protected void Login_Click(object sender, EventArgs e)
{
EESSUser user = null;
Session.Clear();
HROne.DataAccess.DatabaseConnection mainDBConn = null;
HROne.SaaS.Entities.ECompanyDatabase companyDB = null;
bool hasError = false;
string message = string.Empty;
// always check whether companyDB exists after click
if (Application["MasterDBConfig"] != null)
{
DatabaseConfig masterDBConfig = (DatabaseConfig)Application["MasterDBConfig"];
HROne.DataAccess.DatabaseConnection masterDBConn = masterDBConfig.CreateDatabaseConnectionObject();
DBFilter companyDatabaseFilter = new DBFilter();
companyDatabaseFilter.add(new Match("CompanyDBClientCode", txtCustomerID.Text));
ArrayList companyDatabaseList = HROne.SaaS.Entities.ECompanyDatabase.db.select(masterDBConn, companyDatabaseFilter);
if (companyDatabaseList.Count > 0)
{
companyDB = (HROne.SaaS.Entities.ECompanyDatabase)companyDatabaseList[0];
DatabaseConfig tempDBConfig = new DatabaseConfig();
tempDBConfig.ConnectionString = companyDB.getConnectionString(masterDBConn);
tempDBConfig.DBType = WebUtils.DBTypeEmun.MSSQL;
if (tempDBConfig.TestConnection())
{
mainDBConn = tempDBConfig.CreateDatabaseConnectionObject();
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTKEY, companyDB.CompanyDBProductKey);
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTFEATURECODE, companyDB.getProductFeatureCode(masterDBConn));
string[] smtpParameterList = new string[]
{
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SERVER_NAME,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PORT,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_USERNAME,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_ENABLE_SSL,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SMTP_OUTGOING_EMAIL_ADDRESS
};
foreach (string smptParameter in smtpParameterList)
{
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, smptParameter, ESystemParameter.getParameter(masterDBConn, smptParameter));
}
HROne.Lib.Entities.ESystemParameter.setParameterWithEncryption(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD
, HROne.SaaS.Entities.ESystemParameter.getParameterWithEncryption(masterDBConn, HROne.SaaS.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD));
}
else
{
if (HROne.DataAccess.DBAESEncryptStringFieldAttribute.InvalidRSAKey)
{
HttpRuntime.UnloadAppDomain();
}
}
}
}
else
{
mainDBConn = WebUtils.GetDatabaseConnection();
if (mainDBConn == null)
{
if (multiDBRow.Visible)
{
int idx;
if (int.TryParse(cboDatabase.SelectedValue, out idx))
{
HROneConfig config = HROneConfig.GetCurrentHROneConfig();
DatabaseConfig dbconfig = config.DatabaseConfigList[idx];
if (dbconfig.TestConnection())
{
mainDBConn = dbconfig.CreateDatabaseConnectionObject();
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"Fail to connect database\");", true);
return;
}
}
}
}
}
if (mainDBConn != null)
{
WebUtils.SetSessionDatabaseConnection(Session, mainDBConn);
}
HROne.ProductLicense productLicense = WebUtils.productLicense(Session);
if (productLicense != null)
{
if (companyDB == null && productLicense.ProductType == HROne.ProductLicense.ProductLicenseType.HROneSaaS)
{
productLicense.LoadProductKey(string.Empty);
}
}
if (mainDBConn == null && companyDB != null)
{
hasError = true;
message = "Fail to connect to database. Please contact to customer service.";
}
if (!hasError)
{
bool ChangePassword = false;
try
{
WebUtils.ValidateUser(mainDBConn, Username.Text, HROne.CommonLib.Hash.PasswordHash(Password.Text), true, out ChangePassword, out user);
}
catch (Exception ex)
{
hasError = true;
message = ex.Message;
}
// copy from GAP customization, checking Active Directory ID
if (user != null)
{
DBFilter ADIDFilter = new DBFilter();
ADIDFilter.add(new Match("EmpExtraFieldName", "AD ID"));
DBFilter ADIDValueFilter = new DBFilter();
