kt testing //System.Diagnostics.Process.Start("C:\\Users\\Kai Tat\\Desktop\\CreatePDFTest" + dbCaseNumber + ".pdf"); //Add to logs ActionLogs.Action action = ActionLogs.Action.ReportSavedToPdf; ActionLogs.Log(Context.User.Identity.Name, action); }
//private string Decrypt(string cipherText) //{ // string EncryptionKey = "MAKV2SPBNI99212"; // byte[] cipherBytes = Convert.FromBase64String(cipherText); // using (Aes encryptor = Aes.Create()) // { // Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 }); // encryptor.Key = pdb.GetBytes(32); // encryptor.IV = pdb.GetBytes(16); // using (MemoryStream ms = new MemoryStream()) // { // using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write)) // { // cs.Write(cipherBytes, 0, cipherBytes.Length); // cs.Close(); // } // cipherText = Encoding.Unicode.GetString(ms.ToArray()); // } // } // return cipherText; //} protected void SubmitButton_Click(object sender, EventArgs e) { //string uname = Context.User.Identity.Name; string uname = Session["AccountUsername"].ToString(); //Case Number Created +1 //Retrieve the latest case number and +1 string dbCaseNumber = ""; connection.Open(); SqlCommand myCommand = new SqlCommand("SELECT CaseNumber FROM Report", connection); SqlDataReader myReader = myCommand.ExecuteReader(); while (myReader.Read()) { dbCaseNumber = (myReader["CaseNumber"].ToString()); cNumber = int.Parse(dbCaseNumber); } cNumber++; //cNumber = int.Parse(dbCaseNumber); //cNumber++; connection.Close(); //Converting input date into datetime type input DateTime DateInput = new DateTime(); DateInput = Convert.ToDateTime(TextBox4.Text); //Getting the date time when submit drafts/save reports as drafts DateTime createdDateTime = new DateTime(); createdDateTime = DateTime.Now; string NameInput = TextBox3.Text; string SubjectInput = TextBox2.Text; string CaseDesInput = TextBox1.Text; string status = "pending"; connection.Open(); //(KT) string constr = ConfigurationManager.ConnectionStrings["FileDatabaseConnectionString2"].ConnectionString; //using (SqlConnection con = new SqlConnection(constr)) //{ // con.Open(); // using (SqlCommand cmd = new SqlCommand("INSERT INTO Report (Subject, Description) VALUES(@Subject, @Description)")) // { // cmd.CommandType = CommandType.Text; // cmd.Parameters.AddWithValue("@Subject", Encrypt(TextBox2.Text.Trim())); // cmd.Parameters.AddWithValue("@Description", Encrypt(TextBox1.Text.Trim())); // cmd.Connection = con; // cmd.ExecuteNonQuery(); // con.Close(); // } //} //Response.Redirect(Request.Url.AbsoluteUri); SqlCommand insertReportCommand = new SqlCommand(); insertReportCommand.CommandText = "INSERT INTO Report (CaseNumber, Username, Date, Subject, Description, Remarks, ReportStatus, CreatedDateTime)" + " VALUES (@caseNumber, @username, @date, @subject, @description, @remarks, @status, @createdDT)"; insertReportCommand.Parameters.AddWithValue("@caseNumber", cNumber); insertReportCommand.Parameters.AddWithValue("@username", NameInput); insertReportCommand.Parameters.AddWithValue("@date", DateInput); insertReportCommand.Parameters.AddWithValue("@subject", SubjectInput); //insertReportCommand.Parameters.AddWithValue("@description", CaseDesInput); //insertReportCommand.Parameters.AddWithValue("@subject", Encrypt(TextBox2.Text.Trim())); insertReportCommand.Parameters.AddWithValue("@description", Encrypt(CaseDesInput.Trim())); //TextBox1.Text.Trim() insertReportCommand.Parameters.AddWithValue("@Remarks", ""); insertReportCommand.Parameters.AddWithValue("@status", status); insertReportCommand.Parameters.AddWithValue("@createdDT", createdDateTime); insertReportCommand.Connection = connection; insertReportCommand.ExecuteNonQuery(); connection.Close(); //Page.ClientScript.RegisterStartupScript(this.GetType(), "alert", //"alert('Case #'" + cNumber + "' has been created.');" + "window.location = 'SubmittedReports.aspx'; ", true); caseNumberOfReport = cNumber + ""; //Add to logs ActionLogs.Action action = ActionLogs.Action.StaffSubmittedReport; ActionLogs.Log(Context.User.Identity.Name, action); string message = "Case #" + cNumber + " has been created."; ClientScript.RegisterStartupScript(GetType(), "alert", "alert('" + message + "'); window.location = 'SubmittedReports.aspx'; ", true); }
protected void SaveAsDraftsButton_Click(object sender, EventArgs e) { //COPY PASTED FROM SUBMIT BUTTON //Flow: create a case record in the reports db //Case Number Created +1 //Retrieve the latest case number and +1 string dbCaseNumber = ""; connection.Open(); SqlCommand myCommand = new SqlCommand("SELECT CaseNumber FROM Report", connection); SqlDataReader myReader = myCommand.ExecuteReader(); while (myReader.Read()) { dbCaseNumber = (myReader["CaseNumber"].ToString()); } cNumber = int.Parse(dbCaseNumber); connection.Close(); cNumber++; //Converting input date into datetime type input DateTime DateInput = new DateTime(); DateInput = Convert.ToDateTime(TextBox4.Text); //Getting the date time when submit drafts/save reports as drafts DateTime createdDateTime = new DateTime(); createdDateTime = DateTime.Now; string NameInput = TextBox3.Text; string SubjectInput = TextBox2.Text; string CaseDesInput = TextBox1.Text; string status = "drafts"; //Add the details into database (done) //Report inserted into database, with ReportStatus = drafts (done) //Report details encrypted (not done) connection.Open(); SqlCommand insertReportCommand = new SqlCommand(); insertReportCommand.CommandText = "INSERT INTO Report (CaseNumber, Username, Date, Subject, Description, Remarks, ReportStatus, CreatedDateTime)" + " VALUES (@caseNumber, @username, @date, @subject, @description, @remarks, @status, @createdDT)"; insertReportCommand.Parameters.AddWithValue("@caseNumber", cNumber); insertReportCommand.Parameters.AddWithValue("@username", NameInput); insertReportCommand.Parameters.AddWithValue("@date", DateInput); insertReportCommand.Parameters.AddWithValue("@subject", SubjectInput); insertReportCommand.Parameters.AddWithValue("@description", Encrypt(CaseDesInput.Trim())); insertReportCommand.Parameters.AddWithValue("@Remarks", ""); insertReportCommand.Parameters.AddWithValue("@status", status); insertReportCommand.Parameters.AddWithValue("@createdDT", createdDateTime); insertReportCommand.Connection = connection; insertReportCommand.ExecuteNonQuery(); connection.Close(); caseNumberOfReport = cNumber + ""; //Add to logs ActionLogs.Action action = ActionLogs.Action.ReportSavedAsDrafts; ActionLogs.Log(Context.User.Identity.Name, action); //alert string message = "Your report has been saved in drafts!"; ClientScript.RegisterStartupScript(GetType(), "alert", "alert('" + message + "'); window.location = 'SubmittedReports.aspx'; ", true); }