예제 #1
0
 protected void btnChangePass_Click(object sender, EventArgs e)
 {
     if (CheckInputs())
     {
         try
         {
             string         strUpdateQuery = "UPDATE Tenants SET PWD=@PWD WHERE TenantID=@TID";
             SqlParameter[] UpdateParams   =
             {
                 //new SqlParameter("@PWD", Encryption.MD5(newpass)),
                 new SqlParameter("@PWD", newpass),
                 new SqlParameter("@TID", TenantID)
             };
             DataAccess.DataProcessExecuteNonQuery(strUpdateQuery, UpdateParams, ConnString);
             AuditTrailFunctions.UpdateTenantAuditTrail("Changed password", TenantID);
             //Session.Add("KEY", Encryption.MD5(newpass));
             Session.Add("KEY", newpass);
             lblAlert.Text = "Change password succeeded!";
         }
         catch
         {
             lblAlert.Text = "Change password failed!";
         }
     }
     else
     {
         lblAlert.Text = "Please check your inputs.";
     }
 }
예제 #2
0
    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        string strInsert = "INSERT INTO ServiceRequest (TenantID, Title, Details, Remarks, Priority) VALUES (@TID, @title, @details, @remarks, @priority)";

        SqlParameter[] insertParam =
        {
            new SqlParameter("@TID",      TenantID),
            new SqlParameter("@title",    AntiXSSMethods.CleanString(txtTitle.Text)),
            new SqlParameter("@details",  AntiXSSMethods.CleanString(txtDetails.Text)),
            new SqlParameter("@remarks",  remarks),
            new SqlParameter("@priority", priority)
        };
        DataAccess.DataProcessExecuteNonQuery(strInsert, insertParam, conString);
        AuditTrailFunctions.UpdateTenantAuditTrail("Added new service request", TenantID);
        //Response.Write("<script>alert('Success!');</script>");
        Response.Redirect("~/Tenant/ServiceRequestMgt.aspx");
    }
예제 #3
0
    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        string strInsert = "INSERT INTO Complaints (TenantID, Subject, Details, Status) VALUES (@TID, @subj, @details, @status)";

        SqlParameter[] insertParam =
        {
            new SqlParameter("@TID",     TenantID),
            new SqlParameter("@subj",    AntiXSSMethods.CleanString(txtSubject.Text)),
            new SqlParameter("@details", AntiXSSMethods.CleanString(txtMsg.Text)),
            new SqlParameter("@status",  status)
        };
        DataAccess.DataProcessExecuteNonQuery(strInsert, insertParam, conString);
        AuditTrailFunctions.UpdateTenantAuditTrail("Added new complaints", TenantID);
        //Response.Write("<script>alert('Success!');</script>");
        Response.Redirect("AddComplaint.aspx");
        lblAlert.Text = "Complaint submitted!";

        if (IsPostBack)
        {
            txtSubject.Text = "";
            txtMsg.Text     = "";
        }
    }