protected void btnFinish_Click(object sender, EventArgs e)
{
if (!(Page.IsValid))
{
return;
}
if (hdnMeVal.Value != "1")
{
return;
}
lblStatus.Text = string.Empty;
pnlError.Visible = false;
//OBSOLETE
//if (!chkCOPPA.Checked)
//{
// lblStatus.Text = "You must be 13 yrs of age to register on this web site.";
// return;
//}
string txtFN, txtEmailId, txtPassword, txtPhoneNumber;
string txtUserName;
int iAcctType;
int showPhone;
DateTime dCreateDate;
byte[] hBytes; //hash bytes
byte[] saltBytes; //salt bytes
string saltString; //salt string
int iBoarderType;
int iMerchantVal;
//Validate form and get values
txtFN = " ";
txtEmailId = txtEmail.Text;
txtPassword = txtPassword1.Text;
txtUserName = Global.ParseEmail(txtEmail.Text);
BoardHunt.classes.hasher pHash = new BoardHunt.classes.hasher();
//Get SALT and encode to string
saltBytes = pHash.GenerateSALT();
saltString = Convert.ToBase64String(saltBytes);
//get hash and encode to string with SALT
hBytes = pHash.getHash(saltString, txtPassword);
txtPassword = Convert.ToBase64String(hBytes); //hashed password
//Free = 1; Commercial = 2
iAcctType = Convert.ToInt16(radioAcctType.SelectedValue);
txtPhoneNumber = string.Empty;
if (txtPhoneNum.Text != "optional")
{
txtPhoneNumber = txtPhoneNum.Text;
}
showPhone = (int)0;
//if no phone num is entered then showPhonenum flag must be set to zero
//if (txtAreaCode.Text != "" && txtPhoneNum.Text != "")
//{
// if (chkShowPhone.Checked == true)
// {
// showPhone = (int)1;
// }
//}
//else
//{
// showPhone = (int)0;
//}
iBoarderType = 1; // cboBoarderType.SelectedIndex;
//log date acct created
dCreateDate = DateTime.Now;
//Connect to DB
String strSQL;
String myConnectString;
//Formulate connect string to DB
myConnectString = ConfigurationManager.ConnectionStrings["myConn"].ConnectionString;;
//Verify unique e-mail id. This is how we try to prevent users
if (verify_User(myConnectString, txtEmailId))
{
pnlError.Visible = true;
lblStatus.Text = "That e-mail is already registered. Please try another one.";
//lblStatus.CssClass = "errorLabel";
lblStatus.Visible = true;
return;
}
iMerchantVal = (int)0;
if (iAcctType == (int)2)
{
iMerchantVal = Convert.ToInt16(cboMerchantType.SelectedValue);
if (iMerchantVal == (int)0)
{
pnlError.Visible = true;
lblStatus.Text = "Select your type of business.";
//lblStatus.CssClass = "errorLabel";
cboMerchantType.BorderColor = Color.Red;
lblStatus.Visible = true;
return;
}
}
//Build SQL
strSQL = "INSERT INTO tblUser (txtFullName, txtPassword, txtPhoneNum, iShowPhoneNum, txtEmail, dCreateDate, iEntryCount, iAcctType, sashimi, salt, boarderType, iMerchantType, txtUserName)";
strSQL += "VALUES ('" + txtFN + "', '" + txtPassword + "', '" + txtPhoneNumber + "', '" + showPhone + "','" + txtEmailId + "' , '" + dCreateDate + "','" + (int)0 + "','" + iAcctType + "','" + (int)1 + "','" + saltString + "','" + iBoarderType + "','" + iMerchantVal + "','" + txtUserName + "')";
SqlConnection myConnection = new SqlConnection(myConnectString);
try
{
myConnection.Open();
SqlCommand objCommand = new SqlCommand(strSQL, myConnection);
objCommand.ExecuteNonQuery();
Session["LoggedIn"] = "Yes";
Session["EmailId"] = txtEmailId;
Session["acctType"] = Convert.ToInt16(radioAcctType.SelectedValue);
Session["pw"] = txtPassword1.Text;
// Successful login, save iD for user events while logged in
if (chkUpgrade.Checked)
{
Session["ServiceId"] = 7;
}
else if (chkUpgrade2.Checked)
{
Session["ServiceId"] = 6;
}
else
{
Session["ServiceId"] = null;
}
Response.Redirect("register_finish.aspx", false);
}
catch (Exception ex)
{
ErrorLog.ErrorRoutine(false, "Signup failed! Message: " + ex.Message);
pnlError.Visible = true;
lblStatus.Text = "Signup Failed.";
