/// <summary>
/// Hashes the entered password if the password and confirmed password are the same then saves this hashed password to the database.
/// </summary>
protected void ChangePassword_Click(object sender, EventArgs e)
{
try
{
//Checks whether logged in account is company or customer then changes the password of the account in question.
if (Session["LoggedInType"].ToString() == "Company")
{
CompanyManager company;
company = CompanyManager.GetCompanies().Where(x => x.UserName.Equals(Session["UserName"].ToString(), StringComparison.OrdinalIgnoreCase)).Single();
if (Variables.CheckPasswordValid(newPasswordTxt.Text) == true)
{
if (PasswordHash.ValidatePassword(currentPasswordTxt.Text, company.Access.Password))
{
string hashedPassword = PasswordHash.CreateHash(newPasswordTxt.Text);
UserAccess.UpdateAccess(2, company.CompanyID, hashedPassword);
SendEmail(company.EmailAddress, company.UserName);
Response.Redirect("~/Account/InformUser.aspx?InfoString=Password+change+successful.");
}
}
}
else if (Session["LoggedInType"].ToString() == "Customer")
{
CustomerManager customer;
customer = CustomerManager.GetCustomers().Where(x => x.UserName.Equals(Session["UserName"].ToString(), StringComparison.OrdinalIgnoreCase)).Single();
if (Variables.CheckPasswordValid(newPasswordTxt.Text) == true)
{
if (PasswordHash.ValidatePassword(currentPasswordTxt.Text, customer.Access.Password))
{
string hashedPassword = PasswordHash.CreateHash(newPasswordTxt.Text);
UserAccess.UpdateAccess(4, customer.CustomerID, hashedPassword);
SendEmail(customer.EmailAddress, customer.UserName);
Response.Redirect("~/Account/InformUser.aspx?InfoString=Password+change+successful.");
}
}
}
}
catch (Exception ex)
{
generalErrorLbl.Text = "An error has occured saying: " + ex.Message + " Please contact your system administrator.";
}
}
/// <summary>
/// Resets password as long as there is a request for this account made within the last 15 mins.
/// </summary>
protected void Reset_Click(object sender, EventArgs e)
{
try
{
lastRequested = PasswordResetRequest.GetLastRequestedTime(accountType, accountID);
bool updatePassword = true;
bool resetByEmail;
resetByEmail = Convert.ToBoolean(Request.QueryString["ResetByEmail"]);
if (resetByEmail == true)
{
if (Variables.CheckPasswordValid(passwordTxt.Text) != true)
{
updatePassword = false;
ErrorMessage.Text = "Passwords must contain at least 1 upper case letter, 1 lower case letter" +
", 1 number or special character and be at least 6 characters in length";
}
if (lastRequested == null)
{
updatePassword = false;
ErrorMessage.Text = "This request is out of date, please make another password reset request and try again";
}
}
if (updatePassword == true)
{
string hashedPassword = PasswordHash.CreateHash(passwordTxt.Text);
UserAccess.UpdateAccess(accountType, accountID, hashedPassword);
Response.Redirect("~/Account/InformUser.aspx?InfoString=Password+has+been+changed.", false);
}
}
catch (Exception ex)
{
ErrorMessage.Text = "An error has occured saying: " + ex.Message + " Please contact your system administrator.";
}
}
/// <summary>
/// Registers a new company assuming all the fields are entered correctly.
