protected bool CheckPatientFXUser(CSec secx, bool bIsNewPatPortalAcct)
{
if (txtPassword.Enabled)
{
//make sure pwd and verify pwd match
if (txtPassword.Text != txtVerifyPassword.Text)
{
BaseMstr.StatusCode = 501;
BaseMstr.StatusComment = "Password and verify password must match!";
return(false);
}
//check all the account rules for the account...
if (!secx.ValidateUserAccountRules(BaseMstr,
txtUserId.Text,
txtPassword.Text))
{
//Note: ValidateUserAccountRules will set StatusCode/StatusComment info
return(false);
}
}
//make sure user name does not already exist since
//we are doing an insert
if (bIsNewPatPortalAcct)
{
if (secx.UserNameExists(BaseMstr, txtUserId.Text))
{
BaseMstr.StatusCode = 500;
BaseMstr.StatusComment = "Please choose a different user name!";
return(false);
}
}
return(true);
}
// protected bool CheckIfFXUserRecExists()
protected bool CheckIfFXUserRecExists()
{
CSec sec = new CSec();
DataSet secDataChk = new DataSet();
//attempt to grab the user's profile
secDataChk = sec.CheckPatientFXUserRecDS(BaseMstr);
//load all of the user's available fields
if (secDataChk != null)
{
foreach (DataTable secTable in secDataChk.Tables)
{
foreach (DataRow secRow in secTable.Rows)
{
if (!secRow.IsNull("FXUSERCOUNT"))
{
if (secRow["FXUSERCOUNT"].ToString() != "0")
{
return(true);
}
}
}
}
}
return(false);
}
protected bool CheckIfPatientFXUserRecExists()
{
CSec sec = new CSec();
DataSet secDataChk = sec.CheckPatientFXUserRecDS(BaseMstr);
//load all of the patient's available fields
if (secDataChk != null)
{
foreach (DataTable secTable in secDataChk.Tables)
{
foreach (DataRow secRow in secTable.Rows)
{
if (!secRow.IsNull("FXUSERCOUNT"))
{
long lFXUserCount = Convert.ToInt32(secRow["FXUSERCOUNT"]);
if (lFXUserCount > 0)
{
return(true);
}
}
}
}
}
return(false);
}
protected long getPatientFXUserID()
{
long Value = 0;
CSec fxSec = new CSec();
DataSet SecSet = new DataSet();
SecSet = fxSec.GetPatientFXUserIdDS(BaseMstr);
//load all of the user's available fields
if (SecSet != null)
{
foreach (DataTable secTable in SecSet.Tables)
{
foreach (DataRow secRow in secTable.Rows)
{
if (!secRow.IsNull("FX_USER_ID"))
{
Value = Convert.ToInt64(secRow["FX_USER_ID"]);
}
}
}
}
return(Value);
}
/// <summary>
/// called to logoff the user
/// </summary>
public void LogOff()
{
//clear the patient
this.ClosePatient();
//clear FX_USER session var
Session["FX_USER"] = null;
//clear account details session var
Session["ACC_DETAILS"] = null;
//do any clean up necessary to logoff
CSec sec = new CSec();
sec.LogOff(this);
//is an extra step for timeouts etc...
if (!String.IsNullOrEmpty(DBSessionID))
{
DeleteAllSessionValues();
}
//clear the dbsessionid
DBSessionID = String.Empty;
//clear the session
Session.Clear();
//abandon the session
Session.Abandon();
//redirect;
Response.Redirect("default.aspx");
}
protected void Page_Load(object sender, EventArgs e)
{
CSec usrsec = new CSec();
bAllowUpdate = (usrsec.GetRightMode(Master, (long)SUATUserRight.DataManagementUR) > (long)RightMode.ReadOnly);
ucTemplate.BaseMstr = Master;
ucTemplate.bAllowUpdate = bAllowUpdate;
if (!IsPostBack)
{
//this page does not require a patient
Master.ClosePatient();
//get dataset for template tags and tag groups
DataSet dsTagGroups = template.GetTemplateDataTagGroupDS(Master);
DataSet dsTags = template.GetTemplateDataTagDS(Master);
if (dsTagGroups != null && dsTags != null)
{
dsTagGroups.Tables[0].TableName = "groups";
dsTags.Tables[0].TableName = "tags";
//copy the "tags" table from dsTags to dsTagGroups
dsTagGroups.Tables.Add(dsTags.Tables["tags"].Copy());
//define relation between tables
dsTagGroups.Relations.Add("taggroup", dsTagGroups.Tables["groups"].Columns["group_id"], dsTagGroups.Tables["tags"].Columns["item_group_id"], false);
dsTagGroups.AcceptChanges();
repTempItemGroups.DataSource = dsTagGroups.Tables["groups"];
repTempItemGroups.DataBind();
}
}
}
public CVerticalMenu(BaseMaster BaseMstr, DataSet dsTreatments, DataSet dsEncounters, DataSet dsIntakes)
{
m_BaseMstr = BaseMstr;
m_dsTreatments = dsTreatments;
m_dsEncounters = dsEncounters;
m_dsAssessments = dsIntakes;
usrsec = new CSec();
}
protected void Page_Load(object sender, EventArgs e)
{
CSec usrsec = new CSec();
bAllowUpdate = (usrsec.GetRightMode(Master, (long)SUATUserRight.AdministratorUR) > (long)RightMode.ReadOnly);
ucUserAdmin.BaseMstr = Master;
ucUserAdmin.bAllowUpdate = bAllowUpdate;
}
protected void Page_Load(object sender, EventArgs e)
{
CIntake intake = new CIntake();
CSec usrsec = new CSec();
bReadOnly = (usrsec.GetRightMode(Master, (long)SUATUserRight.ProcessNewPatientsUR) < (long)RightMode.ReadWrite);
if (Master.IsPatientLocked)
{
bReadOnly = true;
}
ucIntakeModules.BaseMstr = Master;
ucIntakeModules.bReadOnly = bReadOnly;
if (!Master.APPMaster.PatientHasOpenCase)
{
Master.StatusCode = 1;
Master.StatusComment = "Patient Does Not Have An Open Case! An Open Case Is Required To Assign Assessments.";
return;
}
if (!IsPostBack)
{
ucIntakeModules.LoadModuleGroups();
htxtSelectedModules.Value = ucIntakeModules.GetPatientModules();
}
if (Master.OnMasterSAVE())
{
string strSelectedModules = ucIntakeModules.GetAssignedModules();
if (!bReadOnly && !Master.IsPatientLocked)
{
if (intake.AssignPatientModules(Master, Master.SelectedPatientID, Master.SelectedProviderID, strSelectedModules))
{
