protected void btnCreate_User(object sender, EventArgs e)
{
// if((tbName.Text == "" || tbConNo.Text == "" || ddlUserType.SelectedValue==""|| tbEmail.Text==""))
// {
// alertWarning.Visible = true;
// msgWarning.Text = "Please ensure you have filled in all required fields";
// }
string Name = tbName.Text;
string Type = ddlUserType.SelectedItem.Value;
string Email = tbEmail.Text;
string ContactNumber = tbConNo.Text;
string Pswd = CreatePassword(8);
int Status = 1;
int CreatedBy = Convert.ToInt32(Session["userID"]);
string CreatedOn = DateTime.Now.ToString("MM/dd/yyyy h:mm tt");
int CompanyID = Convert.ToInt32(ddlCompany.SelectedValue);
if (Type == "NULL")
{
alertWarning.Visible = true;
msgWarning.Text = "Please Select User Type!";
}
else
{
if (Type == Reference.USR_MEM && CompanyID == 0)
{
alertWarning.Visible = true;
msgWarning.Text = "Please Select Company!";
}
else
{
// make a new byte array
byte[] salt;
// generate salt
new RNGCryptoServiceProvider().GetBytes(salt = new byte[16]);
// hash and salt using PBKDF2
var pbkdf2 = new Rfc2898DeriveBytes(Pswd, salt, 10000);
// place string in byte array
byte[] hash = pbkdf2.GetBytes(20);
// make new byte array to store hashed password + salt
// 36 --> 16(salt) + 20(hash)
byte[] hashbytes = new byte[36];
Array.Copy(salt, 0, hashbytes, 0, 16);
Array.Copy(hash, 0, hashbytes, 16, 20);
string PasswordHash = Convert.ToBase64String(hashbytes);
string PasswordSalt = Convert.ToBase64String(salt);
UserManagement uDao = new UserManagement();
User uObj = new User();
uObj = uDao.checkEmail(Email);
int EmailExist = 1;
if (uObj == null)
{
EmailExist = 0;
}
if (EmailExist == 0)
{
if (Type == Reference.USR_ADM)
{
Boolean insCnt = uDao.createAdmin(Name, Email, ContactNumber, Type, PasswordHash, PasswordSalt, Status, CreatedBy, CreatedOn);
System.Diagnostics.Debug.WriteLine("Working");
}
else
{
Boolean insCnt = uDao.createUser(Name, Email, ContactNumber, Type, PasswordHash, PasswordSalt, Status, CompanyID, CreatedBy, CreatedOn);
}
string body = "Dear " + Name + ", " + Environment.NewLine + Environment.NewLine + "Your Account Has Been Successfully Created! " + Environment.NewLine + "This Is Your First-Time Login Password: "******". Please Proceed To Change Your Password Upon Your First Login. Thank you. " + Environment.NewLine + Environment.NewLine + Environment.NewLine + "Regards, " + Environment.NewLine + "Targeted Marketing Admin Team";
string subject = "Account Successfully Created!";
string toEmail = Email;
sendMail(subject, body, toEmail); // This is the line where the email is sent
//VIC: after successful creation, the fields should be cleared to min the risk of user clicking on the submit button again
ddlUserType.SelectedIndex = 0;
ddlCompany.SelectedIndex = 0;
tbName.Text = String.Empty;
tbEmail.Text = String.Empty;
tbConNo.Text = String.Empty;
alertSuccess.Visible = true;
alertWarning.Visible = false;
msgSuccess.Text = Name + " Has Been Created Successfully!";
Session["CreateUser"] = 2;
Response.Redirect("UserList.aspx");
}
//VIC: do not need to check if contact already exist
else if (EmailExist > 0)
{
tbEmail.Text = String.Empty;
alertWarning.Visible = true;
alertSuccess.Visible = false;
msgWarning.Text = "Email Already In-Use. Please Try Again!";
}
}
//Session["CreateUser"] = 2;
//Response.Redirect("UserList.aspx");
}
}