/// </summary>
protected void CreateUser_Click(object sender, EventArgs e)
{
try
{
string userName, surname, forename, title, licenseNo, companyName, phoneNo, mobileNo, emailAddress;
bool insertCustomer = true; //boolean to check all fields are entered correctly
long companyID;
DateTime issueDate, expirationDate, dateOfBirth;
#region customerCheck
if (companyDdl.SelectedValue != "")
{
companyID = Convert.ToInt32(companyDdl.SelectedValue.Split(',')[0]);
companyName = companyDdl.SelectedValue.Split(',')[1];
}
else
{
companyID = 0;
companyName = "";
}
if (userNameTxt.Text != "")
{
userName = userNameTxt.Text;
}
else
{
userName = "";
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a user name.";
}
if (Variables.CheckAlphabetCharacters(surnameTxt.Text) && surnameTxt.Text != "")
{
surname = surnameTxt.Text;
}
else
{
surname = "";
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a surname with only letters.";
}
if (Variables.CheckAlphabetCharacters(forenameTxt.Text) && forenameTxt.Text != "")
{
forename = forenameTxt.Text;
}
else
{
forename = "";
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a forename with only letters.";
}
if (titleDdl.SelectedValue != "Title")
{
title = titleDdl.SelectedValue;
}
else
{
title = "";
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a title.";
}
if (Variables.CheckAlphaNumericCharacters(licenseNoTxt.Text) && licenseNoTxt.Text != "")
{
licenseNo = licenseNoTxt.Text;
}
else
{
licenseNo = "";
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a valid driving license number.";
}
if (issueDaysDdl.SelectedValue != "" && issueMonthsDdl.SelectedValue != "" && issueYearsDdl.SelectedValue != "")
{
issueDate = Convert.ToDateTime(issueDaysDdl.SelectedValue + "/" + issueMonthsDdl.SelectedValue + "/" + issueYearsDdl.SelectedValue);
}
else
{
issueDate = DateTime.Now;
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter an issue date for your license.";
}
if (expirationDaysDdl.SelectedValue != "" && expirationMonthsDdl.SelectedValue != "" && expirationYearsDdl.SelectedValue != "")
{
expirationDate = Convert.ToDateTime(expirationDaysDdl.SelectedValue + "/" + expirationMonthsDdl.SelectedValue + "/" + expirationYearsDdl.SelectedValue);
}
else
{
expirationDate = DateTime.Now;
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter an expiration date for your license.";
}
if (dateOfBirthDaysDdl.SelectedValue != "" && dateOfBirthMonthsDdl.SelectedValue != "" && dateOfBirthYearsDdl.SelectedValue != "")
{
dateOfBirth = Convert.ToDateTime(dateOfBirthDaysDdl.SelectedValue + "/" + dateOfBirthMonthsDdl.SelectedValue + "/" + dateOfBirthYearsDdl.SelectedValue);
}
else
{
dateOfBirth = DateTime.Now;
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter an date of birth";
}
phoneNo = Request["phoneNoTxt"];
if (phoneNo == "")
{
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a phone no.";
}
mobileNo = Request["mobileNoTxt"];
if (emailAddressTxt.Text != "")
{
emailAddress = emailAddressTxt.Text;
}
else
{
emailAddress = "";
insertCustomer = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a email address.";
}
if (Variables.CheckPasswordValid(passwordTxt.Text) != true)
{
insertCustomer = false;
ErrorMessage.Text = "Passwords must contain at least 1 upper case letter, 1 lower case letter" +
", 1 number or special character and be at least 6 characters in length";
}
#endregion
if (insertCustomer == true)
{
string passwordEncrypt;
List <CustomerManager> customers = CustomerManager.GetCustomers();
passwordEncrypt = PasswordHash.CreateHash(passwordTxt.Text);
if (customers.Where(x => x.UserName.Equals(userName, StringComparison.OrdinalIgnoreCase)).ToList().Count <= 0)
{
CustomerManager.AddNewCustomer(companyID, userName, surname, forename, title, licenseNo, issueDate, expirationDate,
dateOfBirth, phoneNo, mobileNo, emailAddress, passwordEncrypt);
customerSavedLbl.Text = "Save successful";
CustomerManager customer = CustomerManager.GetCustomers().Where(x => x.UserName.Equals(userName, StringComparison.OrdinalIgnoreCase)).SingleOrDefault();
Session["LoggedInType"] = "Customer";
Session["UserName"] = userName;
Session["UserID"] = customer.CustomerID;
//Return to the home page
Response.Redirect("~/", false);
}
else
{
inputErrorLbl.Text = "An account with that username already exists. Please enter a different one.";
}
}
}
catch (Exception ex)
{
generalErrorLbl.Text = "An error has occured saying: " + ex.Message + " Please contact your system administrator.";
}
}
/// <summary>
/// Adds a new company checking all fields have been entered correctly.