htxtSelectedModules.Value = strSelectedModules;
divStatus.InnerHtml = "<font color=\"green\"><img alt=\"\" src=\"Images/tick.png\"> Assigned modules were saved for the patient!</font>";
ScriptManager.RegisterClientScriptBlock(upWrapperUpdatePanel, typeof(string), "saved", "clearStatusDiv(4);", true);
}
}
else
{
if (bReadOnly)
{
Master.StatusCode = 1;
Master.StatusComment = "<img alt=\"\" src=\"Images/lock16x16.png\" /> You have <b>Read-Only Access</b> to this section.";
}
else if (Master.IsPatientLocked)
{
Master.StatusCode = 1;
Master.StatusComment = "<img alt=\"\" src=\"Images/lock16x16.png\" /> <b>Read-Only Access</b>: The patient's record is in use by " + Session["PAT_LOCK_PROVIDER"].ToString() + ".";
}
}
}
ShowSysFeedback();
}
public CVerticalMenu(BaseMaster BaseMstr, DataSet dsTreatments, DataSet dsEncounters, DataSet dsIntakes)
{
m_BaseMstr = BaseMstr;
m_dsTreatments = dsTreatments;
m_dsEncounters = dsEncounters;
m_dsAssessments = dsIntakes;
usrsec = new CSec();
enctype = new CEncounter();
m_dsEncounterTypes = enctype.GetAllEncounterTypesDS(BaseMstr);
}
public void loadPatientPortalAccount()
{
//Delete divPassword.Visible = false;
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
BaseMstr.SetVSValue("NewPatientPortalAcct", false);
BaseMstr.SetVSValue("PatientFXUserIDExists", false);
BaseMstr.SetVSValue("PatientFXUserIDExists", CheckIfPatientFXUserRecExists());
bool bFXUserIDExists = BaseMstr.GetVSBoolValue("PatientFXUserIDExists");
if (!bFXUserIDExists)
{
//Delete divPassword.Visible = true;
txtPassword.Enabled = true;
txtVerifyPassword.Enabled = true;
txtUserId.Enabled = true;
//btnResetPassword.Enabled = false;
chkResetPassword.Enabled = false;
BaseMstr.SetVSValue("NewPatientPortalAcct", true);
}
else
{
CDataUtils utils = new CDataUtils();
CSec sec = new CSec();
DataSet dsSecData = new DataSet();
//attempt to grab the user's profile
dsSecData = sec.GetPatientFXUsernamePasswordDS(BaseMstr);
//load FXUser Username and Password fields
if (dsSecData != null)
{
txtUserId.Text = sec.dec(utils.GetStringValueFromDS(dsSecData, "USER_NAME"), "");
//chkbxAccountLocked.Checked = Convert.ToBoolean(utils.GetLongValueFromDS(dsSecData, "IS_LOCKED"));
//chkbxAccountInactive.Checked = Convert.ToBoolean(utils.GetLongValueFromDS(dsSecData, "IS_INACTIVE"));
txtUserId.Enabled = false;
divResetPWDButton.Visible = true;
chkResetPassword.Enabled = true;
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
}
}
Page_Load(null, EventArgs.Empty);
}
//page load
protected void Page_Load(object sender, EventArgs e)
{
CSec sec = new CSec();
CDataUtils utils = new CDataUtils();
if (!IsPostBack)
{
//if we are already logged in put us in change pwd mode
if (BaseMstr.IsLoggedIn())
{
//we are in change pwd mode since we are already logged in
SetMode(2);
//get the username from db
DataSet dsSecData = sec.GetFXUsernamePasswordDS(BaseMstr);
txtUN.Text = sec.dec(utils.GetStringValueFromDS(dsSecData, "USER_NAME"), "");
txtUN.ReadOnly = true;
}
else
{
//we are in login mode because we have not logged in yet
SetMode(1);
//when we time out session wise we dont want to ask the user
//for a user name/password if they have a valid cert...
//if (sec.CertLogin(BaseMstr))
//{
// BaseMstr.StatusCode = 0;
// BaseMstr.StatusComment = "";
// Response.Redirect(strPageAfterLogin);
//}
BaseMstr.StatusCode = 0;
BaseMstr.StatusComment = "";
}
}
else //a post back
{
//clear the divs html on the postback
PopupPostLogin.InnerHtml = "";
//only if not logged in set the un on the change pwd dive = to the u
//this is so we dont have to re-type it if forced to change pwd
if (!BaseMstr.IsLoggedIn())
{
txtUN.Text = txtU.Text;
}
}
}
//check credentials and load the provider id property
protected void btnSignSOAPP_Click(object sender, EventArgs e)
{
strLogAddendum = htxtLogAddendum.Value;
//clear current provider id
SignedProviderID = "";
SignedUserType = 0;
CloseEncounter = 0;
//check account
CSec sec = new CSec();
if (sec.Sign(BaseMstr,
txtProvUsername.Text,
txtUPassword.Text,
out m_strSignedProviderID,
out m_lSignedUserType))
{
//if account was ok the we are good
SignedProviderID = m_strSignedProviderID;
SignedUserType = m_lSignedUserType;
if (BaseMstr.APPMaster.UserType == (long)SUATUserType.PROVIDER)
{
CloseEncounter = 1;
chkClosed.Checked = true;
}
//clear the text
txtProvUsername.Text = "";
txtUPassword.Text = "";
//bubble up the event so someone using
//the control can check to see if we signed
RaiseBubbleEvent(this, e);
}
//clear the text
txtProvUsername.Text = "";
txtUPassword.Text = "";
//Hide Sign popup
winSignNote.Hide();
//Show system feedback
ShowSysFeedback();
}
protected void Page_Load(object sender, EventArgs e)
{
CSec usrsec = new CSec();
bAllowUpdate = (usrsec.GetRightMode(Master, (long)SUATUserRight.DataManagementUR) > (long)RightMode.ReadOnly);
//this page does not require a patient
Master.ClosePatient();
ucReferralClinicManagement.BaseMstr = Master;
ucReferralClinicManagement.bAllowUpdate = bAllowUpdate;
if (!IsPostBack)
{
ucReferralClinicManagement.LoadReferralClinic();
}
}
protected void ProcessPatientData(DataSet ds)
{
CSec sec = new CSec();
if (ds != null)
{
foreach (DataTable dt in ds.Tables)
{
foreach (DataRow dr in dt.Rows)
{
if (!dr.IsNull("USER_NAME"))
{
dr["USER_NAME"] = sec.dec(dr["USER_NAME"].ToString(), "");
}
}
}
ds.AcceptChanges();
}
}
