private string EncryptPassword(string Password) { string strPassPhrase = "Pas5pr@se"; // can be any string string strSaltValue = "s@1tValue"; // can be any string string strHashAlgorithm = "SHA1"; // can be "MD5" int intPasswordIterations = 2; // can be any number string strInitVector = "@1B2c3D4e5F6g7H8"; // must be 16 bytes int intKeySize = 256; return(Bill_Sys_EncryDecry.Encrypt(Password, strPassPhrase, strSaltValue, strHashAlgorithm, intPasswordIterations, strInitVector, intKeySize)); }
private string EncryptPassword(string strtext) { string id = string.Format("Id: {0} Uri: {1}", Guid.NewGuid(), HttpContext.Current.Request.Url); using (Utils utility = new Utils()) { utility.MethodStart(id, System.Reflection.MethodBase.GetCurrentMethod()); } string strPassPhrase = "Pas5pr@se"; // can be any string string strSaltValue = "s@1tValue"; // can be any string string strHashAlgorithm = "SHA1"; // can be "MD5" int intPasswordIterations = 2; // can be any number string strInitVector = "@1B2c3D4e5F6g7H8"; // must be 16 bytes int intKeySize = 256; string EncryptedPassword = ""; try { EncryptedPassword = Bill_Sys_EncryDecry.Encrypt(strtext, strPassPhrase, strSaltValue, strHashAlgorithm, intPasswordIterations, strInitVector, intKeySize); } catch (Exception ex) { Elmah.ErrorSignal.FromCurrentContext().Raise(ex); using (Utils utility = new Utils()) { utility.MethodEnd(id, System.Reflection.MethodBase.GetCurrentMethod()); } string str2 = "Error Request=" + id + ".Please share with Technical support."; base.Response.Redirect("Bill_Sys_ErrorPage.aspx?ErrMsg=" + str2); } return(EncryptedPassword); //Method End using (Utils utility = new Utils()) { utility.MethodEnd(id, System.Reflection.MethodBase.GetCurrentMethod()); } }
protected void Page_Load(object sender, EventArgs e) { string id = string.Format("Id: {0} Uri: {1}", Guid.NewGuid(), HttpContext.Current.Request.Url); using (Utils utility = new Utils()) { utility.MethodStart(id, System.Reflection.MethodBase.GetCurrentMethod()); } this.Page.LoadComplete += new EventHandler(Page_Load_Complete); log.Debug("Bill_Sys_Casedetails. Method - Page_Load_Start : " + DateTime.Now.Hour.ToString() + ":" + DateTime.Now.Minute.ToString() + ":" + DateTime.Now.Second.ToString() + ":" + DateTime.Now.Millisecond.ToString()); //ScriptManager.RegisterClientScriptBlock(this, GetType(), "ss", "plusvisibleimage();", true); //string urlleft = Request.Url.GetLeftPart(UriPartial.Path); //string url = Request.Url.ToString(); string Param = Request.QueryString["dt"].ToString(); string changeParam = WebUtils.DecodeUrlString(Param); String strPassPhrase = "Pas5pr@se"; // can be any string String strSaltValue = "s@1tValue"; // can be any string String strHashAlgorithm = "SHA1"; // can be "MD5" int intPasswordIterations = 2; // can be any number String strInitVector = "@1B2c3D4e5F6g7H8"; // must be 16 bytes int intKeySize = 256; string decrupt = Bill_Sys_EncryDecry.Decrypt(changeParam, strPassPhrase, strSaltValue, strHashAlgorithm, intPasswordIterations, strInitVector, intKeySize); //string decryptUrl = urlleft+"?" + decrupt; string[] spl = decrupt.Split('&'); string caseid = spl[0].Replace("CaseID=", ""); string id_ = spl[1].Replace("cmp=", ""); string compnyid = id_.Replace("'", ""); try { if (!IsPostBack) { if (caseid != null) { //caseID = caseid; if (caseid.ToString() != "") { CaseDetailsBO _caseDetailsBO = new CaseDetailsBO(); Bill_Sys_CaseObject _bill_Sys_CaseObject = new Bill_Sys_CaseObject(); _bill_Sys_CaseObject.SZ_PATIENT_ID = _caseDetailsBO.GetCasePatientID(caseid.ToString(), ""); _bill_Sys_CaseObject.SZ_CASE_ID = caseid.ToString(); if (compnyid != null) { _bill_Sys_CaseObject.SZ_CASE_NO = _caseDetailsBO.GetCaseNo(_bill_Sys_CaseObject.SZ_CASE_ID, compnyid.ToString()); Session["company"] = compnyid.ToString(); } else { _bill_Sys_CaseObject.SZ_CASE_NO = _caseDetailsBO.GetCaseNo(_bill_Sys_CaseObject.SZ_CASE_ID, Session["company"].ToString()); } _bill_Sys_CaseObject.SZ_PATIENT_NAME = _caseDetailsBO.GetPatientName(_bill_Sys_CaseObject.SZ_PATIENT_ID); _bill_Sys_CaseObject.SZ_COMAPNY_ID = Session["company"].ToString(); Session["CASE_OBJECT"] = _bill_Sys_CaseObject; } } if (Session["CASE_OBJECT"] != null) { txtCaseID.Text = ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_ID; Session["company"] = ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_COMAPNY_ID; } else { Response.Redirect("Bill_Sys_SearchCase.aspx", false); } LoadNoteGrid(); caseID = ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_ID; ShowPopupNotes(((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_ID); //hlnkAssociate.Visible = true; grdAssociatedDiagnosisCode.Visible = false; //divAssociatedCode.Visible = true; _bill_Sys_ProcedureCode_BO = new Bill_Sys_ProcedureCode_BO(); grdAssociatedDiagnosisCode.DataSource = _bill_Sys_ProcedureCode_BO.GetAssociatedDiagnosisCode_List(caseID, ((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID).Tables[0]; grdAssociatedDiagnosisCode.DataBind(); ////////////////////// //CREATE SESSION FOR DOC MANAGER,TEMPLATE MANAGER,Notes,Bills Bill_Sys_Case _bill_Sys_Case = new Bill_Sys_Case(); _bill_Sys_Case.SZ_CASE_ID = txtCaseID.Text; Session["CASEINFO"] = _bill_Sys_Case; Session["PassedCaseID"] = txtCaseID.Text; String szURL = ""; String szCaseID = Session["PassedCaseID"].ToString(); Session["QStrCaseID"] = szCaseID; Session["Case_ID"] = szCaseID; Session["Archived"] = "0"; Session["QStrCID"] = szCaseID; Session["SelectedID"] = szCaseID; Session["DM_User_Name"] = ((Bill_Sys_UserObject)Session["USER_OBJECT"]).SZ_USER_NAME; Session["User_Name"] = ((Bill_Sys_UserObject)Session["USER_OBJECT"]).SZ_USER_NAME; Session["SN"] = "0"; Session["LastAction"] = "vb_CaseInformation.aspx"; Session["SZ_CASE_ID_NOTES"] = txtCaseID.Text; Session["TM_SZ_CASE_ID"] = txtCaseID.Text; LoadDataOnPage(); UserPatientInfoControl.GetPatienDeskList(((Bill_Sys_CaseObject)(Session["CASE_OBJECT"])).SZ_CASE_ID, ((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID); } if (!IsPostBack) { ReminderBO objReminder = null; DataSet dsReminder = null; string strUserId = ""; string SzCaseID = ""; DateTime dtCurrent_Date; objReminder = new ReminderBO(); dsReminder = new DataSet(); strUserId = ((Bill_Sys_UserObject)Session["USER_OBJECT"]).SZ_USER_ID; SzCaseID = txtCaseID.Text; dtCurrent_Date = Convert.ToDateTime(System.DateTime.Now.ToShortDateString()); dsReminder = objReminder.LoadReminderDetailsForCaseDeatils(strUserId, dtCurrent_Date, SzCaseID); } log.Debug("Bill_Sys_Casedetails. Method - Page_Load_End : " + DateTime.Now.Hour.ToString() + ":" + DateTime.Now.Minute.ToString() + ":" + DateTime.Now.Second.ToString() + ":" + DateTime.Now.Millisecond.ToString()); } catch (Exception ex) { Elmah.ErrorSignal.FromCurrentContext().Raise(ex); using (Utils utility = new Utils()) { utility.MethodEnd(id, System.Reflection.MethodBase.GetCurrentMethod()); } string str2 = "Error Request=" + id + ".Please share with Technical support."; base.Response.Redirect("../Bill_Sys_ErrorPage.aspx?ErrMsg=" + str2); } #region "check version readonly or not" string app_status = ((Bill_Sys_BillingCompanyObject)Session["APPSTATUS"]).SZ_READ_ONLY.ToString(); if (app_status.Equals("True")) { Bill_Sys_ChangeVersion cv = new Bill_Sys_ChangeVersion(this.Page); cv.MakeReadOnlyPage("Bill_Sys_CaseDetails.aspx"); } #endregion //Method End using (Utils utility = new Utils()) { utility.MethodEnd(id, System.Reflection.MethodBase.GetCurrentMethod()); } }
protected void Page_Load(object sender, EventArgs e) { try { if (Session["CASE_OBJECT"] != null) { lnkCaseID.Visible = false; lnkCaseID.Text = " " + ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_NO + " " + ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_PATIENT_NAME; // test.NavigateUrl = "~/Bill_Sys_ReCaseDetails.aspx"; } if (((Bill_Sys_UserObject)(Session["USER_OBJECT"])).SZ_USER_ROLE_NAME.ToLower() != "doctor") { // lnkCaseID.Visible = true; test.Visible = true; txtCaseSearch.Visible = true; btnGo.Visible = true; } else { lnkCaseID.Visible = false; test.Visible = false; txtCaseSearch.Visible = false; btnGo.Visible = false; } #region "To check page name for "AJAX Pages/Bill_Sys_AppointPatientEntry.aspx"." String _url = ""; if (Request.RawUrl.IndexOf("?") > 0) { _url = Request.RawUrl.Substring(0, Request.RawUrl.IndexOf("?")); } else { _url = Request.RawUrl; } if (_url.Contains("AJAX Pages")) { Session["AJAXPage"] = "Yes"; } else { Session["AJAXPage"] = ""; } if (Session["CASE_OBJECT"] != null) { lnkCaseID.Visible = false; lnkCaseID.Text = " " + ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_NO + " " + ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_PATIENT_NAME; test.Visible = true; test.Text = " " + ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_NO + " " + ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_PATIENT_NAME; // test.NavigateUrl = "~/Bill_Sys_ReCaseDetails.aspx"; if (((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).BT_REFERRING_FACILITY == true) { if (Session["AJAXPage"].ToString() == "Yes") { test.NavigateUrl = "~/AJAX%20Pages/Bill_Sys_ReCaseDetails.aspx"; } else { test.NavigateUrl = "~/AJAX%20Pages/Bill_Sys_ReCaseDetails.aspx"; } } else { if (Session["AJAXPage"].ToString() == "Yes") { //- add for attroney-// if (((Bill_Sys_UserObject)(Session["USER_OBJECT"])).SZ_USER_ROLE_NAME.ToLower().Equals("attorney")) { string caseid = ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_ID; string companyid = ((Bill_Sys_BillingCompanyObject)this.Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID; // AJAX Pages/Bill_Sys_CaseDetails.aspx?CaseID=<%# DataBinder.Eval(Container,"DataItem.SZ_CASE_ID")%>&cmp=<%# DataBinder.Eval(Container,"DataItem.SZ_COMPANY_ID")%>'> //logic for encrypt-decrypt String strPassPhrase = "Pas5pr@se"; // can be any string String strSaltValue = "s@1tValue"; // can be any string String strHashAlgorithm = "SHA1"; // can be "MD5" int intPasswordIterations = 2; // can be any number String strInitVector = "@1B2c3D4e5F6g7H8"; // must be 16 bytes int intKeySize = 256; string url = "CaseID=" + caseid + "&" + "cmp=" + companyid + "'"; string encrypt = Bill_Sys_EncryDecry.Encrypt(url, strPassPhrase, strSaltValue, strHashAlgorithm, intPasswordIterations, strInitVector, intKeySize); string encrypturl = WebUtils.EncodeUrlString(encrypt); test.NavigateUrl = "~/AJAX%20Pages/atcasedetails.aspx?" + "dt=" + encrypturl; } //- end -// else { test.NavigateUrl = "~/AJAX%20Pages/Bill_Sys_CaseDetails.aspx"; } } else { test.NavigateUrl = "~/AJAX%20Pages/Bill_Sys_CaseDetails.aspx"; } } } #endregion } catch (Exception ex) { throw; } }
protected void btnGo_Click(object sender, EventArgs e) { try { attorneycasedetailsBO _caseDetailsBO = new attorneycasedetailsBO(); string check = txtCaseSearch.Text.Trim(); int isString = 0; foreach (Char chTest in check) { if (!Char.IsNumber(chTest)) { // there is a character in the entered text isString = 0; //break; } else { // when the user has entered the case number // even if a single digit is entered by the user, it will be treated as case number isString = 1; break; } } foreach (Char chTest in check) { if (Char.IsNumber(chTest)) { isString = 2; break; } else { break; } } if (isString == 0) // this means user is searching with case number { { Bill_Sys_BillingCompanyObject objCompany = new Bill_Sys_BillingCompanyObject(); objCompany = (Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]; string struserId = ((Bill_Sys_UserObject)this.Session["USER_OBJECT"]).SZ_USER_ID; Session["CASE_LIST_GO_BUTTON"] = null; //DataSet dsPatientName = _caseDetailsBO.GetCaseListPatientName(txtCaseSearch.Text.Trim(), objCompany.SZ_COMPANY_ID); DataSet dsPatientName = _caseDetailsBO.QuickSearchAttorney(txtCaseSearch.Text.Trim(), objCompany.SZ_COMPANY_ID, "", struserId); //Session["CASE_LIST_GO_BUTTON"] = dsPatientName; //no need to add in session // if the return dataset has exactly 1 match found, the application automatically takes the user // to the workarea of that case. if (dsPatientName.Tables[0].Rows.Count == 1) { Session["CASE_OBJECT"] = null; Bill_Sys_CaseObject _bill_Sys_CaseObject = new Bill_Sys_CaseObject(); //_bill_Sys_CaseObject.SZ_CASE_ID = dsPatientName.Tables[0].Rows[0]["SZ_CASE_ID"].ToString(); _bill_Sys_CaseObject.SZ_CASE_ID = dsPatientName.Tables[0].Rows[0]["CaseId"].ToString(); //_bill_Sys_CaseObject.SZ_PATIENT_ID = dsPatientName.Tables[0].Rows[0]["SZ_PATIENT_ID"].ToString(); _bill_Sys_CaseObject.SZ_PATIENT_ID = dsPatientName.Tables[0].Rows[0]["PatientId"].ToString(); //_bill_Sys_CaseObject.SZ_PATIENT_NAME = dsPatientName.Tables[0].Rows[0]["SZ_PATIENT_NAME"].ToString(); _bill_Sys_CaseObject.SZ_PATIENT_NAME = dsPatientName.Tables[0].Rows[0]["PatientName"].ToString(); //_bill_Sys_CaseObject.SZ_COMAPNY_ID = dsPatientName.Tables[0].Rows[0]["SZ_COMPANY_ID"].ToString(); _bill_Sys_CaseObject.SZ_COMAPNY_ID = dsPatientName.Tables[0].Rows[0]["CompanyId"].ToString(); //_bill_Sys_CaseObject.SZ_CASE_NO = dsPatientName.Tables[0].Rows[0]["SZ_CASE_NO"].ToString(); _bill_Sys_CaseObject.SZ_CASE_NO = dsPatientName.Tables[0].Rows[0]["CaseNo"].ToString(); Session["CASE_OBJECT"] = _bill_Sys_CaseObject; //Session["PassedCaseID"] = dsPatientName.Tables[0].Rows[0]["SZ_CASE_NO"].ToString(); Session["PassedCaseID"] = dsPatientName.Tables[0].Rows[0]["CaseNo"].ToString(); // add for to check login user is attroney if (((Bill_Sys_UserObject)this.Session["USER_OBJECT"]).SZ_USER_ROLE_NAME.ToLower().Equals("attorney")) { string caseid = ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_ID; string companyid = ((Bill_Sys_BillingCompanyObject)this.Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID; //logic for encrypt-decrypt String strPassPhrase = "Pas5pr@se"; // can be any string String strSaltValue = "s@1tValue"; // can be any string String strHashAlgorithm = "SHA1"; // can be "MD5" int intPasswordIterations = 2; // can be any number String strInitVector = "@1B2c3D4e5F6g7H8"; // must be 16 bytes int intKeySize = 256; string url = "CaseID=" + caseid + "&" + "cmp=" + companyid + "'"; string encrypt = Bill_Sys_EncryDecry.Encrypt(url, strPassPhrase, strSaltValue, strHashAlgorithm, intPasswordIterations, strInitVector, intKeySize); string encrypturl = WebUtils.EncodeUrlString(encrypt); // test.NavigateUrl = "~/AJAX%20Pages/atcasedetails.aspx?" + "dt=" + encrypturl; if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("atcasedetails.aspx?" + "dt=" + encrypturl, false); } else { Response.Redirect("AJAX%20Pages/atcasedetails.aspx?" + "dt=" + encrypturl, false); } } // end// else { // check whether the login user is from a billing company or test facility. // if billing co. then take him to Bill_Sys_CaseDetails else to Bill_Sys_ReCaseDetails if (objCompany.BT_REFERRING_FACILITY == true) { if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("Bill_Sys_ReCaseDetails.aspx", false); } else { Response.Redirect("AJAX%20Pages/Bill_Sys_ReCaseDetails.aspx", false); } } else { if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("Bill_Sys_CaseDetails.aspx", false); } else { Response.Redirect("AJAX%20Pages/Bill_Sys_CaseDetails.aspx", false); } } } } else // if there are more than 1 rows returned by the search, reload the list page and bind the grid { Session["CASE_LIST_GO_BUTTON"] = txtCaseSearch.Text; if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("Bill_Sys_SearchCase.aspx", false); } else { Response.Redirect("AJAX Pages/Bill_Sys_SearchCase.aspx", false); } } } } // execute this block when the user searches by case number else if (((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).BT_REFERRING_FACILITY == true && isString == 1) { // example: TM702 int len = check.Length; int i = 0; foreach (Char chTest in check) { if (!Char.IsNumber(chTest)) { i++; } } string sz_CompanyPrefix = (check.Substring(0, i)); string sz_CaseNo = check.Substring(2); string struserId = ((Bill_Sys_UserObject)this.Session["USER_OBJECT"]).SZ_USER_ID; DataSet ds = _caseDetailsBO.QuickSearchAttorney(txtCaseSearch.Text, ((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID, sz_CompanyPrefix, struserId); //if (_caseDetailsBO.CheckCaseExistsWithPrefix(sz_CompanyPrefix, sz_CaseNo, ((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID) == true) if (ds.Tables[0].Rows.Count > 0) { Session["CASE_OBJECT"] = null; Bill_Sys_CaseObject _bill_Sys_CaseObject = new Bill_Sys_CaseObject(); //_bill_Sys_CaseObject.SZ_CASE_ID = _caseDetailsBO.GetCaseID(check, ((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID); _bill_Sys_CaseObject.SZ_CASE_ID = ds.Tables[0].Rows[0]["CaseId"].ToString(); //_bill_Sys_CaseObject.SZ_PATIENT_ID = _caseDetailsBO.GetCasePatientID(_bill_Sys_CaseObject.SZ_CASE_ID, ""); _bill_Sys_CaseObject.SZ_PATIENT_ID = ds.Tables[0].Rows[0]["patientId"].ToString(); //_bill_Sys_CaseObject.SZ_PATIENT_NAME = _caseDetailsBO.GetPatientName(_bill_Sys_CaseObject.SZ_PATIENT_ID); _bill_Sys_CaseObject.SZ_PATIENT_NAME = ds.Tables[0].Rows[0]["PatientName"].ToString(); //_bill_Sys_CaseObject.SZ_COMAPNY_ID = _caseDetailsBO.GetPatientCompanyID(_bill_Sys_CaseObject.SZ_PATIENT_ID); _bill_Sys_CaseObject.SZ_COMAPNY_ID = ds.Tables[0].Rows[0]["CompanyId"].ToString(); _bill_Sys_CaseObject.SZ_CASE_NO = check; Session["CASE_OBJECT"] = _bill_Sys_CaseObject; Session["PassedCaseID"] = check; // add for to check login user is attroney if (((Bill_Sys_UserObject)this.Session["USER_OBJECT"]).SZ_USER_ROLE_NAME.ToLower().Equals("attorney")) { string caseid = ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_ID; string companyid = ((Bill_Sys_BillingCompanyObject)this.Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID; //logic for encrypt-decrypt String strPassPhrase = "Pas5pr@se"; // can be any string String strSaltValue = "s@1tValue"; // can be any string String strHashAlgorithm = "SHA1"; // can be "MD5" int intPasswordIterations = 2; // can be any number String strInitVector = "@1B2c3D4e5F6g7H8"; // must be 16 bytes int intKeySize = 256; string url = "CaseID=" + caseid + "&" + "cmp=" + companyid + "'"; string encrypt = Bill_Sys_EncryDecry.Encrypt(url, strPassPhrase, strSaltValue, strHashAlgorithm, intPasswordIterations, strInitVector, intKeySize); string encrypturl = WebUtils.EncodeUrlString(encrypt); if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("atcasedetails.aspx?" + "dt=" + encrypturl, false); } else { Response.Redirect("AJAX%20Pages/atcasedetails.aspx?" + "dt=" + encrypturl, false); } } else { if (((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).BT_REFERRING_FACILITY == true) { if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("Bill_Sys_ReCaseDetails.aspx", false); } else { Response.Redirect("AJAX%20Pages/Bill_Sys_ReCaseDetails.aspx", false); } } else { if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("Bill_Sys_CaseDetails.aspx", false); } else { Response.Redirect("AJAX%20Pages/Bill_Sys_CaseDetails.aspx", false); } } } } } else if (isString == 2)// the user is searching by case number --- CASE I { // we dont need to chcek if case exists in this separate procedure // create object of app_code. call new function, pass case number and company id // in the procedure, check if you get data.. if yes, set properties those are set below.. else do nothing. DataSet ds = new DataSet(); string struserId = ((Bill_Sys_UserObject)this.Session["USER_OBJECT"]).SZ_USER_ID; ds = _caseDetailsBO.QuickSearchAttorney(txtCaseSearch.Text, ((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID, "", struserId); //if (_caseDetailsBO.CheckCaseExists(txtCaseSearch.Text, ((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID) == true) if (ds.Tables[0].Rows.Count > 0) { Session["CASE_OBJECT"] = null; Bill_Sys_CaseObject _bill_Sys_CaseObject = new Bill_Sys_CaseObject(); //_bill_Sys_CaseObject.SZ_CASE_ID = _caseDetailsBO.GetCaseID(txtCaseSearch.Text, ((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID); _bill_Sys_CaseObject.SZ_CASE_ID = ds.Tables[0].Rows[0]["caseId"].ToString(); //_bill_Sys_CaseObject.SZ_PATIENT_ID = _caseDetailsBO.GetCasePatientID(_bill_Sys_CaseObject.SZ_CASE_ID, ""); _bill_Sys_CaseObject.SZ_PATIENT_ID = ds.Tables[0].Rows[0]["PatientId"].ToString(); //_bill_Sys_CaseObject.SZ_PATIENT_NAME = _caseDetailsBO.GetPatientName(_bill_Sys_CaseObject.SZ_PATIENT_ID); _bill_Sys_CaseObject.SZ_PATIENT_NAME = ds.Tables[0].Rows[0]["PatientName"].ToString(); //_bill_Sys_CaseObject.SZ_COMAPNY_ID = _caseDetailsBO.GetPatientCompanyID(_bill_Sys_CaseObject.SZ_PATIENT_ID); _bill_Sys_CaseObject.SZ_COMAPNY_ID = ds.Tables[0].Rows[0]["CompanyId"].ToString(); //_bill_Sys_CaseObject.SZ_CASE_NO = txtCaseSearch.Text; string StrCaseNo = ds.Tables[0].Rows[0]["CASENO"].ToString(); _bill_Sys_CaseObject.SZ_CASE_NO = StrCaseNo.Replace(" ", ""); Session["CASE_OBJECT"] = _bill_Sys_CaseObject; Session["PassedCaseID"] = txtCaseSearch.Text; // add for to check login user is attroney if (((Bill_Sys_UserObject)this.Session["USER_OBJECT"]).SZ_USER_ROLE_NAME.ToLower().Equals("attorney")) { string caseid = ((Bill_Sys_CaseObject)Session["CASE_OBJECT"]).SZ_CASE_ID; string companyid = ((Bill_Sys_BillingCompanyObject)this.Session["BILLING_COMPANY_OBJECT"]).SZ_COMPANY_ID; //logic for encrypt-decrypt String strPassPhrase = "Pas5pr@se"; // can be any string String strSaltValue = "s@1tValue"; // can be any string String strHashAlgorithm = "SHA1"; // can be "MD5" int intPasswordIterations = 2; // can be any number String strInitVector = "@1B2c3D4e5F6g7H8"; // must be 16 bytes int intKeySize = 256; string url = "CaseID=" + caseid + "&" + "cmp=" + companyid + "'"; string encrypt = Bill_Sys_EncryDecry.Encrypt(url, strPassPhrase, strSaltValue, strHashAlgorithm, intPasswordIterations, strInitVector, intKeySize); string encrypturl = WebUtils.EncodeUrlString(encrypt); if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("atcasedetails.aspx?" + "dt=" + encrypturl, false); } else { Response.Redirect("AJAX%20Pages/atcasedetails.aspx?" + "dt=" + encrypturl, false); } } else { if (((Bill_Sys_BillingCompanyObject)Session["BILLING_COMPANY_OBJECT"]).BT_REFERRING_FACILITY == true) { if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("Bill_Sys_ReCaseDetails.aspx", false); } else { Response.Redirect("AJAX%20Pages/Bill_Sys_ReCaseDetails.aspx", false); } } else { if (Session["AJAXPage"].ToString() == "Yes") { Response.Redirect("Bill_Sys_CaseDetails.aspx", false); } else { Response.Redirect("AJAX%20Pages/Bill_Sys_CaseDetails.aspx", false); } } } } } } catch { } }