/// </summary>
protected void CreateUser_Click(object sender, EventArgs e)
{
try
{
string userName, companyName, companyDescription, licensingDetails, phoneNo, emailAddress;
bool insertCompany = true; //boolean to check all fields are entered correctly
#region companyCheck
if (userNameTxt.Text != "")
{
userName = userNameTxt.Text;
}
else
{
userName = "";
insertCompany = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a user name.";
}
if (companyNameTxt.Text != "")
{
companyName = companyNameTxt.Text;
}
else
{
companyName = "";
insertCompany = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a company name.";
}
phoneNo = Request["phoneNoTxt"];
if (phoneNo == "")
{
insertCompany = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a phone no.";
}
if (emailAddressTxt.Text != "")
{
emailAddress = emailAddressTxt.Text;
}
else
{
emailAddress = "";
insertCompany = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a email address.";
}
if (licensingDetailsTxt.Text != "")
{
licensingDetails = licensingDetailsTxt.Text;
}
else
{
licensingDetails = "";
insertCompany = false;
inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter licensing details.";
}
companyDescription = companyDescriptionTxt.Text;
//addressLine1 = addressLine1Txt.Text;
//addressLine2 = addressLine2Txt.Text;
//addressLine3 = addressLine3Txt.Text;
//addressLine4 = addressLine4Txt.Text;
//if (Variables.CheckAlphaNumericCharacters(cityTxt.Text) && cityTxt.Text != "")
//{
// city = cityTxt.Text;
//}
//else
//{
// city = "";
// insertCompany = false;
// inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a valid city.";
//}
//if (Variables.CheckAlphaNumericCharacters(zipOrPostcodeTxt.Text) == true && zipOrPostcodeTxt.Text != "")
//{
// zipOrPostcode = zipOrPostcodeTxt.Text;
//}
//else
//{
// zipOrPostcode = "";
// insertCompany = false;
// inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Invalid zip or postcode.";
//}
//countyStateProvince = countyStateProvinceTxt.Text;
//if (Request["countryDdl"] == "")
//{
// insertCompany = false;
// inputErrorLbl.Text = inputErrorLbl.Text + "<br />" + "Please enter a country.";
//}
//otherAddressDetails = otherAddressDetailsTxt.Text;
if (Variables.CheckPasswordValid(passwordTxt.Text) != true)
{
insertCompany = false;
ErrorMessage.Text = "Passwords must contain at least 1 upper case letter, 1 lower case letter" +
", 1 number or special character and be at least 6 characters in length";
}
#endregion
if (insertCompany == true)
{
string passwordEncrypt;
List <CompanyManager> companies = CompanyManager.GetCompanies();
passwordEncrypt = PasswordHash.CreateHash(passwordTxt.Text);
if (companies.Where(x => x.UserName.Equals(userName, StringComparison.OrdinalIgnoreCase)).ToList().Count <= 0)
{
CompanyManager.AddNewCompany(userName, companyName, companyDescription, licensingDetails, phoneNo, emailAddress, passwordEncrypt);
companySavedLbl.Text = "Save successful";
CompanyManager company = CompanyManager.GetCompanies().Where(x => x.UserName.Equals(userName, StringComparison.OrdinalIgnoreCase)).SingleOrDefault();
Session["LoggedInType"] = "Company";
Session["UserName"] = userName;
Session["UserID"] = company.CompanyID;
//Return to the home page
Response.Redirect("~/", false);
}
else
{
inputErrorLbl.Text = "An account with that username already exists. Please enter a different one.";
}
}
}
catch (Exception ex)
{
generalErrorLbl.Text = "An error has occured saying: " + ex.Message + " Please contact your system administrator.";
}
}