protected void Page_Load(object sender, EventArgs e)
{
CSec usrsec = new CSec();
bAllowUpdate = (usrsec.GetRightMode(Master, (long)SUATUserRight.AdministratorUR) > (long)RightMode.ReadOnly) &&
(Master.APPMaster.UserType == (long)SUATUserType.ADMINISTRATOR);
if (!IsPostBack)
{
CDataUtils utils = new CDataUtils();
//get system settings
DataSet dsSys = new DataSet();
if (Session["SYSSETTINGS"] == null)
{
CSystemSettings sys = new CSystemSettings();
Session["SYSSETTINGS"] = sys.GetSystemSettingsDS(Master);
}
dsSys = (DataSet)Session["SYSSETTINGS"];
txtMailSMTPHost.Text = utils.GetStringValueFromDS(dsSys, "MAIL_SMTP_HOST");
txtSenderEmailAddress.Text = utils.GetStringValueFromDS(dsSys, "MAIL_SMTP_SENDER");
txtMailSMTPPort.Text = Convert.ToString(utils.GetLongValueFromDS(dsSys, "MAIL_SMTP_PORT"));
txtWebSiteUrl.Text = utils.GetStringValueFromDS(dsSys, "SITE_URL");
txtNotifyEmailAddress.Text = utils.GetStringValueFromDS(dsSys, "NOTIFY_EMAIL");
//New Text Message Fields
txtTextingHost.Text = utils.GetStringValueFromDS(dsSys, "TEXTING_HOST");
txtTextingPort.Text = Convert.ToString(utils.GetLongValueFromDS(dsSys, "TEXTING_PORT"));
txtTextingUser.Text = utils.GetStringValueFromDS(dsSys, "TEXTING_USER");
txtTextingPswd.Text = utils.GetStringValueFromDS(dsSys, "TEXTING_PSWD");
txtOraWinDir.Text = utils.GetStringValueFromDS(dsSys, "ORA_WIN_DIR");
Master.ClosePatient();
}
if (Master.OnMasterSAVE())
{
Save();
}
}
public bool SavePatientPortalAccount()
{
bool bSaved = false;
//fx sec Patient helper
CSec sec = new CSec();
long lFXUserID = 0;
bool bUserExists = CheckIfPatientFXUserRecExists();
bool bChkInsPatPortalAccount = CheckPatientFXUser(sec, !bUserExists);
if (bChkInsPatPortalAccount)
{
bool m_bFXUserIDExists = bUserExists;
if (!m_bFXUserIDExists)
{
bSaved = sec.InsertPatientFXUser(BaseMstr,
BaseMstr.SelectedPatientID,
txtUserId.Text,
txtPassword.Text,
false, //acount locked
false, //account inactive
out lFXUserID);
if (BaseMstr.StatusCode == 0)
{
txtUserId.Enabled = false;
//Delete divPassword.Visible = false;
divPassword.Visible = true;
divResetPWDButton.Visible = true;
}
}
else
{
//long lFXUserID = 0;
//update a record into the fx_user table and update
//the fx_user_id in the patient table
lFXUserID = getPatientFXUserID();
}
//ONLY if we changed the users account info, update the
//record in the FX_USER table
//Delete if (divPassword.Visible)
if (txtPassword.Enabled)
{
bSaved = sec.UpdatePatientFXUserPWD(BaseMstr,
lFXUserID,
txtUserId.Text,
txtPassword.Text,
false, //account locked
false //account inactive
);
if (BaseMstr.StatusCode == 0)
{
//Delete divPassword.Visible = false;
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
//btnResetPassword.Enabled = true;
}
}
else
{
bSaved = sec.UpdatePatientFXUserOptions(BaseMstr,
lFXUserID,
false, //account locked
false //account inactive
);
}
}
loadPatientPortalAccount();
//upPortalAccount.Update();
if (!bSaved)
{
chkResetPassword.Checked = false;
}
return(bSaved);
}
public CSecQuestions(BaseMaster BaseMstr)
{
m_BaseMstr = BaseMstr;
sec = new CSec();
}
/// <summary>
/// this is the proper place to do initialization in a master page
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Page_Init(object sender, EventArgs e)
{
//app specific stuff outside the base controller
APPMaster = new AppMaster();
APPMaster.SetBaseMaster(this);
//Returns a string that can be used in a client
//event to cause postback to the server.
Page.ClientScript.GetPostBackEventReference(this, String.Empty);
//set the character set, since all pages derive from basemaster
//this will set the encoding for all pages...
Response.ContentEncoding = Encoding.UTF8;
//init status info and objects
m_strStatusComment = string.Empty;
m_lStatusCode = -1;//-1 = success no show
//04/16/2012 - Security Updates
//set the timeout
Timeout = (Session.Timeout < 15) ? Timeout = 15 : Timeout = Session.Timeout;
//connect to the data source
if (!ConnectToDataSource())
{
//redirect to an error page
Response.Redirect("error_database.aspx");
Response.End();
}
//sec helper
CSec sec = new CSec();
//DBSessionID gets set in the database when the user
//logs in. this is used to cache values in the db and to determine if the
//user is logged in
//
//reset FXUserID, only gets set in the call below
FXUserID = 0;
if (!String.IsNullOrEmpty(DBSessionID))
{
//get actual user id from the database session created when the
//user logs in
string strUID = "";
if (GetSessionValue("FX_USER_ID", out strUID))
{
if (strUID != "")
{
FXUserID = Convert.ToInt32(strUID);
}
//load the app specific user details
//needed for the application
APPMaster.LoadUserDetails();
}
else
{
//log off if we cannot retrieve a valid session,
//user timed out
LogOff();
}
}
//user does not have access to this page
//so logoff.
if (!sec.AuditPageAccess(this))
{
LogOff();
}
string strPageName = this.GetPageName();
if (strPageName.IndexOf("event_management.aspx") != -1)
{
Response.AddHeader("X-UA-Compatible", "IE=8,chrome=1");
}
else
{
Response.AddHeader("X-UA-Compatible", "IE=9,chrome=1");
}
}
protected void Save(out bool bSaved)
{
bSaved = false;
bool bNotify = false;
if (bAllowUpdate)
{
if (!String.IsNullOrEmpty(txtUserId.Text) && txtUserId.Text.Trim().Length > 0)
{
#region SaveUser
//////////////////////////////////////////////////////
//user account is valid so press on with the saves...
