public ActionResult UpdateStaffAcct(int?user_id, string state)
{
if (user_id == null)
{
return(HttpNotFound());
}
user_id = Convert.ToInt32(user_id);
User user = db.Users.SingleOrDefault(x => x.User_Id == user_id);
if (user == null)
{
return(HttpNotFound());
}
if (string.IsNullOrWhiteSpace(Request.Form["First_Name"]))
{
ModelState.AddModelError("First_Name", "กรุณาระบุชื่อ");
}
if (string.IsNullOrWhiteSpace(Request.Form["Last_Name"]))
{
ModelState.AddModelError("Last_Name", "กรุณาระบุนามสกุล");
}
bool can_crud_this_user = Permission.can_update_this_staff(user);
if (!can_crud_this_user)
{
return(HttpNotFound());
}
user.First_Name = Request.Form["First_Name"];
user.Last_Name = Request.Form["Last_Name"];
user.Dept_Cd = Request.Form["Dept_Cd"];
user.Group_Id = Convert.ToByte(Request.Form["Group_Id"]);
user.Status_Cd = Request.Form["Status_Cd"];
if (!string.IsNullOrWhiteSpace(Request.Form["PlainPwd"]))
{
string pwd = Request.Form["PlainPwd"];
user.Password = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "SHA1");
}
if (ModelState.IsValid)
{
db.Entry(user).State = EntityState.Modified;
db.SaveChanges();
FreebieEvent.UserUpdateEvent(Permission.staff_acct_page_id, "A04");
//init_dropdown(user);
return(View("ViewStaffAcct", user));
}
else
{
init_dropdown(user);
return(View(user));
}
}
public ActionResult UpdateBaseQuota(string state)
{
using (var db = new EchoContext())
{
IEnumerable <Quota> quotas = db.Quotas.Where(x => x.Quota_Type_Cd.Equals("B"));
string user_no = Session["User_No"].ToString();
foreach (var item in quotas)
{
string fv = Request.Form["Quota_Freq_Val_" + item.Quota_Cd];
string dv = Request.Form["Quota_Dur_Val_" + item.Quota_Cd];
try
{
item.Quota_Freq_Val = Convert.ToByte(fv);
item.Quota_Dur_Val = Convert.ToByte(dv);
item.Updated_By = user_no;
item.Updated_Dttm = DateTime.Now;
db.Entry(item).State = EntityState.Modified;
}
catch
{
return(View(quotas));
}
}
db.SaveChanges();
FreebieEvent.UserUpdateEvent(Permission.base_quota_page_id, "A04");
return(RedirectToAction("BaseQuota"));
}
}
public static int ValidateOTP(string phone_number, string otp_pwd)
{
/* returning value
* 0 - pass
* 1 - failed, try again
* 2 - failed, start over
* 3 - expired, start over
*/
long number = Convert.ToInt64(phone_number);
using (var db = new EchoContext())
{
OTP otp = db.OTPs.SingleOrDefault(x => x.PhoneNumber.Equals(phone_number));
if (otp == null)
{
return(2);
}
if (otp.Counter >= 3)
{
return(2);
}
int cmp = DateTime.Compare(DateTime.Now, otp.Expired_Dttm);
if (cmp > 0)
{
return(3);
}
string check_otp = GenerateOTP(otp.Secret, number);
if (check_otp.Equals(otp_pwd))
{
return(0);
}
else
{
otp.Counter += 1;
db.Entry(otp).State = EntityState.Modified;
db.SaveChanges();
if (otp.Counter >= 3)
{
return(2);
}
return(1);
}
}
}
public ActionResult UpdateActivationLimit(ActivationLimit al)
{
using (var db = new EchoContext())
{
AdminConfiguration ac = db.AdminConfigurations.SingleOrDefault();
string user_no = Session["User_No"].ToString();
ac.No_Activation_Limit_Total = Convert.ToInt32(al.no_activation_limit_total);
ac.No_Activation_Limit_Daily = Convert.ToInt32(al.no_activation_limit_daily);
ac.Updated_By = user_no;
ac.Updated_Dttm = DateTime.Now;
db.Entry(ac).State = EntityState.Modified;
db.SaveChanges();
FreebieEvent.UserUpdateEvent(Permission.activation_page_id, "A04");
return(RedirectToAction("ActivationLimit"));
}
}
public ActionResult UpdateFreeTrialQuota(TrialQuota tq)
{
using (var db = new EchoContext())
{
AdminConfiguration ac = db.AdminConfigurations.SingleOrDefault();
string user_no = Session["User_No"].ToString();
ac.Trial_Limit_Total = Convert.ToInt32(tq.trial_limit_total);
ac.Trial_Dur_Val = Convert.ToInt32(tq.trial_dur_val);
ac.Trial_Enable_Flag = Convert.ToBoolean(tq.trial_enable_flag);
ac.Updated_By = user_no;
ac.Updated_Dttm = DateTime.Now;
db.Entry(ac).State = EntityState.Modified;
db.SaveChanges();
FreebieEvent.UserUpdateEvent(Permission.free_trial_page_id, "A04");
return(RedirectToAction("FreeTrialQuota"));
}
}
public ActionResult AddNumber(string phoneNumber)
{
string password = Request.Form["Password"];
phoneNumber = GetCookie("Acct", "phone_number");
bool flag = true;
if (string.IsNullOrEmpty(phoneNumber))
{
ViewBag.ValidNumber = false;
ViewBag.PhoneNumber = "";
flag = false;
}
ViewBag.PhoneNumber = phoneNumber;
string otp = Request.Form["Password"];
if (flag && (string.IsNullOrEmpty(otp) || otp.Length < 4))
{