ADIDValueFilter.add(new IN("EmpExtraFieldID", "Select EmpExtraFieldID from " + EEmpExtraField.db.dbclass.tableName, ADIDFilter));
ADIDValueFilter.add(new Match("EmpID", user.EmpID));
ArrayList ADIDList = EEmpExtraFieldValue.db.select(dbConn, ADIDValueFilter);
if (ADIDList.Count > 0)
{
string remoteUser = Request.ServerVariables["REMOTE_USER"].Trim();
string ADID = ((EEmpExtraFieldValue)ADIDList[0]).EmpExtraFieldValue.Trim();
if (!remoteUser.Equals(ADID, StringComparison.CurrentCultureIgnoreCase) && !remoteUser.EndsWith("\\" + ADID, StringComparison.CurrentCultureIgnoreCase) && !remoteUser.EndsWith("/" + ADID, StringComparison.CurrentCultureIgnoreCase))
{
hasError = true;
message = "This PC is not logged with your network ID!";
}
}
}
if (companyDB != null && !hasError)
{
if (!companyDB.CompanyDBIsActive)
{
hasError = true;
message = "Subscribed service has been expired; please contact customer service hotline for assistant.";
}
if (!productLicense.IsESS)
{
hasError = true;
message = "You are NOT subscribed the service.";
}
}
if (!hasError)
{
HROne.Lib.Entities.EESSLoginAudit.CreateLoginAudit(mainDBConn, user.EmpID, Username.Text, Request, AppUtils.ServerDateTime(), false, string.Empty);
// ADD the Session "User" Value is user
Session["User"] = user;
if (ChangePassword)
{
Session.Add("ForceChangePassword", true);
}
WebUtils.SetSessionLanguage(Session, user);
HROne.Common.WebUtility.RedirectURLwithEncryptedQueryString(Response, Session, "~/Default.aspx?LastURL=" + DecryptedRequest["LastURL"]);
}
}
// Remove all item for release session
Session.Clear();
Request.Cookies.Remove(HROne.Common.WebUtility.getDefaultSessionCookieName());
//if (companyDB != null)
//{
// Session.Remove("DatabaseConnection");
//}
{
if (user != null)
{
HROne.Lib.Entities.EESSLoginAudit.CreateLoginAudit(mainDBConn, user.EmpID, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
}
else
{
HROne.Lib.Entities.EESSLoginAudit.CreateLoginAudit(mainDBConn, 0, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
}
//message = message.Replace("\\", "\\\\").Replace("\r", "\\r").Replace("\n", "\\n").Replace("\"", "\\\"");
//message = message.Replace(HROne.Common.WebUtility.GetLocalizedString("validate.prompt"), "");
//ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"" + message + "\");", true);
Prompt.Text = message;
System.Threading.Thread.Sleep(1000);
}
}
//public bool ValidateUser(string username, string encryptedPassword)
//{
// string message = string.Empty;
// DBFilter filter = new DBFilter();
// filter.add(new Match("LoginID", username));
// filter.add(new Match("UserAccountStatus", "<>", "D"));
// ArrayList list = EUser.db.select(dbConn, filter);
// if (list.Count == 0)
// {
// message = "Invalid User Name or Password";
// throw new Exception(message);
// return;
// }
// EUser user = (EUser)list[0];
// if (user.UserPassword == null)
// user.UserPassword = "";
// if (!(user.UserAccountStatus == "A"))
// {
// message = "Account is Inactive/Locked";
// throw new Exception(message);
// return;
// }
// if (!user.UserPassword.Equals(encryptedPassword))
// {
// message = "Invalid User Name or Password";
// user.FailCount++;
// string maxFailCountParameterString = ESystemParameter.getParameter(ESystemParameter.PARAM_CODE_LOGIN_MAX_FAIL_COUNT);
// if (!maxFailCountParameterString.Equals(string.Empty))
// {
// int MaxFailCount = 0;
// if (int.TryParse(maxFailCountParameterString, out MaxFailCount))
// if (MaxFailCount > 0)
// if (user.FailCount >= MaxFailCount)
// {
// user.UserAccountStatus = "I";
// user.FailCount = 0;
// }
// else if (user.FailCount - MaxFailCount == 1)
// {
// message += "\r\n" + "The account will be locked if you fail to login 1 more time";
// }
// }
// EUser.db.update(dbConn, user);
// throw new Exception(message);
// return;
// }
// Session["User"] = user;
// WebUtils.SetSessionLanguage(Session, user);
// user.FailCount = 0;