CPatient patSave = new CPatient();
//fx sec helper
CSec sec = new CSec();
if (chkResetPasswd.Checked || String.IsNullOrEmpty(htxtPatientID.Value))
{
//make sure pwd and verify pwd match
if (txtPassword.Text != txtVerifyPassword.Text)
{
BaseMstr.StatusCode = 1;
BaseMstr.StatusComment = "Password and verify password must match!";
ShowSysFeedback();
return;
}
//check all the account rules for the account...
if (!sec.ValidateUserAccountRules(BaseMstr,
txtUserId.Text,
txtPassword.Text))
{
BaseMstr.StatusCode = 1;
//Note: ValidateUserAccountRules will set StatusCode/StatusComment info
ShowSysFeedback();
return;
}
}
//if a user is looked up, then SelectedPatientID will be set
//otherwise we are creating a new user
if (htxtPatientID.Value == "")//this is a new user
{
return;
}
else if (htxtPatientID.Value != "")
{
BaseMstr.SelectedPatientID = htxtPatientID.Value;
long lFXUserID = 0;
BaseMstr.SetVSValue("FXUserIDExists", CheckIfFXUserRecExists());
blnFXUserIDExists = BaseMstr.GetVSBoolValue("FXUserIDExists");
if (!blnFXUserIDExists)
{
//insert a record into the fx_user table and update
//the fx_user_id in the patient table
sec.InsertPatientFXUser(BaseMstr,
BaseMstr.SelectedPatientID,
txtUserId.Text,
txtPassword.Text,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked,
out lFXUserID);
if (BaseMstr.StatusCode == 0)
{
txtUserId.Enabled = false;
chkResetPasswd.Checked = false;
txtPassword.Text = String.Empty;
txtVerifyPassword.Text = String.Empty;
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
bSaved = true;
}
bSaved = (BaseMstr.StatusCode == 0);
if (bSaved)
{
bNotify = true;
}
}
else
{
//update a record into the fx_user table and update
//the fx_user_id in the suat user table
lFXUserID = getFXUserID();
}
//ONLY if we changed the users account info, update the
//record in the FX_USER table
if (chkResetPasswd.Checked)
{
sec.UpdatePatientFXUserPWD(BaseMstr,
lFXUserID,
txtUserId.Text,
txtPassword.Text,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked
);
if (BaseMstr.StatusCode == 0)
{
txtUserId.Enabled = false;
chkResetPasswd.Checked = false;
txtPassword.Text = String.Empty;
txtVerifyPassword.Text = String.Empty;
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
}
bSaved = (BaseMstr.StatusCode == 0);
if (bSaved)
{
bNotify = true;
}
}
else
{
bSaved = sec.UpdatePatientFXUserOptions(BaseMstr,
lFXUserID,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked
);
}
bSaved = (BaseMstr.StatusCode == 0);
}
if (bNotify)
{
//Add all patient events
CPatientEvent evt = new CPatientEvent(BaseMstr);
evt.AddSpecificEvent(cnChgPSWDEventID); //Password Changed
if (BaseMstr.StatusCode == 0)
{
evt.CompletedSpecificEvent(cnChgPSWDEventID); //Password Changed Event ID
}
}
LoadPatientsData();
#endregion
}
else
{
return;
}
}
else
{
BaseMstr.StatusCode = 1;
BaseMstr.StatusComment = "<img alt=\"\" src=\"Images/lock16x16.png\" /> You have <b>Read-Only Access</b> to this section.";
}
ShowSysFeedback();
return;
}
//login or change password
protected void btnLogin_Click(object sender, EventArgs e)
{
long lStatus = 0;
CSec sec = new CSec();
if (divLogin.Visible)//logging in
{
lStatus = sec.Login(BaseMstr, txtU.Text, txtP.Text);
if (lStatus == 0)
{
//good to go so cleanup and redirect
PopupPostLogin.InnerHtml = "";
//put us in change password mode
divChangePassword.Visible = true;
txtUN.ReadOnly = false;//lest them re-type there user name
txtUN.Text = "";
txtOldP.Text = "";
txtNewP.Text = "";
txtVNewP.Text = "";
txtU.Text = "";
txtP.Text = "";
divLogin.Visible = false;
//set a session variable with the login time
Session["SESSION_INITIATED"] = DateTime.Now;
GetPatientID();
if (!String.IsNullOrEmpty(BaseMstr.SelectedPatientID))
{
CPatientTxStep patstep = new CPatientTxStep(BaseMstr);
patstep.SetBaseMstrPatientStep();
}
//redirect, we are now logged in
//BaseMstr.Response.Redirect("portal_revamp.aspx");
BaseMstr.Response.Redirect(strPageAfterLogin);
}
else
{
//
//4 = change password
//
if (lStatus == 4)
{
Session["USER_NAME"] = txtU.Text.Trim();
Response.Redirect("change_password.aspx");
/*
* divLogin.Visible = false;
* divChangePassword.Visible = true;
*
* string strMsg = "<div style=\"padding: 10px; \">";
* strMsg += "<span class=\"login-alert\"><img src=\"Images/error.png\" alt=\"Transaction Failed\" /> ";
* strMsg += "Please change your password.";
* strMsg += "</span>";
* strMsg += "</div>";
* divLoginStatus.InnerHtml = strMsg;
*
* txtUN.Text = txtU.Text;
* txtUN.ReadOnly = true;
* return;
*/
}
//////////////////////////////////////////////////////
//following are handled below
//
//1 = invalid pwd
//7 = invalid pwd and locked it
//2 = account locked
//3 = account inactive
//6 = ip address locked
//
//show error and try again
string strErr = "<div style=\"padding: 10px; \">";
strErr += "<span class=\"login-error\"><img src=\"Images/cancel.png\" alt=\"Transaction Failed\" /> ";
strErr += BaseMstr.StatusComment;
strErr += "</span>";
strErr += "</div>";
divLoginStatus.InnerHtml = strErr;
Session["SESSION_INITIATED"] = null;
}
}
//are we changing the password?
if (divChangePassword.Visible)//changing password
{
//only if not logged in
if (!BaseMstr.IsLoggedIn())
{
txtUN.Text = txtU.Text;
}
//new pwd and verify new pwd must match
if (txtNewP.Text != txtVNewP.Text)
{
string strErr = "<div style=\"padding: 10px; \">";
strErr += "<span class=\"login-error\"><img src=\"Images/cancel.png\" alt=\"Transaction Failed\" /> ";
strErr += "New Password and Verify Password do not match";
strErr += "</span>";
strErr += "</div>";
divLoginStatus.InnerHtml = strErr;
return;
}
//check all the account rules for the account...
