protected void resetPwd_Click(object sender, EventArgs e)
{
string userEmail;
string resetString;
DataAccessLayer dao = new DataAccessLayer();
try
{
if (!String.IsNullOrEmpty(Request.QueryString["resetID"]) && !String.IsNullOrEmpty(Request.QueryString["userID"]))
{
// Query string value is there so now use it
resetString = Request.QueryString["resetID"].ToString();
userEmail = Request.QueryString["userID"].ToString();
if (dao.checkResetStringExists(resetString, userEmail) == true)
{
string password = txtPassword.Text;
byte[] bytePassword = System.Text.ASCIIEncoding.ASCII.GetBytes(password);
System.Security.Cryptography.HashAlgorithm hashAlgorithm;
if (userEmail.Length % 3 == 0)
{
hashAlgorithm = SHA256.Create();
}
else if (userEmail.Length % 3 == 1)
{
hashAlgorithm = SHA512.Create();
}
else
{
hashAlgorithm = SHA1.Create();
}
byte[] byteHashPassword = hashAlgorithm.ComputeHash(bytePassword);
string encryptedPassword = Convert.ToBase64String(byteHashPassword);
dao.UpdateUserPassword(encryptedPassword, userEmail);
responseReset.Text = "Password Updated Successfully";
}
}
}
catch (System.NullReferenceException r)
{
//exception handling
}
}