// EUser.db.update(dbConn, user);
// //WebUtils.RefreshPermission(Session);
// bool isForceChangePassword = false;
// if (user.UserChangePasswordUnit == "D")
// {
// if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddDays(user.UserChangePasswordPeriod))
// isForceChangePassword = false;
// else
// isForceChangePassword = true;
// }
// else if (user.UserChangePasswordUnit == "M")
// {
// if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddMonths(user.UserChangePasswordPeriod))
// isForceChangePassword = false;
// else
// isForceChangePassword = true;
// }
// else if (user.UserChangePasswordUnit == "Y")
// {
// if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddYears(user.UserChangePasswordPeriod))
// isForceChangePassword = false;
// else
// isForceChangePassword = true;
// }
// else
// isForceChangePassword = false;
// if (user.UserChangePassword)
// isForceChangePassword = true;
// //EInbox.GenerateInboxMessage(user.UserID);
// if (isForceChangePassword)
// Session["ForceChangePassword"] = true;
// if (Session["LastURL"] != null)
// Response.Redirect(Session["LastURL"].ToString());
// else
// HROne.Common.WebUtility.RedirectURLwithEncryptedQueryString(Response, Session, "Emp_List.aspx");
//}
protected void Login_Click(object sender, EventArgs e)
{
HROne.Lib.Entities.EUser user = null;
Session.Clear();
HROne.DataAccess.DatabaseConnection mainDBConn = null;
HROne.SaaS.Entities.ECompanyDatabase companyDB = null;
bool hasError = false;
string message = string.Empty;
// always check whether companyDB exists after click
if (Application["MasterDBConfig"] != null)
{
DatabaseConfig masterDBConfig = (DatabaseConfig)Application["MasterDBConfig"];
HROne.DataAccess.DatabaseConnection masterDBConn = masterDBConfig.CreateDatabaseConnectionObject();
DBFilter companyDatabaseFilter = new DBFilter();
companyDatabaseFilter.add(new Match("CompanyDBClientCode", txtCustomerID.Text));
ArrayList companyDatabaseList = HROne.SaaS.Entities.ECompanyDatabase.db.select(masterDBConn, companyDatabaseFilter);
if (companyDatabaseList.Count > 0)
{
companyDB = (HROne.SaaS.Entities.ECompanyDatabase)companyDatabaseList[0];
DatabaseConfig tempDBConfig = new DatabaseConfig();
tempDBConfig.ConnectionString = companyDB.getConnectionString(masterDBConn);
tempDBConfig.DBType = WebUtils.DBTypeEmun.MSSQL;
if (tempDBConfig.TestConnection())
{
mainDBConn = tempDBConfig.CreateDatabaseConnectionObject();
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTKEY, companyDB.CompanyDBProductKey);
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTFEATURECODE, companyDB.getProductFeatureCode(masterDBConn));
string[] smtpParameterList = new string[]
{
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SERVER_NAME,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PORT,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_USERNAME,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_ENABLE_SSL,
HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SMTP_OUTGOING_EMAIL_ADDRESS
};
foreach (string smptParameter in smtpParameterList)
{
HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, smptParameter, HROne.SaaS.Entities.ESystemParameter.getParameter(masterDBConn, smptParameter));
}
HROne.Lib.Entities.ESystemParameter.setParameterWithEncryption(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD
, HROne.SaaS.Entities.ESystemParameter.getParameterWithEncryption(masterDBConn, HROne.SaaS.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD));
}
else
{
if (HROne.DataAccess.DBAESEncryptStringFieldAttribute.InvalidRSAKey)
{
HttpRuntime.UnloadAppDomain();
}
}
}
}
else
{
mainDBConn = WebUtils.GetDatabaseConnection();
if (mainDBConn == null)
{
if (multiDBRow.Visible)
{
int idx;
if (int.TryParse(cboDatabase.SelectedValue, out idx))
{
HROneConfig config = HROneConfig.GetCurrentHROneConfig();