if (!sec.ValidateUserAccountRules(BaseMstr,
txtUN.Text,
txtNewP.Text))
{
//Note: will set StatusCode/StatusComment info
string strErr = "<div style=\"padding: 10px; \">";
strErr += "<span class=\"login-error\"><img src=\"Images/cancel.png\" alt=\"Transaction Failed\" /> ";
strErr += BaseMstr.StatusComment;
strErr += "</span>";
strErr += "</div>";
if (BaseMstr.StatusComment.Length < 48)
{
divLoginStatus.InnerHtml = strErr;
PopupPostLogin.InnerHtml = String.Empty;
}
else
{
divLoginStatus.InnerHtml = String.Empty;
ScriptManager.RegisterStartupScript(upLogin, typeof(string), "loginmsg", "sysfeedback('" + BaseMstr.StatusComment + "')", true);
//PopupPostLogin.InnerHtml = "<script type=\"text/javascript\">alert('" + BaseMstr.StatusComment + "');</script>";
}
return;
}
//change the users password, this will also log the user in
lStatus = sec.ChangePassword(BaseMstr,
txtUN.Text,
txtOldP.Text,
txtNewP.Text);
if (lStatus != 0)
{
//Note: will set StatusCode/StatusComment info
string strErr = "<div style=\"padding: 10px; \">";
strErr += "<span class=\"login-error\"><img src=\"Images/cancel.png\" alt=\"Transaction Failed\" /> ";
strErr += BaseMstr.StatusComment;
strErr += "</span>";
strErr += "</div>";
divLoginStatus.InnerHtml = strErr;
Session["SESSION_INITIATED"] = null;
return;
}
else
{
//successfully logged in!
divLoginStatus.InnerHtml = "";
//clear the user id and pwd
txtU.Text = "";
txtP.Text = "";
txtUN.Text = "";
txtOldP.Text = "";
txtNewP.Text = "";
txtVNewP.Text = "";
txtUN.ReadOnly = false;
Session["SESSION_INITIATED"] = DateTime.Now;
GetPatientID();
if (!String.IsNullOrEmpty(BaseMstr.SelectedPatientID))
{
CPatientTxStep patstep = new CPatientTxStep(BaseMstr);
patstep.SetBaseMstrPatientStep();
}
//BaseMstr.Response.Redirect("portal_revamp.aspx");
BaseMstr.Response.Redirect(strPageAfterLogin);
}
}
}
public bool SavePatientPortalAccount()
{
bool bSaved = false;
CheckUserRightsMode();
bool bIsReadOnly = (
((BaseMstr.APPMaster.UserType != (long)SUATUserType.ADMINISTRATOR) && lUsrRightMode < (long)RightMode.ReadWrite) ||
((BaseMstr.APPMaster.UserType == (long)SUATUserType.ADMINISTRATOR) && usrsec.GetRightMode(BaseMstr, (long)SUATUserRight.AdministratorUR) < (long)RightMode.ReadWrite)
);
if (bIsReadOnly)
{
return(false);
}
else
{
//fx sec Patient helper
CSec sec = new CSec();
long lFXUserID = 0;
bool bUserExists = CheckIfPatientFXUserRecExists();
bool bChkInsPatPortalAccount = CheckPatientFXUser(sec, !bUserExists);
if (bChkInsPatPortalAccount)
{
bool m_bFXUserIDExists = bUserExists;
if (!m_bFXUserIDExists)
{
bSaved = sec.InsertPatientFXUser(BaseMstr,
BaseMstr.SelectedPatientID,
txtUserId.Text,
txtPassword.Text,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked,
out lFXUserID);
if (BaseMstr.StatusCode == 0)
{
txtUserId.Enabled = false;
divPassword.Visible = true;
divResetPWDButton.Visible = true;
}
}
else
{
//update a record into the fx_user table and update
//the fx_user_id in the patient table
lFXUserID = getPatientFXUserID();
}
//ONLY if we changed the users account info, update the
//record in the FX_USER table
if (txtPassword.Enabled)
{
bSaved = sec.UpdatePatientFXUserPWD(BaseMstr,
lFXUserID,
txtUserId.Text,
txtPassword.Text,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked
);
if (BaseMstr.StatusCode == 0)
{
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
}
}
else
{
bSaved = sec.UpdatePatientFXUserOptions(BaseMstr,
lFXUserID,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked
);
}
}
loadPatientPortalAccount();
return(bSaved);
}
}
protected void btnChangePWD_Click(object sender, EventArgs e)
{
if (string.IsNullOrEmpty(txtNewP.Text) ||
string.IsNullOrEmpty(txtVNewP.Text) ||
string.IsNullOrEmpty(txtOldP.Text))
{
Master.StatusCode = 1;
Master.StatusComment = "Password entries are empty!";
ShowSysFeedback();
return;
}
if (txtNewP.Text != txtVNewP.Text)
{
Master.StatusCode = 1;
Master.StatusComment = "New Password and Verify Password do not match!";
ShowSysFeedback();
return;
}
if (pnlSecQuestions.Visible)
{
if (cboQuestion1.SelectedIndex < 1 ||
cboQuestion2.SelectedIndex < 1 ||
txtAnswer1.Text.Trim().Length < 1 ||
txtAnswer2.Text.Trim().Length < 1)
{
Master.StatusCode = 1;
Master.StatusComment = "Please select two challenge questions and enter the corresponding answers!";
ShowSysFeedback();
return;
}
}
long lStatusCode = 0;
string strStatusComment = string.Empty;
//validate the password rules
CSec sec = new CSec();
if (!sec.ValidateUserAccountRules(Master, (string)Session["USER_NAME"], txtNewP.Text))
{
Master.StatusCode = lStatusCode;
Master.StatusComment = strStatusComment;
ShowSysFeedback();
return;
}
//all good so far, change the pwd, login and redirect
lStatusCode = sec.ChangePassword(Master, (string)Session["USER_NAME"], txtOldP.Text, txtNewP.Text);
