Exemplo n.º 1
0
        public bool ChangePassword(User user, string userId)
        {
            Boolean retVal = false;

            MySqlConnection con = new MySqlConnection(DbCon.connectionString);

            MySqlCommand          cmd;
            ServiceObjectSecurity sos = new ServiceObjectSecurity();

            string pass = sos.EncodePasswordMD5(user.Password);

            string query = string.Format("UPDATE user SET passwd='{1}',lastModified='{2}' " +
                                         " WHERE (userId='{0}')",
                                         user.UserId, pass, user.LastModify.ToString("yyyy-MM-dd HH:mm:ss"));

            try
            {
                con.Open();
                cmd = new MySqlCommand(query, con);
                new AuditLogService().AddAuditLog("CHANGE PASSWORD", userId, new UserService().GetUserName(userId), " Changed user password", DateTime.Now);
                int affecRow = cmd.ExecuteNonQuery();
                if (affecRow > 0)
                {
                    retVal = true;
                }
            }
            catch (MySqlException ex)
            {
                //new AuditLogService().AddAuditLog("ERROR UPDATE USER", userId, new UserService().GetUserName(userId), ex.Message, DateTime.Now);
                string errorString = ex.Message;
            }
            catch (Exception ex)
            {
                //new AuditLogService().AddAuditLog("ERROR UPDATE USER", userId, new UserService().GetUserName(userId), ex.Message, DateTime.Now);
                string errorString = ex.Message;
            }
            finally
            {
                con.Close();
            }
            return(retVal);
        }
Exemplo n.º 2
0
        public bool AddUser(User user, string userId)
        {
            Boolean         retVal = false;
            MySqlConnection con    = new MySqlConnection(DbCon.connectionString);
            MySqlCommand    cmd;

            ServiceObjectSecurity sos = new ServiceObjectSecurity();

            string pass = sos.EncodePasswordMD5(user.Password);

            string query = string.Format("INSERT INTO user(userId,userName,passwd,dateCreated,lastModified,usertype)" +
                                         "VALUES('{0}','{1}','{2}','{3}','{4}','{5}')",
                                         user.UserId, user.UserName, pass, user.DateCreated.ToString("yyyy-MM-dd HH:mm:ss"), user.LastModify.ToString("yyyy-MM-dd HH:mm:ss"), user.UserType);

            try
            {
                con.Open();
                cmd = new MySqlCommand(query, con);
                new AuditLogService().AddAuditLog("ADD USER", userId, new UserService().GetUserName(userId), query, DateTime.Now);
                int affecRow = cmd.ExecuteNonQuery();
                if (affecRow > 0)
                {
                    retVal = true;
                }
            }
            catch (MySqlException ex)
            {
                new AuditLogService().AddAuditLog("ERROR ADD USER", userId, new UserService().GetUserName(userId), ex.Message, DateTime.Now);
                string errorString = ex.Message;
            }
            catch (Exception ex)
            {
                new AuditLogService().AddAuditLog("ERROR ADD USER", userId, new UserService().GetUserName(userId), ex.Message, DateTime.Now);
                string errorString = ex.Message;
            }
            finally
            {
                con.Close();
            }

            return(retVal);
        }
Exemplo n.º 3
0
        public Boolean ValidateLogin(User user)
        {
            MySqlConnection con = new MySqlConnection(DbCon.connectionString);

            MySqlCommand    cmd;
            MySqlDataReader dr        = null;
            Boolean         returnVal = false;

            ServiceObjectSecurity sos = new ServiceObjectSecurity();
            string pass = sos.EncodePasswordMD5(user.Password);


            string seletQuery = string.Format("SELECT userName FROM user WHERE userName='******' AND passwd='{1}' AND active = 1", user.UserName, pass);

            try
            {
                con.Open();
                cmd = new MySqlCommand(seletQuery, con);
                dr  = cmd.ExecuteReader();

                if (dr.HasRows)
                {
                    returnVal = true;
                }
            }
            catch (MySqlException ex)
            {
                new AuditLogService().AddAuditLog("LOGIN ATTEMPT", "0", user.UserName, ex.Message, DateTime.Now);
                string errorString = ex.Message;
            }
            catch (Exception ex)
            {
                new AuditLogService().AddAuditLog("LOGIN ATTEMPT", "0", user.UserName, ex.Message, DateTime.Now);
                string errorString = ex.Message;
            }
            finally
            {
                dr.Close();
                con.Close();
            }
            return(returnVal);
        }
Exemplo n.º 4
0
        public bool DeactivateUser(string userid, string userId)
        {
            Boolean retVal = false;

            MySqlConnection con = new MySqlConnection(DbCon.connectionString);

            MySqlCommand          cmd;
            ServiceObjectSecurity sos = new ServiceObjectSecurity();

            //string pass = sos.EncodePasswordMD5(user.Password);

            string query = string.Format("UPDATE user SET  active= 0 WHERE (userId='{0}')", userId);

            try
            {
                con.Open();
                cmd = new MySqlCommand(query, con);
                new AuditLogService().AddAuditLog("DEACTIVATED  USER ACCOUNT", userId, new UserService().GetUserName(userId), "User credentials were deactivated", DateTime.Now);
                int affecRow = cmd.ExecuteNonQuery();
                if (affecRow > 0)
                {
                    retVal = true;
                }
            }
            catch (MySqlException ex)
            {
                //new AuditLogService().AddAuditLog("ERROR UPDATE USER", userId, new UserService().GetUserName(userId), ex.Message, DateTime.Now);
                string errorString = ex.Message;
            }
            catch (Exception ex)
            {
                //new AuditLogService().AddAuditLog("ERROR UPDATE USER", userId, new UserService().GetUserName(userId), ex.Message, DateTime.Now);
                string errorString = ex.Message;
            }
            finally
            {
                con.Close();
            }
            return(retVal);
        }