Exemplo n.º 1
0
        protected void Page_Load(object sender, EventArgs e)
        {
            PersonnelSystem ps          = PersonnelSystem.GetPersonnelSystem(this);
            UOC_STAFF       loginPerson = ps.LoginPerson;

            if (!IsPostBack)
            {
                if (loginPerson.IsLoginFirst())
                {
                    TitleDivNamePassOld.Visible = false;
                    divPassOld.Visible          = false;
                    tbPasswordOld.Visible       = false;
                }
                if (loginPerson.IsLoginSecond())
                {
                    tbPasswordOld.Visible = true;
                }
            }
        }
Exemplo n.º 2
0
        protected void btnChangePassword_Click(object sender, EventArgs e)
        {
            PersonnelSystem ps          = PersonnelSystem.GetPersonnelSystem(this);
            UOC_STAFF       loginPerson = ps.LoginPerson;

            if (loginPerson.IsLoginFirst())
            {
                Label12X.Text = "";

                if (tbPasswordNew.Text == "")
                {
                    Label12X.Text      = "กรุณากรอกรหัสผ่านใหม่";
                    Label12X.ForeColor = System.Drawing.Color.Red;
                    return;
                }
                if (tbPasswordNewAgain.Text == "")
                {
                    Label12X.Text      = "กรุณากรอกรหัสผ่านใหม่อีกครั้ง";
                    Label12X.ForeColor = System.Drawing.Color.Red;
                    return;
                }
                if (tbPasswordNew.Text == "" || tbPasswordNewAgain.Text == "")
                {
                    Label12X.Text      = "กรุณากรอกรหัสผ่านใหม่ให้ครบถ้วน";
                    Label12X.ForeColor = System.Drawing.Color.Red;
                    return;
                }
                if (tbPasswordNew.Text != tbPasswordNewAgain.Text)
                {
                    Label12X.Text      = "รหัสผ่านไม่ตรงกัน";
                    Label12X.ForeColor = System.Drawing.Color.Red;
                    return;
                }
                string source = tbPasswordNew.Text;
                using (MD5 md5Hash = MD5.Create())
                {
                    string hash = GetMd5Hash(md5Hash, source);
                    DatabaseManager.ExecuteNonQuery("UPDATE UOC_STAFF SET PASSWORD = '******', ST_LOGIN_ID = 1 WHERE CITIZEN_ID = '" + loginPerson.CITIZEN_ID + "'");
                    Label12X.Text      = "ตั้งรหัสผ่านสำเร็จ";
                    Label12X.ForeColor = System.Drawing.Color.Green;
                }
            }

            if (loginPerson.IsLoginSecond())
            {
                Label12X.Text = "";

                if (tbPasswordNew.Text == "")
                {
                    Label12X.Text      = "กรุณากรอกรหัสผ่านใหม่";
                    Label12X.ForeColor = System.Drawing.Color.Red;
                    return;
                }
                if (tbPasswordNewAgain.Text == "")
                {
                    Label12X.Text      = "กรุณากรอกรหัสผ่านใหม่อีกครั้ง";
                    Label12X.ForeColor = System.Drawing.Color.Red;
                    return;
                }
                if (tbPasswordOld.Text == tbPasswordNew.Text)
                {
                    Label12X.Text      = "รหัสผ่านใหม่ไม่สามารถซ้ำรหัสผ่านเก่า";
                    Label12X.ForeColor = System.Drawing.Color.Red;
                    return;
                }
                if (tbPasswordNew.Text != tbPasswordNewAgain.Text)
                {
                    Label12X.Text      = "รหัสผ่านใหม่กับรหัสผ่านใหม่อีกครั้งไม่ตรงกัน";
                    Label12X.ForeColor = System.Drawing.Color.Red;
                    return;
                }

                using (OracleConnection con = new OracleConnection(DatabaseManager.CONNECTION_STRING))
                {
                    con.Open();
                    using (OracleCommand com = new OracleCommand("SELECT PASSWORD FROM UOC_STAFF WHERE CITIZEN_ID ='" + loginPerson.CITIZEN_ID + "'", con))
                    {
                        using (OracleDataReader reader = com.ExecuteReader())
                        {
                            string source   = tbPasswordNew.Text;
                            string CheckOld = tbPasswordOld.Text;
                            while (reader.Read())
                            {
                                using (MD5 md5Hash = MD5.Create())
                                {
                                    string hash    = GetMd5Hash(md5Hash, source);
                                    string hashOld = GetMd5Hash(md5Hash, CheckOld);
                                    if (!reader.IsDBNull(0))
                                    {
                                        if (hashOld != reader.GetString(0))
                                        {
                                            Label12X.Text      = "รหัสผ่านเก่าไม่ถูกต้อง";
                                            Label12X.ForeColor = System.Drawing.Color.Red;
                                            return;
                                        }

                                        DatabaseManager.ExecuteNonQuery("UPDATE UOC_STAFF SET PASSWORD = '******' WHERE CITIZEN_ID = '" + loginPerson.CITIZEN_ID + "'");
                                        Label12X.Text      = "เปลี่ยนรหัสผ่านสำเร็จ";
                                        Label12X.ForeColor = System.Drawing.Color.Green;
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }