private static UserM LoadUserFromDatabase(DatabaseCall dbc)
{
UserM newUser = new UserM();
System.Data.DataSet ds = new System.Data.DataSet();
dbc.Fill(ds);
if ((ds.Tables.Count <= 0) || (ds.Tables[0].Rows.Count <= 0))
{
return(newUser);
}
newUser._userID = Convert.ToInt32(ds.Tables[0].Rows[0]["UserID"]);
newUser._lastName = ds.Tables[0].Rows[0]["LastName"].ToString();
newUser._middleName = ds.Tables[0].Rows[0]["MiddleName"].ToString();
newUser._firstName = ds.Tables[0].Rows[0]["FirstName"].ToString();
newUser._emailAddress = ds.Tables[0].Rows[0]["Email"].ToString();
newUser._universityID = ds.Tables[0].Rows[0]["UniversityIdentifier"].ToString();
newUser._username = ds.Tables[0].Rows[0]["UserName"].ToString();
newUser._password = ds.Tables[0].Rows[0]["Password"].ToString();
newUser._lastUpdatedDate = Convert.ToDateTime(ds.Tables[0].Rows[0]["LastUpdatedDate"].ToString());
newUser._lastUpdatedUserID = Convert.ToInt32(ds.Tables[0].Rows[0]["LastUpdatedUserID"]);
newUser._changedPassword = Convert.ToBoolean(ds.Tables[0].Rows[0]["ChangedPassword"]);
return(newUser);
}
internal static bool CommitImport(string importID)
{
DatabaseCall dbc = new DatabaseCall("Import_LoadPendingImport", DBCallType.Select);
dbc.AddParameter("@ImportID", importID);
System.Data.DataSet ds = new System.Data.DataSet();
dbc.Fill(ds);
if ((ds.Tables.Count <= 0) || (ds.Tables[0].Rows.Count <= 0))
{
return(false);
}
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
{
try
{
UserM user = UserM.Load(Convert.ToInt32(ds.Tables[0].Rows[i]["UserID"]));
user.GenerateNewPassword();
user.AddToCourse(Convert.ToInt32(ds.Tables[0].Rows[i]["CourseID"]));
}
catch
{
}
}
return(true);
}
private void SendPasswordToUser(string password)
{
// email if new user
if (SharedSupport.UsingSmtp)
{
string subject = SharedSupport.GetLocalizedString("ChangePassword_NewPasswordEmailSubject");
string body = SharedSupport.GetLocalizedString("ChangePassword_NewPassword_UsernameMessage") + " " + this._username + "\n";
body += SharedSupport.GetLocalizedString("ChangePassword_NewPassword_Message") + " " + password;
UserM amsaUser = UserM.Load(Constants.ASSIGNMENTMANAGER_SYSTEM_ADMIN_USERID);
MessageM.SendMessage(amsaUser.EmailAddress, this._emailAddress, subject, body);
}
}
public void SendPasswordToUser()
{
// use Assignment Manager sysadmin email
UserM amsaUser = UserM.Load(Constants.ASSIGNMENTMANAGER_SYSTEM_ADMIN_USERID);
string sentByEmail = amsaUser.EmailAddress;
string emailSubject = SharedSupport.GetLocalizedString("User_EmailSubject");
string[] replacements = new string[2] {
this._username, this._password
};
string emailBody = SharedSupport.GetLocalizedString("User_EmailBody", replacements);
MessageM.SendMessage(sentByEmail, this._emailAddress, emailSubject, emailBody);
}
public static UserM AuthenticateUser(string username, string password)
{
UserM user = UserM.LoadByUserName(username);
//Compare the hashed version of the password stored in the db to the hashed version of the password entered.
