private void addNewUserButton_Click(object sender, EventArgs e)
{
string username = SFGlobal.SqlCleanString(newUserName.Text);
string password = Dury.SiteFoundry.Security.Cryptography.AsymmetricEncryption.ComputeHash(newUserPassword.Text, SFGlobal.EncryptionMethod, SFGlobal.EncryptionSalt);
string fullname = SFGlobal.SqlCleanString(newUserFullName.Text);
string email = SFGlobal.SqlCleanString(newUserEmail.Text);
string sql = String.Format("INSERT INTO SecurityUsers (username,password,disabled,fullname,email,lastlogin,datecreated,datemodified) VALUES ('{0}','{1}',0, '{2}','{3}','{4}','{5}','{6}')", username, password, fullname, email, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now);
SFGlobal.DAL.execNonQuery(sql);
int userID = (int)SFGlobal.DAL.execScalar("SELECT id FROM SecurityUsers WHERE username = '******'");
foreach (ListItem li in newUserRoles.Items)
{
if (li.Selected)
{
SFGlobal.DAL.execNonQuery("INSERT INTO SecurityUserRoles (userID,roleID) VALUES (" + userID.ToString() + "," + li.Value + ")");
}
li.Selected = false;
}
newUserName.Text = "";
newUserPassword.Text = "";
newUserFullName.Text = "";
newUserEmail.Text = "";
userGridBind();
msg.Text = "user added";
}
protected void userGrid_Update(System.Object sender, System.Web.UI.WebControls.DataGridCommandEventArgs e)
{
int itemID = int.Parse(e.Item.Cells[0].Text);
// insert user data
string username = SFGlobal.SqlCleanString(((TextBox)e.Item.FindControl("username")).Text);
string password = ((TextBox)e.Item.FindControl("password")).Text;
string fullname = SFGlobal.SqlCleanString(((TextBox)e.Item.FindControl("fullname")).Text);
string email = SFGlobal.SqlCleanString(((TextBox)e.Item.FindControl("email")).Text);
string disabled = ((CheckBox)e.Item.FindControl("disabledCheck")).Checked ? "1" : "0";
if (password != null && password != "")
{
password = Dury.SiteFoundry.Security.Cryptography.AsymmetricEncryption.ComputeHash(password, SFGlobal.EncryptionMethod, SFGlobal.EncryptionSalt);
SFGlobal.DAL.execNonQuery("UPDATE SecurityUsers SET username = '******'" + ", password='******', fullname='" + fullname + "', email='" + email + "' , disabled=" + disabled + " WHERE id = " + itemID.ToString());
}
else
{
SFGlobal.DAL.execNonQuery("UPDATE SecurityUsers SET username = '******', fullname='" + fullname + "', email='" + email + "', disabled=" + disabled + " WHERE id = " + itemID.ToString());
}
// insert roles
ListBox cbx = (ListBox)e.Item.FindControl("rolesList");
SFGlobal.DAL.execNonQuery("DELETE FROM SecurityUserRoles WHERE userID = " + itemID.ToString());
foreach (ListItem li in cbx.Items)
{
if (li.Selected)
{
SFGlobal.DAL.execNonQuery("INSERT INTO SecurityUserRoles (userID,roleID) VALUES (" + itemID.ToString() + "," + li.Value + ")");
}
}
userGrid.EditItemIndex = -1;
userGridBind();
SFGlobal.UpdateNodes();
msg.Text = "User: "******" updated ok";
}
private void addNewRole_Click(object sender, EventArgs e)
{
SFGlobal.DAL.execNonQuery("INSERT INTO SecurityRoles (name) VALUES ('" + SFGlobal.SqlCleanString(newRoleName.Text) + "')");
Response.Redirect(Request.RawUrl);
}
