protected void resetPwd_Click(object sender, EventArgs e) { string userEmail; string resetString; DataAccessLayer dao = new DataAccessLayer(); try { if (!String.IsNullOrEmpty(Request.QueryString["resetID"]) && !String.IsNullOrEmpty(Request.QueryString["userID"])) { // Query string value is there so now use it resetString = Request.QueryString["resetID"].ToString(); userEmail = Request.QueryString["userID"].ToString(); if (dao.checkResetStringExists(resetString, userEmail) == true) { string password = txtPassword.Text; byte[] bytePassword = System.Text.ASCIIEncoding.ASCII.GetBytes(password); System.Security.Cryptography.HashAlgorithm hashAlgorithm; if (userEmail.Length % 3 == 0) { hashAlgorithm = SHA256.Create(); } else if (userEmail.Length % 3 == 1) { hashAlgorithm = SHA512.Create(); } else { hashAlgorithm = SHA1.Create(); } byte[] byteHashPassword = hashAlgorithm.ComputeHash(bytePassword); string encryptedPassword = Convert.ToBase64String(byteHashPassword); dao.UpdateUserPassword(encryptedPassword, userEmail); responseReset.Text = "Password Updated Successfully"; } } } catch (System.NullReferenceException r) { //exception handling } }
protected void userUpdate_Click(object sender, EventArgs e) { DataAccessLayer dao = new DataAccessLayer(); string responseMessage = null; string name = txtName.Text; string email = txtEmail.Text; string phone = txtPhone.Text; string fbUrl = userFBlink.Text; string linkedinURL = userLinkedinLink.Text; string twitterURL = userTwitterLink.Text; string skypeURL = userSkypeLink.Text; string pass = userConfirmPass.Text; string description = txtDescription.InnerText; string applicationPath = Constants.path; if ((FileUpload1.PostedFile != null) && (FileUpload1.PostedFile.ContentLength > 0)) { string imageName = System.IO.Path.GetFileName(FileUpload1.PostedFile.FileName); string location = applicationPath + "userassets" + @"\" + email; if (!Directory.Exists(location)) { Directory.CreateDirectory(location); } string SaveLocation = location + "\\" + imageName; try { FileUpload1.PostedFile.SaveAs(SaveLocation); FileUploadStatus.Text = "The file has been uploaded."; dao.UpdateProfilePicture(imageName, email); } catch (Exception ex) { FileUploadStatus.Text = "Error: " + ex.Message; } } else { FileUploadStatus.Text = "Please select a file to upload."; } if (pass != "") { byte[] bytePassword = System.Text.ASCIIEncoding.ASCII.GetBytes(pass); System.Security.Cryptography.HashAlgorithm hashAlgorithm; if (email.Length % 3 == 0) { hashAlgorithm = SHA256.Create(); } else if (email.Length % 3 == 1) { hashAlgorithm = SHA512.Create(); } else { hashAlgorithm = SHA1.Create(); } byte[] byteHashPassword = hashAlgorithm.ComputeHash(bytePassword); string encryptedPassword = Convert.ToBase64String(byteHashPassword); dao.UpdateUserPassword(encryptedPassword, email); } if (dao.UpdateUser(name, email, phone, fbUrl, linkedinURL, twitterURL, skypeURL, description) == true) { responseMessage = "User details updated"; respMessage.Text = responseMessage; } else { Console.WriteLine("Error"); } }