public bool UpdatePassword(string userid, string newpass)
{
NallCrypt nc = new NallCrypt();
bool success = false;
using (SqlConnection sqlCon = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["KatKeep"].ConnectionString))
{
string query = "UPDATE KatKeep_Login SET pword=@password WHERE id=@userid";
using (SqlCommand cmd = new SqlCommand(query, sqlCon))
{
cmd.Parameters.AddWithValue("@userid", userid);
cmd.Parameters.AddWithValue("@password", nc.Encrypt(newpass));
try
{
sqlCon.Open();
cmd.ExecuteNonQuery();
success = true;
}
catch (Exception ex)
{
success = false;
}
}
}
return(success);
}
protected void btnAddNewUser_Click(object sender, EventArgs e)
{
string query = "INSERT INTO KatKeep_Login (uname, pword, email, firstname, lastname) VALUES (@username, @password, @email, @firstname, @lastname)";
using (SqlConnection sqlCon = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["KatKeep"].ConnectionString))
{
NallCrypt nc = new NallCrypt();
using (SqlCommand cmd = new SqlCommand(query, sqlCon))
{
try
{
sqlCon.Open();
cmd.Parameters.AddWithValue("@username", tbUsername.Text);
cmd.Parameters.AddWithValue("@password", nc.Encrypt(tbPassword.Text));
cmd.Parameters.AddWithValue("@email", tbEmail.Text);
cmd.Parameters.AddWithValue("@firstname", tbFirstName.Text);
cmd.Parameters.AddWithValue("@lastname", tbLastName.Text);
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
}
tbUsername.Text = string.Empty;
tbPassword.Text = string.Empty;
tbEmail.Text = string.Empty;
tbFirstName.Text = string.Empty;
tbLastName.Text = string.Empty;
fillDropDownList();
}
}
}
public bool CheckLogin(string username, string password)
{
NallCrypt nc = new NallCrypt();
string name = "";
string query = "SELECT * FROM KatKeep_Login WHERE uname=@name AND pword=@pass";
using (SqlConnection sqlCon = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["KatKeep"].ConnectionString))
{
using (SqlCommand cmd = new SqlCommand(query, sqlCon))
{
cmd.Parameters.AddWithValue("@name", username);
cmd.Parameters.AddWithValue("@pass", nc.Encrypt(password));
try
{
sqlCon.Open();
SqlDataAdapter sda = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
sda.Fill(dt);
{
foreach (DataRow row in dt.Rows)
{
Session["userid"] = row[0].ToString();
Session["username"] = row[1].ToString();
Session["useremail"] = row[3].ToString();
Session["firstname"] = row[4].ToString();
Session["lastname"] = row[5].ToString();
}
if (Session["userid"].ToString() != "")
{
lblMessage.Text = "User " + Session["firstname"] + " logged in.";
return(true);
}
else
{
lblMessage.Text = "User " + username + " not found.";
Session["username"] = "";
return(false);
}
}
}
catch (Exception ex)
{
lblMessage.Text = "User " + username + " not found.";
Session["username"] = "";
return(false);
}
}
}
}
public void resetPassword()
{
string query = "UPDATE KatKeep_Login SET pword=@pword where uname=@uname";
string temppass = "";
using (SqlConnection sqlCon = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["KatKeep"].ConnectionString))
{
NallCrypt nc = new NallCrypt();
using (SqlCommand cmd = new SqlCommand(query, sqlCon))
{
Random r = new Random();
int num1 = r.Next(100, 500);
int num2 = r.Next(501, 999);
char[] ckr = "$%#@!*abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ^&".ToCharArray();
Random n = new Random();
temppass = ckr[n.Next(0, 59)].ToString() + ckr[n.Next(0, 59)] + ckr[n.Next(0, 59)] + num1 + ckr[n.Next(0, 59)] + ckr[n.Next(0, 59)] + ckr[n.Next(0, 59)] + num2;
try
{
sqlCon.Open();
cmd.Parameters.AddWithValue("@uname", ddlResetUser.Text);
cmd.Parameters.AddWithValue("@pword", nc.Encrypt(temppass));
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
}
//send email to user
sendDeadlyEmail(ddlResetUser.SelectedValue.ToString(), temppass, getUserEmailAddress(ddlResetUser.Text));
tbUsername.Text = string.Empty;