ViewBag.ValidNumber = true;
ViewBag.Error = true;
ViewBag.ErrorMessage = System.Configuration.ConfigurationManager.AppSettings["Validate010"];
flag = false;
}
if (flag)
{
int result = OTPHandler.ValidateOTP(phoneNumber, otp);
switch (result)
{
case 0:
int account_id = Convert.ToInt32(Session["Account_Id"].ToString());
var account = db.Accounts.SingleOrDefault(x => x.Account_Id == account_id);
if (account == null)
{
return(HttpNotFound());
}
AccountMobile am = db.AccountMobiles.Where(x => x.Account_Id.Equals(account.Account_Id)).Where(x => x.Mobile_Number.Equals(phoneNumber)).SingleOrDefault();
bool first_create = false;
if (am == null)
{
am = new AccountMobile();
am.Account_Id = account.Account_Id;
am.Status_Cd = FreebieStatus.MobileActive();
am.Mobile_Number = phoneNumber;
am.Primary_Flag = false;
am.Created_Dttm = DateTime.Now;
am.Updated_Dttm = DateTime.Now;
first_create = true;
}
if (first_create)
{
db.AccountMobiles.Add(am);
}
else
{
am.Status_Cd = FreebieStatus.MobileActive();
am.Created_Dttm = DateTime.Now;
am.Updated_Dttm = DateTime.Now;
db.Entry(am).State = EntityState.Modified;
}
OTP otp_request = db.OTPs.SingleOrDefault(x => x.PhoneNumber.Equals(phoneNumber));
if (otp_request != null)
{
db.OTPs.Remove(otp_request);
}
db.SaveChanges();
FreebieEvent.UpdateMobile(account, phoneNumber, "A03", Permission.f_update_number_page_id);
RemoveCoookie("Acct");
return(RedirectToAction("ViewNumber", "AccInfo"));
case 1:
ViewBag.Error = true;
ViewBag.ValidNumber = true;
ViewBag.ErrorMessage = System.Configuration.ConfigurationManager.AppSettings["Validate007"];
ViewBag.ShowPwd = true;
break;
case 2:
ViewBag.ValidNumber = false;
ViewBag.PhoneNumber = "";
ViewBag.ResetOTP = System.Configuration.ConfigurationManager.AppSettings["Otp03"];
RemoveCoookie("Acct");
break;
case 3:
ViewBag.ValidNumber = false;
ViewBag.PhoneNumber = "";
ViewBag.ResetOTP = System.Configuration.ConfigurationManager.AppSettings["Otp04"];
RemoveCoookie("Acct");
break;
default:
break;
}
}
ViewBag.ShowPwd = true;
return(View());
}
public static string RequestOTP(string phone_number)
{
var today = DateTime.Now;
int limit_daily = Convert.ToInt32(System.Configuration.ConfigurationManager.AppSettings["OTP_ALLOW_PER_DAY_PER_NUMBER"]);
int interval = Convert.ToInt32(System.Configuration.ConfigurationManager.AppSettings["INTERVAL_PERIOD_BETWEEN_OTP"]);
using (var db = new EchoContext()) {
phone_number = phone_number.Replace("-", "");
long number = Convert.ToInt64(phone_number);
OTPRequest otp_request = db.OTPRequests.Where(x => x.Date.Equals(today.Date)).Where(x => x.PhoneNumber.Equals(phone_number)).SingleOrDefault();
var request_time = DateTime.Now;
if (otp_request == null)
{
bool flag = true;
otp_request = new OTPRequest();
otp_request.PhoneNumber = phone_number;
otp_request.Count = 0;
OTP otp = db.OTPs.SingleOrDefault(x => x.PhoneNumber.Equals(phone_number));
string secret_str = Secret();
if (otp == null)
{
otp = new OTP();
flag = false;
}
otp.Secret = secret_str;
otp.PhoneNumber = phone_number;
otp.Counter = 0;
otp.Expired_Dttm = request_time.AddMinutes(Convert.ToInt32(System.Configuration.ConfigurationManager.AppSettings["OTPPwdExpired"]));
if (flag)
{
db.Entry(otp).State = EntityState.Modified;
}
else
{
db.OTPs.Add(otp);
}
otp_request.Last_Request_At = request_time;
otp_request.PhoneNumber = phone_number;
otp_request.Date = request_time.Date;
otp_request.Count = 1;
db.OTPRequests.Add(otp_request);
db.SaveChanges();
return(GenerateOTP(secret_str, number));
}
else
{
TimeSpan diff = request_time.Subtract(Convert.ToDateTime(otp_request.Last_Request_At));
if (diff.TotalMinutes > interval && otp_request.Count < limit_daily)
{
bool flag = true;
OTP otp = db.OTPs.SingleOrDefault(x => x.PhoneNumber.Equals(phone_number));
string secret_str = Secret();
if (otp == null)
{
otp = new OTP();
flag = false;
}
otp.Secret = secret_str;
otp.PhoneNumber = phone_number;
otp.Counter = 0;
otp.Expired_Dttm = request_time.AddMinutes(Convert.ToInt32(System.Configuration.ConfigurationManager.AppSettings["OTPPwdExpired"]));
if (flag)
{
db.Entry(otp).State = EntityState.Modified;
}
else
{
db.OTPs.Add(otp);
}
otp_request.Last_Request_At = request_time;
otp_request.Count += 1;
db.Entry(otp_request).State = EntityState.Modified;
db.SaveChanges();
return(GenerateOTP(secret_str, number));
}
else
{
if (otp_request.Count >= limit_daily)
{
return("limit_daily");
}
return("limit_interval");
}
}
}
}