/// <summary>
/// Tao moi nguoi su dung
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnSaveNewUser_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
//xu ly cat bo khoang trang trong ten dang nhap va loc SQL Injection
txtUsername2.Text = AccountUtilities.ProcessUsername(txtUsername2.Text);
string sUsername = txtUsername2.Text;
//kiem tra tinh hop le cua ten dang nhap
if (AccountUtilities.IsValidUsername(txtUsername2.Text))
{
UserAccount user = db.UserAccounts.SingleOrDefault <UserAccount>(u => u.AccountName == sUsername);
//neu chua co nguoi dung nao su dung ten dang nhap nay thi co the dang ky duoc
if (user == null)
{
SysUser sUser = new SysUser();
sUser.FirstSurName = txtHoLot2.Text;
sUser.LastName = txtTen2.Text;
sUser.Address = txtDiaChi2.Text;
sUser.Cell = txtDT2.Text;
sUser.Email = txtEmail2.Text;
sUser.CreatedTime = DateTime.Now;
sUser.CreatedBy = UserInfo.UserAccount.AccountName;
user = new UserAccount();
user.CreatedTime = DateTime.Now;
user.AccountName = sUsername;
user.Password = Hash.GetHashMD5Value(txtPassword2.Text);//ma hoa mat khau dang md5
user.IsDisabled = false;
user.SysGroupId = (int)KHCNCT.Globals.Enums.Role.UserRole.InternalUser;
sUser.UserAccount = user;
db.SysUsers.InsertOnSubmit(sUser);
db.SubmitChanges();
if (ckbSendAlertCreateUserEmail.Checked)
{
MailController.SendAlertStoreAccountCreated2(txtEmail2.Text, txtUsername2.Text, txtPassword2.Text, "", txtHoLot2 + " " + txtTen2.Text);
}
Response.Redirect(Common.GenerateAdminUrl("user"));
}
else
{
//ten truy cap da ton tai
Page.ClientScript.RegisterStartupScript(this.GetType(), "",
"$('#username_status').html('" + Resources.AccountMessage.UsernameUnAvailable.Replace("'", "\\'") + "');" +
"setfocusonerrortextbox('" + txtUsername2.ClientID + "');", true);
}
}
else
{
//ten dang nhap khong hop le
Page.ClientScript.RegisterStartupScript(this.GetType(), "",
"$('#username_status').html('<span class=\"validator_error_message\">" + Resources.AccountMessage.InvalidUsername + "</span>');" +
"setfocusonerrortextbox('" + txtUsername2.ClientID + "');", true);
}
}
}
public bool DownloadDocument(MWithdrawal withdrawal)
{
try
{
//Extract Initals of Client
string clientInitials = AccountUtilities.ExtracInitials(withdrawal.ClientName);
string dateTimeNow = withdrawal.CreatedDate.ToString("yyMMddHHmmss", System.Globalization.CultureInfo.InvariantCulture);
//Get File From Hellosign
Client client = new Client("bbb7087eb89dd0c11f91cf037366f6e85eca26b38f84ea7a80a2566e66f52e8d");
byte[] downloadDocument = client.DownloadSignatureRequestFiles(withdrawal.DocumentId, SignatureRequest.FileType.PDF);
//Transmit File to client
Response.Clear();
Response.AddHeader("Content-Disposition", $"attachment; filename={dateTimeNow}{clientInitials}{withdrawal.Id}.pdf");
Response.AddHeader("Refresh", "3; /withdrawal-request.aspx");
Response.ContentType = "application/pdf";
Response.Buffer = true;
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.BinaryWrite(downloadDocument);
Response.AddHeader("Refresh", "3; url=index.html");
Response.Flush();
Response.SuppressContent = true;
HttpContext.Current.ApplicationInstance.CompleteRequest();
return(true);
}
catch (Exception ex)
{
toastrUtilities.SessionPush("toast", new KeyValuePair <string, string>("error", "Document Not Found"));
return(false);
}
}
public async Task LoginWithPassword(string password)
{
if (!EntityAssertions.Assert_SenderPlayer(Sender, out Player ply))
{
return;
}
if (!SessionUtilities.AcquireSession(ply, out var session))
{
return;
}
if (session.TryGetAccount(out var accref))
{
ply.SendErrorMessage($"You are already logged in!");
accref.Dispose();
return;
}
var(result, refn) = await AccountUtilities.TryFindAccount(ply.Name);
if (result != FindAccountResult.Found)
{
switch (result)
{
case FindAccountResult.NotFound:
ply.SendErrorMessage($"This account currently is not registered. Please use /register in order to claim it.");
break;
case FindAccountResult.Error:
ply.SendErrorMessage("An internal server has occured while looking up this account.");
break;
}
return;
}
Account acc = refn.Object;
//TODO: Put on another thread.