tbPassword.Text = string.Empty;
tbEmail.Text = string.Empty;
tbFirstName.Text = string.Empty;
tbLastName.Text = string.Empty;
}
}
}
protected void btnAdd_Click(object sender, EventArgs e)
{
string query = "INSERT INTO KatKeep_Sites (site_name, site_url, site_uname, site_pword, site_notes, user_id) VALUES (@site, @url, @username, @password, @notes, @userid)";
List <String> columnData = new List <String>();
string url = tbNewSiteUrl.Text;
string htext = url.Substring(0, 7);
if (htext != "http://")
{
url = "http://" + url;
}
using (SqlConnection sqlCon = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["KatKeep"].ConnectionString))
{
using (SqlCommand cmd = new SqlCommand(query, sqlCon))
{
try
{
NallCrypt nc = new NallCrypt();
sqlCon.Open();
cmd.Parameters.AddWithValue("@site", tbNewSiteName.Text);
cmd.Parameters.AddWithValue("@url", url);
cmd.Parameters.AddWithValue("@username", tbNewSiteUsername.Text);
cmd.Parameters.AddWithValue("@password", nc.Encrypt(tbNewSitePassword.Text));
cmd.Parameters.AddWithValue("@notes", tbNewSiteNotes.Text);
cmd.Parameters.AddWithValue("@userid", Session["userid"]);
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
}
tbNewSiteName.Text = string.Empty;
tbNewSiteNotes.Text = string.Empty;
tbNewSitePassword.Text = string.Empty;
tbNewSiteUrl.Text = string.Empty;
tbNewSiteUsername.Text = string.Empty;
fillDropDownList();
}
}
}
public bool CheckPass(string unencrypted_password, string userid)
{
NallCrypt nc = new NallCrypt();
bool match = false;
using (SqlConnection sqlCon = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["KatKeep"].ConnectionString))
{
string query = "SELECT pword from KatKeep_Login WHERE id=@userid";
using (SqlCommand cmd = new SqlCommand(query, sqlCon))
{
cmd.Parameters.AddWithValue("@userid", userid);
try
{
sqlCon.Open();
var result = cmd.ExecuteScalar();
if (result != null)
{
if (nc.Decrypt(result.ToString()) == unencrypted_password)
{
match = true;
}
else
{
match = false;
}
}
}
catch (Exception ex)
{
match = false;
}
}
}
return(match);
}
protected void btnGet_Click(object sender, EventArgs e)
{
string query = "SELECT * FROM KatKeep_Sites WHERE site_name = @sitename AND user_id = @userid";
DataTable dt = new DataTable();
using (SqlConnection sqlCon = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["KatKeep"].ConnectionString))
{
using (SqlCommand cmd = new SqlCommand(query, sqlCon))
{
try
{
sqlCon.Open();
cmd.Parameters.AddWithValue("@sitename", ddlSites.SelectedValue.ToString());
cmd.Parameters.AddWithValue("@userid", Session["userid"]);
using (SqlDataAdapter a = new SqlDataAdapter(cmd))
{
a.Fill(dt);
}
}
catch (Exception ex)
{
lblNotes.Text = "SITE NOT FOUND!";
}
NallCrypt nc = new NallCrypt();
foreach (DataRow row in dt.Rows)
{
lblSiteName.Text = row[1].ToString();
hlSiteUrl.NavigateUrl = row[2].ToString();
hlSiteUrl.Text = row[2].ToString();
lblUsername.Text = row[3].ToString();
lblPassword.Text = nc.Decrypt(row[4].ToString());
lblNotes.Text = row[5].ToString();
}
}
}
}
protected void btnEncDec_Click(object sender, EventArgs e)
{
string plaintext;
string encryptedtext;
NallCrypt nc = new NallCrypt();
if (tbEncrypted.Text != "") //encrypted to text
{
plaintext = nc.Decrypt(tbEncrypted.Text);
if (plaintext == "")
{
DisplayUserMessage("Error!", "An error has occurred...", "Text failed to decrypt. Bad encryption string.");
}
else
{
DisplayUserMessage("Information", "Your decrypted string", "The text was able to decrypt successfully. The decrypted text is: <span style=\"color: red;\">" + plaintext + "</span>.");
}
}
else //text to encrypted
{
encryptedtext = nc.Encrypt(tbDecrypted.Text);
DisplayUserMessage("Information", "Encryption", "The text was able to encrypt successfully. The encrypted text is: <span style=\"color: red;\">" + encryptedtext + "</span>.");
}
}