if (lStatusCode != 0)
{
Master.StatusCode = lStatusCode;
Master.StatusComment = strStatusComment;
ShowSysFeedback();
return;
}
//update security challenge questions & answers
CSecQuestions secquest = new CSecQuestions(Master);
if (!secquest.UpdateSecQuestions(Convert.ToInt32(cboQuestion1.SelectedValue),
txtAnswer1.Text.Trim(),
Convert.ToInt32(cboQuestion2.SelectedValue),
txtAnswer2.Text.Trim(),
-1,
String.Empty))
{
Master.StatusCode = lStatusCode;
Master.StatusComment = strStatusComment;
ShowSysFeedback();
return;
}
//if we get here we have successfully changed the password
//now login with the new account
if (sec.Login(Master, (string)Session["USER_NAME"], txtNewP.Text) != 0)
{
Master.StatusCode = lStatusCode;
Master.StatusComment = strStatusComment;
ShowSysFeedback();
return;
}
Master.StatusCode = lStatusCode;
Master.StatusComment = strStatusComment;
CPatient pat = new CPatient();
CDataUtils utils = new CDataUtils();
DataSet dsPat = pat.GetPatientIDRS(Master, Master.FXUserID);
Master.SelectedPatientID = utils.GetDSStringValue(dsPat, "PATIENT_ID");
CPatientEvent evt = new CPatientEvent(Master);
evt.CompletedEvent(1);
ShowSysFeedback();
//successful login so clear txt boxes
lblUID.Text = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
txtOldP.Text = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
txtNewP.Text = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
txtVNewP.Text = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
lblUID.Text = string.Empty;
txtOldP.Text = string.Empty;
txtNewP.Text = string.Empty;
txtVNewP.Text = string.Empty;
Session["USER_NAME"] = null;
//set a session variable with the login time
Session["SESSION_INITIATED"] = DateTime.Now;
//redirect, we are now logged in
//Master.Response.Redirect("portal_revamp.aspx");
Master.Response.Redirect("portal_start.aspx");
}
/// <summary>
/// this is the proper place to do initialization in a master page
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Page_Init(object sender, EventArgs e)
{
//app specific stuff outside the base controller
APPMaster = new AppMaster();
APPMaster.SetBaseMaster(this);
//Returns a string that can be used in a client
//event to cause postback to the server.
Page.ClientScript.GetPostBackEventReference(this, String.Empty);
//set the character set, since all pages derive from basemaster
//this will set the encoding for all pages...
Response.ContentEncoding = Encoding.UTF8;
//init status info and objects
m_strStatusComment = "";
m_lStatusCode = -1;//-1 = success no show
//04/16/2012 - Security Updates
//set the timeout
if (Session.Timeout < 15)
{
Timeout = 15;
}
else
{
Timeout = Session.Timeout;
}
//connect to the data source
if (!ConnectToDataSource())
{
//redirect to an error page
Response.Redirect("error_database.aspx");
Response.End();
}
//sec helper
CSec sec = new CSec();
//auto-login with CAC/cert NO!
//from the inspection user must click banner
//so no auto login here
/*if (!IsPostBack)
* {
* string strPage = GetPageName();
* if (strPage != "fx_logoff.aspx")
* {
* //don't try to login if we clicked the logoff option
* if (Request.QueryString["logoff"] == null)
* {
* //attempt a cac cert login
* if (Session["SessionID"] == null)
* {
* //auto login with the cert on the CAC...
* sec.CertLogin(this);
* }
* }
* }
* }*/
//get sessionid if set - set user id if session is ok
//Session["SessionID"] gets set in the database when the user
//logs in. this is used to cache values in the db and also
//force timeouts etc....
/* if (Session["SessionID"] != null)
* {
* m_strSessionID = Session["SessionID"].ToString();
*
* //get actual user id
* string strUID = "";
* if (GetSessionValue("FX_USER_ID", out strUID))
* {
* if (strUID != "")
* {
* m_lFXUserID = Convert.ToInt32(strUID);
* }
*
* //load the app specific user details
* //needed for the application
* APPMaster.LoadUserDetails();
* }
* }
* else
* {
* //default to ASP.net session if we have not logged in
* m_strSessionID = Context.Session.SessionID;
* }
*/
//DBSessionID gets set in the database when the user
//logs in. this is used to cache values in the db and to determine if the
//user is logged in
//
//reset FXUserID, only gets set in the call below
FXUserID = 0;
if (!String.IsNullOrEmpty(DBSessionID))
{
//get actual user id from the database session created when the
//user logs in
string strUID = "";
if (GetSessionValue("FX_USER_ID", out strUID))
{
if (strUID != "")
{
FXUserID = Convert.ToInt32(strUID);
}
//load the app specific user details
//needed for the application
APPMaster.LoadUserDetails();
}
else
{
//log off if we cannot retrieve a valid session,
//user timed out
LogOff();
}
}
//user does not have access to this page
//so logoff.