if (!BCrypt.Net.BCrypt.EnhancedVerify(password, acc.Password))
{
ply.SendErrorMessage("The password you provided is invalid.");
refn.Dispose();
return;
}
else
{
await ply.TryPerformLogon(refn);
}
}
public async Task DeleteAccount(string username)
{
var(result, reference) = await AccountUtilities.TryFindAccount(username);
if (result != FindAccountResult.Found)
{
switch (result)
{
case FindAccountResult.NotFound:
Sender.SendErrorMessage("An account by this name could not be found.");
break;
case FindAccountResult.Error:
Sender.SendErrorMessage("Account deletion failed due to a server error.");
break;
}
return;
}
var del_result = await AccountantPlugin.Instance.Accounts.DeleteAccount(username);
reference.Dispose();
switch (del_result)
{
case AccountDeleteResult.Success:
Sender.SendSuccessMessage($"Account {username} has been successfully deleted.");
break;
case AccountDeleteResult.NotFound:
Sender.SendErrorMessage("An account by this name could not be found.");
break;
case AccountDeleteResult.PluginBlocked:
Sender.SendErrorMessage("Account deletion blocked by another plugin.");
break;
case AccountDeleteResult.StorageError:
Sender.SendErrorMessage("Account deletion failed due to a server error.");
break;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(Request.QueryString.ToString()))
{
//Get Client Information From Query String
string DocumentId = Request.QueryString["doc_id"];
string ClientName = Request.QueryString["name"];
string dateTimeNow = DateTime.UtcNow.ToString("yyMMddHHmmss", System.Globalization.CultureInfo.InvariantCulture);
//Make the Initials Extractions
string clientInitials = AccountUtilities.ExtracInitials(ClientName);
//Fetch File From Hello Sign Api
Client client = new Client("bbb7087eb89dd0c11f91cf037366f6e85eca26b38f84ea7a80a2566e66f52e8d");
byte[] downloadDocument = client.DownloadSignatureRequestFiles(DocumentId, SignatureRequest.FileType.PDF);
//Transmit File to client
Response.Clear();
Response.AppendHeader("Content-Disposition", $"attachment; filename={dateTimeNow}{clientInitials}{DocumentId}.pdf");
Response.ContentType = "application/pdf";
Response.BinaryWrite(downloadDocument);
Response.End();
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
RadCaptcha1.Validate();
if (Page.IsValid)
{
SysUser user = db.SysUsers.SingleOrDefault <SysUser>(u => u.UserAccount.AccountName == AccountUtilities.ProcessUsername(txtUsername.Text) &&
u.UserAccount.Password == Hash.GetHashMD5Value(txtPassword.Text));
if (user != null)
{
UserAccount userAcc = user.UserAccount;
if (userAcc.IsActivated == false) //tai khoan chua kich hoat
{
lblMessage.Text = Resources.AccountMessage.AccountNotActivated;
}
else if (userAcc.IsDisabled == true) //tai khoan dang tam khoa
{
lblMessage.Text = String.Format(Resources.AccountMessage.AccountBlock, userAcc.DisabledReason);
}
else if (userAcc.IsExpired == true) //tai khoan het han (chua xoa hoan toan khoi he thong)
{
lblMessage.Text = Resources.AccountMessage.AccountExpired;
}
else if ((userAcc.SysGroupId != (int)KHCNCT.Globals.Enums.Role.UserRole.Administrator) &&
(userAcc.SysGroupId != (int)KHCNCT.Globals.Enums.Role.UserRole.InternalUser)) //nguoi dung ko co quyen dang nhap
{
lblMessage.Text = Resources.AccountMessage.AccessDenied;
}
else
{
RegisterLoginSession(user);
if (Request.QueryString["returnurl"] != null)
{
Response.Redirect(HttpUtility.UrlDecode(Request.QueryString["returnurl"]));
}
else
{
Response.Redirect(Request.Url.ToString());
}
//else Response.Redirect(Common.GenerateUrl("profile"));
}
}
else
{
lblMessage.Text = Resources.AccountMessage.LoginFailed;
}
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
UserAccount userAccount = db.UserAccounts.SingleOrDefault <UserAccount>(u => u.AccountName == AccountUtilities.ProcessUsername(txtUsername.Text) &&
u.Password == Hash.GetHashMD5Value(txtPassword.Text));
if (userAccount != null)
{
if (userAccount.IsActivated == false) //tai khoan chua kich hoat
{
lblMessage.Text = Resources.AccountMessage.AccountNotActivated;
}
else if (userAccount.IsDisabled == true) //tai khoan dang tam khoa
{
lblMessage.Text = String.Format(Resources.AccountMessage.AccountBlock, userAccount.DisabledReason);
}
else //nguoi dung co the dang nhap
{
RegisterLoginSession(userAccount);
if (Request.QueryString["returnurl"] != null)
{
Response.Redirect(HttpUtility.UrlDecode(Request.QueryString["returnurl"]));
}
else
{
Response.Redirect(Request.Url.ToString());
}
//else Response.Redirect(Common.GenerateUrl("profile"));
}
}
else
{
lblMessage.Text = Resources.AccountMessage.LoginFailed;
}
}
public async Task LoginWithUUID()
{
if (!EntityAssertions.Assert_SenderPlayer(Sender, out Player ply))
{
return;
}
if (!SessionUtilities.AcquireSession(ply, out var session))
{
return;
}
if (session.TryGetAccount(out var accref))
{
ply.SendErrorMessage($"You are already logged in!");
accref.Dispose();
return;
}
if (!AccountantPlugin.Instance.Configuration.AllowUUIDSignin)
{
ply.SendErrorMessage("Logging in with UUID is disabled in this server. Please use the /login <password> or /login <username> <password> syntax.");
return;
}
var uuid = ply.UUID;
if (uuid == null || !Guid.TryParse(uuid, out var guid))
{
ply.SendErrorMessage("Cannot log you in due to an invalid UUID.");
return;
}
//Ensure the UUID is correctly formatted.
uuid = guid.ToString();
var(result, refn) = await AccountUtilities.TryFindAccount(ply.Name);
if (result != FindAccountResult.Found)
{
switch (result)
{
case FindAccountResult.NotFound:
ply.SendErrorMessage($"This account currently is not registered. Please use /register in order to claim it.");
break;
case FindAccountResult.Error:
ply.SendErrorMessage("An internal server has occured while looking up this account.");
break;
}
return;
}
Account acc = refn.Object;
if (!acc.TryGetMetadata <AccountAutoLogins>(Account.AutoLoginMetaKey, out var aal) || !aal.Enabled)
{
ply.SendErrorMessage($"This account cannot be automatically logged into.");
refn.Dispose();
return;
}
if (!aal.UUIDs.Contains(uuid))
{
ply.SendErrorMessage($"You must log into this account with a password from this computer at least once to gain auto-login ability.");
refn.Dispose();
return;
}
await ply.TryPerformLogon(refn);
}