DatabaseConfig dbconfig = config.DatabaseConfigList[idx];
if (dbconfig.TestConnection())
{
mainDBConn = dbconfig.CreateDatabaseConnectionObject();
}
else
{
ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"Fail to connect database\");", true);
return;
}
}
}
}
}
if (mainDBConn != null)
{
WebUtils.SetSessionDatabaseConnection(Session, mainDBConn);
}
HROne.ProductLicense productLicense = WebUtils.productLicense(Session);
if (productLicense != null)
{
if (companyDB == null && productLicense.ProductType == HROne.ProductLicense.ProductLicenseType.HROneSaaS)
{
productLicense.LoadProductKey(string.Empty);
}
}
if (mainDBConn == null && companyDB != null)
{
hasError = true;
message = "Fail to connect to database. Please contact to customer service.";
}
if (!hasError)
{
try
{
WebUtils.ValidateUser(mainDBConn, Username.Text, HROne.CommonLib.Hash.PasswordHash(Password.Text), true, true, out user);
}
catch (Exception ex)
{
hasError = true;
message = ex.Message;
}
// Check the database status after login is verified
if (companyDB != null && !hasError)
{
if (!companyDB.CompanyDBIsActive)
{
hasError = true;
message = "Subscribed service has been expired; please contact customer service hotline for assistant.";
}
}
if (!hasError)
{
// Create Login Audit for successfully login
HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, user.UserID, Username.Text, Request, AppUtils.ServerDateTime(), false, string.Empty);
Session["LoginID"] = user.LoginID;
Session["PasswordEncrypted"] = user.UserPassword;
if (companyDB != null)
{
Session["CompanyDBID"] = companyDB.CompanyDBID;
}
if (mainDBConn is HROne.DataAccess.DatabaseConnectionWithAudit)
{
((HROne.DataAccess.DatabaseConnectionWithAudit)mainDBConn).UserID = user.UserID;
}
WebUtils.SetSessionLanguage(Session, user);
//WebUtils.RefreshPermission(Session);
bool isForceChangePassword = false;
if (user.UserChangePasswordUnit == "D")
{
if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddDays(user.UserChangePasswordPeriod))
{
isForceChangePassword = false;
}
else
{
isForceChangePassword = true;
}
}
else if (user.UserChangePasswordUnit == "M")
{
if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddMonths(user.UserChangePasswordPeriod))
{
isForceChangePassword = false;
}
else
{
isForceChangePassword = true;
}
}
else if (user.UserChangePasswordUnit == "Y")
{
if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddYears(user.UserChangePasswordPeriod))
{
isForceChangePassword = false;
}
else
{
isForceChangePassword = true;
}
}
else
{
isForceChangePassword = false;
}
if (user.UserChangePassword)
{
isForceChangePassword = true;
}
//EInbox.GenerateInboxMessage(user.UserID);
if (isForceChangePassword)
{
Session["ForceChangePassword"] = true;
}
WebUtils.SetSessionLanguage(Session, WebUtils.GetCurUser(Session));
//RegenerateSessionId();
HROne.Lib.Entities.EInbox.DeleteAllDeletedUserID(mainDBConn);
HROne.Common.WebUtility.RedirectURLwithEncryptedQueryString(Response, Session, "~/Default.aspx?LastURL=" + DecryptedRequest["LastURL"]);
}
}
// Remove all item for release session
Session.Clear();
Request.Cookies.Remove(HROne.Common.WebUtility.getDefaultSessionCookieName());
//if (companyDB != null)
//{
// Session.Remove("DatabaseConnection");
//}
{
// Create Login Audit for fail login
if (user != null)
{
HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, user.UserID, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
}
else
{
HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, 0, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
}
message = message.Replace("\\", "\\\\").Replace("\r", "\\r").Replace("\n", "\\n").Replace("\"", "\\\"");
message = message.Replace(HROne.Common.WebUtility.GetLocalizedString("validate.prompt"), "");
ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"" + message + "\");", true);
System.Threading.Thread.Sleep(1000);
}
}