if (!sec.AuditPageAccess(this))
{
LogOff();
}
long lNewModuleID = -1;
//keep the module id, page id and random data segment
if (Request.QueryString["mid"] != null)
{
string strModuleID;
GetSessionValue("CURR_MODULE_ID", out strModuleID);
if (strModuleID != Request.QueryString["mid"].ToString())
{
lNewModuleID = 1;
}
else
{
lNewModuleID = -1;
}
m_lModuleID = Convert.ToInt32(Request.QueryString["mid"].ToString());
SetSessionValue("CURR_MODULE_ID", Convert.ToString(m_lModuleID));
}
if (Request.QueryString["pid"] != null)
{
if (lNewModuleID != -1)
{
m_lPageID = -1;
}
else
{
m_lPageID = Convert.ToInt32(Request.QueryString["pid"].ToString());
}
SetSessionValue("CURR_PAGE_ID", Convert.ToString(m_lPageID));
}
if (Request.QueryString["rds"] != null)
{
m_strRDS = Request.QueryString["rds"].ToString();
}
if (m_lModuleID < 1)
{
string strModuleID = "";
if (m_lFXUserID > 0)
{
GetSessionValue("CURR_MODULE_ID", out strModuleID);
if (strModuleID != "")
{
m_lModuleID = Convert.ToInt32(strModuleID);
}
}
}
if (m_lModuleID < 1)
{
string strModuleID = "";
if (m_lFXUserID > 0)
{
GetSessionValue("CURR_MODULE_ID", out strModuleID);
if (strModuleID != "")
{
m_lModuleID = Convert.ToInt32(strModuleID);
}
}
}
if (m_lPageID < 1)
{
string strPageID = "";
if (m_lFXUserID > 0)
{
GetSessionValue("CURR_PAGE_ID", out strPageID);
if (strPageID != "")
{
m_lPageID = Convert.ToInt32(strPageID);
}
}
}
}
protected void Submit_Click(object sender, EventArgs e)
{
CSec sec = new CSec();
CSecQuestions secquest = new CSecQuestions(Master);
if (pnlAccntDetails.Visible)
{
ViewState["FX_USER_ID"] = null;
bool bIsLocked = false;
bool bIPLocked = false;
if (txtUserName.Text.Trim().Length < 1)
{
return;
}
string strUsername = sec.Enc(txtUserName.Text.Trim(), String.Empty);
DataSet dsQuest = secquest.GetUserQuestions(strUsername);
if (dsQuest != null)
{
foreach (DataTable dt in dsQuest.Tables)
{
foreach (DataRow dr in dt.Rows)
{
if (!dr.IsNull("QUESTION_1"))
{
lblQuestion1.Text = dr["QUESTION_1"].ToString();
txtAnswer1.Text = String.Empty;
}
if (!dr.IsNull("QUESTION_2"))
{
lblQuestion2.Text = dr["QUESTION_2"].ToString();
txtAnswer2.Text = String.Empty;
}
if (!dr.IsNull("QUESTION_2"))
{
lblQuestion2.Text = dr["QUESTION_2"].ToString();
txtAnswer2.Text = String.Empty;
}
if (!dr.IsNull("FX_USER_ID"))
{
ViewState["FX_USER_ID"] = Convert.ToInt32(dr["FX_USER_ID"]);
}
if (!dr.IsNull("IS_LOCKED"))
{
bIsLocked = Convert.ToInt32(dr["IS_LOCKED"]) == 1;
}
if (!dr.IsNull("IP_LOCKED"))
{
bIPLocked = Convert.ToInt32(dr["IP_LOCKED"]) == 1;
}
}
}
if (dsQuest.Tables[0].Rows.Count > 0)
{
if (!bIsLocked)
{
bool bConfirmedAccnt = true;
if (Convert.ToInt32(ViewState["FX_USER_ID"]) == 0)
{
Master.StatusCode = 1;
Master.StatusComment = "The Username you entered is incorrect.";
bConfirmedAccnt = false;
}
else if (Convert.ToInt32(ViewState["FX_USER_ID"]) > 0 &&
(lblQuestion1.Text.Length < 1 ||
lblQuestion2.Text.Length < 1))
{
Master.StatusCode = 1;
Master.StatusComment = "You have not yet selected security questions for your portal account.";
bConfirmedAccnt = false;
}
if (bConfirmedAccnt)
{
pnlAccntDetails.Visible = false;
pnlSecQuestions.Visible = true;
}
else
{
pnlAccntDetails.Visible = true;
pnlSecQuestions.Visible = false;
ShowSysFeedback();
}
}
else
{
pnlAccntDetails.Visible = true;
pnlSecQuestions.Visible = false;
Master.StatusCode = 9; //9: account is locked
Master.StatusComment = "Your account has been locked. Please contact the system administrator to reactivate your login.";
ShowSysFeedback();
}
}
else
{
Master.StatusCode = 1;
Master.StatusComment = "The Username you entered is incorrect.";
ShowSysFeedback();
}
}
else
{
ShowSysFeedback();
return;
}
}
else if (pnlSecQuestions.Visible)
{
///long lValidate = 0;
long lFXUserID = 0;
if (txtAnswer1.Text.Trim().Length > 0 &&
txtAnswer2.Text.Trim().Length > 0)
{
if (ViewState["FX_USER_ID"] != null)
{
lFXUserID = Convert.ToInt32(ViewState["FX_USER_ID"]);
}
string strAnswer1 = sec.Enc(txtAnswer1.Text.Trim().ToLower(), String.Empty);
string strAnswer2 = sec.Enc(txtAnswer2.Text.Trim().ToLower(), String.Empty);
secquest.ValidateAnswers(lFXUserID, strAnswer1, strAnswer2, String.Empty);
if (Master.StatusCode == 0) // good to continue to reset password
{
pnlSecQuestions.Visible = false;
pnlNewPassword.Visible = true;
}
else if (Master.StatusCode == 1) //1: invalid answer
{
ShowSysFeedback();
}
else if (Master.StatusCode == 9) //9: account is locked
{
btnSubmit.Visible = false;
divAccLocked.InnerText = Master.StatusComment;
divAccLocked.Visible = true;
}
}
else
{
Master.StatusCode = 1;
Master.StatusComment = "Please answer all the questions to continue.";
ShowSysFeedback();
}
}
else if (pnlNewPassword.Visible)
{
if (txtPassword.Text.Trim().Length < 1 || txtConfirmPassword.Text.Trim().Length < 1)
{
Master.StatusCode = 1;
Master.StatusComment = "Pasword and Password Confirmation are required.";
ShowSysFeedback();
return;
}
if (txtPassword.Text.Trim() != txtConfirmPassword.Text.Trim())
{
Master.StatusCode = 1;
Master.StatusComment = "Pasword and Password Confirmation are different.";
ShowSysFeedback();
return;
}
//change password and login
long lFXUserID = 0;
if (ViewState["FX_USER_ID"] != null)
{
lFXUserID = Convert.ToInt32(ViewState["FX_USER_ID"]);
}
string strUserName = txtUserName.Text.Trim();
if (sec.ValidatePasswordRules(Master, txtPassword.Text.Trim()))
{
if (secquest.ResetPassword(lFXUserID, strUserName, txtPassword.Text.Trim()))
{
long lStatusCode = 0;
string strStatusComment = String.Empty;
if (sec.Login(Master, txtUserName.Text.Trim(), txtPassword.Text.Trim()) != 0)
{
Master.StatusCode = lStatusCode;
Master.StatusComment = strStatusComment;
ShowSysFeedback();
return;
}
//set a session variable with the login time
Session["SESSION_INITIATED"] = DateTime.Now;
//redirect, we are now logged in
//Master.Response.Redirect("portal_revamp.aspx");
Master.Response.Redirect("portal_start.aspx");
return;
}
}
}
ShowSysFeedback();
}
protected void Save(out bool bSaved)
{
bSaved = false;
if (bAllowUpdate)
{
if (!String.IsNullOrEmpty(txtUserId.Text) && txtUserId.Text.Trim().Length > 0)
{
#region SaveUser
strMessage = "";
//////////////////////////////////////////////////////
//user account is valid so press on with the saves...