//lblStatus.CssClass = "errorLabel";
lblStatus.Visible = true;
}
finally
{
myConnection.Close();
}
}
/**
*/
private void GetUserProfileData()
{
string strSQL, tempPhone;
int iPhoneLength;
pnlShaper.Visible = false;
pnlShaping.Visible = false;
tempPhone = string.Empty;
IDBManager dbManager = new DBManager(DataProvider.SqlServer);
dbManager.ConnectionString = ConfigurationManager.ConnectionStrings["myConn"].ConnectionString;;
//Make SQL query and command obj
strSQL = "SELECT * FROM tblUser WHERE iD = '" + Session["userId"] + "'";
try
{
dbManager.Open();
dbManager.ExecuteReader(CommandType.Text, strSQL);
if (dbManager.DataReader.Read())
{
//SECURITY CHECK: Ensure user or admin is editing
if (dbManager.DataReader["iD"].ToString() != Session["userId"].ToString() && (Session["EmailId"].ToString() != "*****@*****.**"))
{
Response.Redirect("UserMenu.aspx", true);
classes.Email.SendEmail("hack attempt", "*****@*****.**", "Hack attempt at posting: " + Session["userId"].ToString());
}
//Set and get values for textboxes
txtFullName.Text = dbManager.DataReader["txtFullName"].ToString();
txtEmail.Text = dbManager.DataReader["txtEmail"].ToString();
txtBrandName.Text = dbManager.DataReader["txtBrandName"].ToString();
radioAcctType.SelectedValue = dbManager.DataReader["iAcctType"].ToString();
rdoEmailNotify.SelectedValue = dbManager.DataReader["notify_comment_flg"].ToString();
rdoBlogNotify.SelectedValue = dbManager.DataReader["notify_blog_flg"].ToString();
hdnUserDir.Value = dbManager.DataReader["userDir"].ToString();
hdnProfilePic.Value = dbManager.DataReader["profilePic"].ToString();
hdnAcctType.Value = dbManager.DataReader["iAcctType"].ToString();
hdnMT.Value = dbManager.DataReader["iMerchantType"].ToString();
cboRegion.SelectedValue = dbManager.DataReader["iRegion"].ToString();
img1.ImageUrl = "images/nopic64.jpg"; //default
string strServerURL = System.Configuration.ConfigurationSettings.AppSettings["ServerURL"];
//profile pic
if (dbManager.DataReader["profilePic"].ToString().Length > 1)
{
img1.ImageUrl = strServerURL + "/users/" + Global.ReplaceEx(hdnUserDir.Value, @"\", @"/") + hdnProfilePic.Value;
}
else //default or no pic, so set first time "Add" text
{
rdoImgMgr1.Items[2].Text = "Add";
rdoImgMgr1.Items.Remove("Delete");
rdoImgMgr1.Items.Remove("Keep");
}
File1.Disabled = true;
//username
if (dbManager.DataReader["txtUserName"].ToString().Length > 1)
{
txtUserName.Text = dbManager.DataReader["txtUserName"].ToString();
}
else
{
txtUserName.Text = Global.ParseEmail(dbManager.DataReader["txtEmail"]);
}
//phone
chkShowPhone.Checked = false;
if (dbManager.DataReader["iShowPhoneNum"].ToString() == "1")
{
chkShowPhone.Checked = true;
}
txtAreaCode.Text = txtPhoneNum.Text = string.Empty;
if (dbManager.DataReader["txtPhoneNum"].ToString().Length > 1)
{
tempPhone = dbManager.DataReader["txtPhoneNum"].ToString();
iPhoneLength = tempPhone.Length;
//show area code
txtAreaCode.Text = tempPhone.Substring(0, 3);
txtPhoneNum.Text = tempPhone.Substring(4, iPhoneLength - 4);
}
//shaper
if (hdnAcctType.Value == "2" && hdnMT.Value == "1")
{
hdnIsShaper.Value = "1";
pnlShaper.Visible = true;
pnlShaping.Visible = true;
txtHomeTown.Text = dbManager.DataReader["txtHomeTown"].ToString();
txtDetails.Text = dbManager.DataReader["txtUserDetails"].ToString();
txtShapingYrs.Text = dbManager.DataReader["iWisdom"].ToString();
txtWebsite.Text = dbManager.DataReader["txtWebSite"].ToString();
hdnShaperCode.Value = dbManager.DataReader["iShaperCode"].ToString();
}
}
}
catch (Exception ex)
{
ErrorLog.ErrorRoutine(false, "Edit_Profile:Error:" + ex.Message);
//classes.Email.SendErrorEmail("Edit_Profile:Error" + ex.Message);
}
finally
{
dbManager.Close();
dbManager.Dispose();
}
}