Byte[] passwd = SharedSupport.ConvertStringToByteArray(password.Trim());
byte[] hashValue = ((HashAlgorithm)CryptoConfig.CreateFromName(Constants.HashMethod)).ComputeHash(passwd);
if (user.Password != BitConverter.ToString(hashValue))
{
return(new UserM());
}
else
{
return(user);
}
}
public static void sendEmailMessageToCourse(string subject, string body, string link, int courseId)
{
if (!Convert.ToBoolean(SharedSupport.UsingSmtp))
{
throw (new System.Exception(SharedSupport.GetLocalizedString("Global_NoSMTP")));
}
try
{
// validation
if (body.Equals(String.Empty))
{
throw new ArgumentException(SharedSupport.GetLocalizedString("SendEmailMessage_InvalidBody"));
}
if (subject.Equals(String.Empty))
{
throw new ArgumentException(SharedSupport.GetLocalizedString("SendEmailMessage_InvalidSubject"));
}
string mailTo = "";
System.Data.DataSet ds = new System.Data.DataSet();
//use generic Assignment Manager From
string sentByEmail = string.Empty;
UserList ul = UserList.GetListFromCourse(courseId);
int[] userIDs = ul.UserIDList;
for (int i = 0; i < userIDs.Length; i++)
{
UserM user = UserM.Load(userIDs[i]);
mailTo += user.EmailAddress + ";";
}
// use Assignment Manager sysadmin email
UserM amsaUser = UserM.Load(Constants.ASSIGNMENTMANAGER_SYSTEM_ADMIN_USERID);
sentByEmail = amsaUser.EmailAddress;
// add the formatting and action link
body += "\n" + "\n" + link;
// send email
SendMessage(sentByEmail, mailTo, subject, body);
}
catch (System.Exception ex)
{
SharedSupport.HandleError(ex);
}
}
public void btnLogin_Click(object sender, System.EventArgs e)
{
try
{
// field validation
lblFeedback.Text = String.Empty;
if (this.txtUserName.Text.Trim() == String.Empty)
{
lblFeedback.Text = SharedSupport.GetLocalizedString("Login_InvalidCredentials");
return;
}
if (this.txtPassword.Text.Trim() == String.Empty)
{
lblFeedback.Text = SharedSupport.GetLocalizedString("Login_InvalidCredentials");
return;
}
//AuthenticateUser returns User
UserM user = UserM.AuthenticateUser(this.txtUserName.Text.Trim(), this.txtPassword.Text.Trim());
if (user.IsValid)
{
// Trigger off of field visibilty to determine whether we're updating with a new
// password or are attempting a first-time login.
if (!txtNewPwd.Visible)
{
// In this case, we've authenticated the user, and are attempting to log in
// directly. Make sure that they're valid for direct login, though (i.e. that
// they've already changed their password!).
if (!user.ChangedPassword)
{
// Uncover the fields for the 'need to change password' funtionality
// and update the text.
lblConfirmPwd.Visible = true;
lblNewPwd.Visible = true;
txtNewPwd.Visible = true;
txtConfirmPwd.Visible = true;
this.lblConfirmPwd.Text = SharedSupport.GetLocalizedString("ChangePassword_ConfirmPwdHeader");
this.lblNewPwd.Text = SharedSupport.GetLocalizedString("ChangePassword_NewPwdHeader1");
this.lblPassword.Text = SharedSupport.GetLocalizedString("ChangePassword_CurrentPwdHeader");
this.lblSubTitle.Text = SharedSupport.GetLocalizedString("Login_ChangePasswordSubTitle");
}
else
{
// The user has already changed their password and can be logged directly
// in, using forms based authentication and redirect; see config.web for
// authentication cookie config
FormsAuthentication.RedirectFromLoginPage(user.UserID.ToString(), false);
}
}
else
{
// They hadn't changed their password yet, so this is the second attempt to log
// in. Since they authenticated, if the two entries for the new password match,
// update the entry in the database.
if (this.txtConfirmPwd.Text == "")
{
throw new Exception(SharedSupport.GetLocalizedString("ChangePassword_ConfirmPassword_RequiredField"));
}
else if (this.txtNewPwd.Text == "")
{
throw new Exception(SharedSupport.GetLocalizedString("ChangePassword_NewPassword_RequiredField"));
}
if ((this.txtNewPwd.Text.Length < 4) || (this.txtNewPwd.Text.Length > 50))
{
this.txtNewPwd.Text = "";
this.txtConfirmPwd.Text = "";
throw new Exception(SharedSupport.GetLocalizedString("ChangePassword_PwdLengthError"));
}
// New password can't be the same as the previous password
if (this.txtNewPwd.Text == this.txtPassword.Text)
{
this.txtNewPwd.Text = "";
this.txtConfirmPwd.Text = "";
throw new Exception(SharedSupport.GetLocalizedString("ChangePassword_PwdSameAsOld"));
}
if (this.txtNewPwd.Text != this.txtConfirmPwd.Text)
{
this.txtNewPwd.Text = "";
this.txtConfirmPwd.Text = "";
throw new Exception(SharedSupport.GetLocalizedString("ChangePassword_ConfirmationError"));
}
// Update the password in the server, setting the 'changed' flag.
user.SetPassword(txtNewPwd.Text.Trim(), true);
// Now, redirect the user back to what they were doing before we
// interrupted their login.
FormsAuthentication.RedirectFromLoginPage(user.UserID.ToString(), false);
}
}
else
{
lblFeedback.Text = SharedSupport.GetLocalizedString("Login_InvalidCredentials");
}
}
catch (System.Exception ex)
{
lblFeedback.Text = ex.Message;
}
}