CUserAdmin usrSave = new CUserAdmin();
int iUserType = 0;
//get the user rights for storing
long lUserRights = 0;
long lReadOnly = 0;
GetUserRights(out lUserRights, out lReadOnly);
strMessage = CheckUserDemoErrors();
if (strMessage != "")
{
BaseMstr.StatusCode = 1;
BaseMstr.StatusComment = strMessage;
ShowSysFeedback();
return;
}
//User Type Selected
iUserType = Convert.ToInt32(rblUserType.SelectedItem.Value);
int lService = 0;
//fx sec helper
CSec sec = new CSec();
if (chkResetPasswd.Checked || String.IsNullOrEmpty(htxtProviderID.Value))
{
//make sure pwd and verify pwd match
if (txtPassword.Text != txtVerifyPassword.Text)
{
BaseMstr.StatusCode = 1;
BaseMstr.StatusComment = "Password and verify password must match!";
ShowSysFeedback();
return;
}
//check all the account rules for the account...
if (!sec.ValidateUserAccountRules(BaseMstr,
txtUserId.Text,
txtPassword.Text))
{
BaseMstr.StatusCode = 1;
//Note: ValidateUserAccountRules will set StatusCode/StatusComment info
ShowSysFeedback();
return;
}
}
////////////////////////////////////////////////////////
////user account is valid so press on with the saves...
//is a user is looked up, then SelectedProviderID will be set
//otherwise we are creating a new user
if (htxtProviderID.Value == "")//this is a new user
{
if (BaseMstr.StatusCode == 0)
{
//note: user name and pwd are valid so do the inserts
//make sure user name does not already exist since
//we are doing an insert
if (sec.UserNameExists(BaseMstr, txtUserId.Text))
{
BaseMstr.StatusCode = 1;
BaseMstr.StatusComment = "Please choose a different user name!";
ShowSysFeedback();
return;
}
//get a new provider id
strNewProviderID = BaseMstr.APPMaster.GetNewProviderID();
//insert a record into the suat user table
usrSave.InsertSuatUser(BaseMstr,
strNewProviderID,
0, //n/a now that we have fx-user - Locked
txtName.Text,
"N/A", //Not Used Rank
0, //Not Used Service,
txtTitle.Text,
"N/A", //Not Used Corps,
"N/A", //Not Used Squadron,
"N/A", //Not Used OfficeSymbol,
txtPhone.Text,
txtEmail.Text,
cboSite.SelectedValue,
"N/A", //- Not Used UIDPWD
0, //n/a now that we have fx_user - Not Used MustChgPWD
"N/A"); //Not Used SupervisorID);
if (BaseMstr.StatusCode == 0)
{
BaseMstr.SelectedProviderID = strNewProviderID;
htxtProviderID.Value = strNewProviderID;
//insert a record into the fx_user table and update
//the fx_user_id in the suat user table
long lFXUserID = 0;
sec.InsertFXUser(BaseMstr,
BaseMstr.SelectedProviderID,
txtUserId.Text,
txtPassword.Text,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked,
out lFXUserID);
if (BaseMstr.StatusCode == 0)
{
sec.UpdateFXUserRights(BaseMstr,
lFXUserID,
iUserType,
lUserRights,
lReadOnly);
txtUserId.Enabled = false;
chkResetPasswd.Checked = false;
txtPassword.Text = String.Empty;
txtVerifyPassword.Text = String.Empty;
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
}
bSaved = (BaseMstr.StatusCode == 0);
}
}
}
else //if is existing user
{
//user is selected for edit
if (htxtProviderID.Value != "")
{
BaseMstr.SelectedProviderID = htxtProviderID.Value;
if (BaseMstr.StatusCode == 0)
{
//update the users record in the SUAT_USER table
usrSave.UpdateSuatUser(BaseMstr,
0, //n.a now that we have fx_user - Locked
txtName.Text,
"N/A", //Not Used Rank
0, //Not Used Service,
txtTitle.Text,
"N/A", //Not Used Corps
"N/A", //Not Used Squadron
"N/A", //Not Used OfficeSymbol
txtPhone.Text,
txtEmail.Text,
cboSite.SelectedValue,
"N/A", //Not Used UIDPWD
0, //n/a now that we have fx_user -Not Used MustChgPWD
"N/A"); //Not Used SupervisorID);
if (BaseMstr.StatusCode == 0)
{
long lFXUserID = 0;
BaseMstr.SetVSValue("FXUserIDExists", CheckIfFXUserRecExists());
blnFXUserIDExists = BaseMstr.GetVSBoolValue("FXUserIDExists");
if (!blnFXUserIDExists)
{
//insert a record into the fx_user table and update
//the fx_user_id in the patient table
sec.InsertFXUser(BaseMstr,
BaseMstr.SelectedProviderID,
txtUserId.Text,
txtPassword.Text,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked,
out lFXUserID);
if (BaseMstr.StatusCode == 0)
{
txtUserId.Enabled = false;
chkResetPasswd.Checked = false;
txtPassword.Text = String.Empty;
txtVerifyPassword.Text = String.Empty;
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
bSaved = true;
}
bSaved = (BaseMstr.StatusCode == 0);
}
else
{
//update a record into the fx_user table and update
//the fx_user_id in the suat user table
lFXUserID = getFXUserID();
}
//ONLY if we changed the users account info, update the
//record in the FX_USER table
if (chkResetPasswd.Checked)
{
sec.UpdateFXUserPWD(BaseMstr,
lFXUserID,
txtUserId.Text,
txtPassword.Text,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked
);
if (BaseMstr.StatusCode == 0)
{
txtUserId.Enabled = false;
chkResetPasswd.Checked = false;
txtPassword.Text = String.Empty;
txtVerifyPassword.Text = String.Empty;
txtPassword.Enabled = false;
txtVerifyPassword.Enabled = false;
}
bSaved = (BaseMstr.StatusCode == 0);
}
else
{
bSaved = sec.UpdateFXUserOptions(BaseMstr,
lFXUserID,
chkbxAccountLocked.Checked,
chkbxAccountInactive.Checked
);
}
//update fx_user_rights
bSaved = sec.UpdateFXUserRights(BaseMstr,
lFXUserID,
iUserType,
lUserRights,
lReadOnly);
}
bSaved = (BaseMstr.StatusCode == 0);
}
}
}
LoadUsersData();
#endregion
}
else
{
BaseMstr.StatusCode = 1;
BaseMstr.StatusComment = "<b>Username</b> and <b>Password</b> are required for the new user account.";
}
}
else
{
BaseMstr.StatusCode = 1;
BaseMstr.StatusComment = "<img alt=\"\" src=\"Images/lock16x16.png\" /> You have <b>Read-Only Access</b> to this section.";
}
ShowSysFeedback();
return;
}
