protected void cmdSubmit_Click(object sender, EventArgs e)
        {
            try
            {
                if (txtNewPassword.Text.Equals(txtConfirm.Text))
                {
                    securityAgent = new CryptoProvider();
                    DBAgent       = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.AddParameter("@ParamLoginID", securityAgent.decryptText(Request.QueryString["UID"].Replace(" ", "+")));
                    DBAgent.AddParameter("@ParamNewPassword", securityAgent.EncryptText(txtNewPassword.Text));
                    DBAgent.AddParameter("@ParamIsTempPassword", 0);
                    DBAgent.ExecuteNonQuery("dbo.spUpdatePassword");

                    Session["Username"] = securityAgent.decryptText(Request.QueryString["UN"].Replace(" ", "+"));
                    Session["LoginID"]  = securityAgent.decryptText(Request.QueryString["UID"].Replace(" ", "+"));
                    Response.Redirect("Dashboard.aspx");
                }
            }
            catch (Exception ex)
            {
                lblErr.Text    = "There was a problem processing your request. Please contact IT.";
                lblErr.Visible = true;
                CommonHelpers.writeLogToFile("cmdSubmit_Click: ResetPassword.aspx.aspx", ex.Message);
            }
        }
 protected void gvQuestionnaireHistory_CustomButtonCallback(object sender, ASPxGridViewCustomButtonCallbackEventArgs e)
 {
     try
     {
         securityAgent = new CryptoProvider();
         ASPxGridView gv   = (ASPxGridView)sender;
         object       PQID = gv.GetRowValues(e.VisibleIndex, "PQID");
         if (PQID != null)
         {
             gvQuestionnaireHistory.JSProperties["cpReportPQID"] = securityAgent.EncryptText(PQID.ToString());
         }
     }
     catch (Exception ex)
     {
         CommonHelpers.writeLogToFile("gvQuestionnaireHistory_CustomButtonCallback: PatientList.aspx", ex.Message);
     }
 }
        protected void cmdSave_Click(object sender, EventArgs e)
        {
            try
            {
                CryptoProvider securityAgent   = new CryptoProvider();
                int            QuestionnaireID = 0;
                DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                DBAgent.AddParameter("ParamQuestionnaireName", txtQuestionnaireName.Value);
                object o = DBAgent.ExecuteScalar("spAddEditQuestionnaire", ConfigurationManager.AppSettings["DBName"]);
                if (o != null)
                {
                    QuestionnaireID = int.Parse(o.ToString());
                }

                listDataSource = (BindingList <Record>)Session["ConfigurationValues"];

                if (QuestionnaireID > 0)
                {
                    foreach (Record r in listDataSource)
                    {
                        DBAgent.AddParameter("ParamQuestionnaireID", QuestionnaireID);
                        DBAgent.AddParameter("ParamConfigID", r.ConfigID);
                        DBAgent.AddParameter("ParamMinValue", r.MinValue);
                        DBAgent.AddParameter("ParamMaxValue", r.MaxValue);
                        DBAgent.ExecuteNonQuery("spAddQuestionnaireConfig", ConfigurationManager.AppSettings["DBName"]);
                    }

                    Session["ConfigurationValues"] = null;
                    Response.Redirect("EditQuestionnaire.aspx?QID=" + securityAgent.EncryptText(QuestionnaireID.ToString()));
                }
            }
            catch (Exception ex)
            {
                lblErr.Text    = "There was a problem processing your request. Please contact IT.";
                lblErr.Visible = true;
                CommonHelpers.writeLogToFile("cmdSave_Click: NewQuestionnaire.aspx", ex.Message);
            }
        }
Exemplo n.º 4
0
        protected void cmdLogin_Click(object sender, EventArgs e)
        {
            try
            {
                lblErr.Text = "";
                bool ValidUser    = false;
                bool TempPassword = false;
                securityAgent = new CryptoProvider();
                DBAgent       = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                DBAgent.AddParameter("@ParamUserName", txtUserName.Value);
                string data = DBAgent.ExecuteStoredProcedure("dbo.spGetUserDetails");
                if (string.IsNullOrEmpty(data))
                {
                    ValidUser   = false;
                    lblErr.Text = "Invalid Username/Password conbination. Please try again";

                    DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                    DBAgent.AddParameter("@ParamRefID", 0);
                    DBAgent.AddParameter("@ParamRefType", "Users");
                    DBAgent.AddParameter("@ParamAction", "FL");
                    DBAgent.AddParameter("@ParamComment", "Login Failed - " + txtUserName.Value);
                    DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                }
                else
                {
                    DataSet ds = CommonHelpers.GetDataSetFromXml(data);
                    if (ds.Tables.Count > 0)
                    {
                        DataRow dRow      = ds.Tables[0].Rows[0];
                        string  upassword = "";
                        if ((bool.Parse(dRow["IsTempPassword"].ToString())))
                        {
                            upassword    = dRow["Password"].ToString();
                            TempPassword = true;
                        }
                        else
                        {
                            TempPassword = false;
                            string test = securityAgent.EncryptText("ClarityApp");
                            upassword = securityAgent.decryptText(dRow["Password"].ToString().Replace(" ", "+"));
                        }

                        if (upassword.Equals(txtPassword.Value))
                        {
                            DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                            DBAgent.AddParameter("@ParamRefID", dRow["LoginID"].ToString());
                            DBAgent.AddParameter("@ParamRefType", "Users");
                            DBAgent.AddParameter("@ParamAction", "LI");
                            DBAgent.ExecuteNonQuery("dbo.spAddUserAction");

                            ValidUser = true;

                            Session["FullName"] = String.Format("{0}, {1}", dRow["LastName"], dRow["FirstName"]);
                            if (!TempPassword)
                            {
                                Session["LoginID"]  = dRow["LoginID"].ToString();
                                Session["UserName"] = dRow["Username"].ToString();
                                Response.Redirect("Dashboard.aspx", true);
                            }
                            else
                            {
                                Response.Redirect(String.Format("ResetPassword.aspx?UN={0}&UID={1}", securityAgent.EncryptText(txtUserName.Text), securityAgent.EncryptText(dRow["LoginID"].ToString())), true);
                            }
                        }
                        else
                        {
                            ValidUser   = false;
                            lblErr.Text = "Invalid Username/Password conbination. Please try again";

                            DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]);
                            DBAgent.AddParameter("@ParamRefID", 0);
                            DBAgent.AddParameter("@ParamRefType", "Users");
                            DBAgent.AddParameter("@ParamAction", "FL");
                            DBAgent.AddParameter("@ParamComment", "Login Failed - " + txtUserName.Value);
                            DBAgent.ExecuteNonQuery("dbo.spAddUserAction");
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                lblErr.Text    = "There was a problem processing your request. Please contact IT.";
                lblErr.Visible = true;
                CommonHelpers.writeLogToFile("cmdLogin_Click: Login.aspx", ex.Message);
            }
        }