private void butOK_Click(object sender, System.EventArgs e)
{
bool usingEcw = Programs.UsingEcwTightOrFullMode();
Userod selectedUser = null;
if (PrefC.GetBool(PrefName.UserNameManualEntry))
{
for (int i = 0; i < listUser.Items.Count; i++)
{
//Check the user name typed in using ToLower and Trim because Open Dental is case insensitive and does not allow white-space in regards to user names.
if (textUser.Text.Trim().ToLower() == listUser.Items[i].ToString().Trim().ToLower())
{
selectedUser = (Userod)listUser.Items[i]; //Found the typed username
break;
}
}
if (selectedUser == null)
{
MsgBox.Show(this, "Login failed");
return;
}
}
else
{
selectedUser = (Userod)listUser.SelectedItem;
}
string password = textPassword.Text;
if (usingEcw) //ecw requires hash, but non-ecw requires actual password
{
password = Userods.HashPassword(password, true);
}
if (selectedUser.UserName == "Stay Open" && IsSimpleSwitch && PrefC.IsODHQ)
{
// No need to check password when changing task users at HQ to user "Stay Open".
}
else
{
try {
Userods.CheckUserAndPassword(selectedUser.UserName, password, usingEcw);
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb && selectedUser.Password == "" && textPassword.Text == "")
{
MsgBox.Show(this, "When using the web service, not allowed to log in with no password. A password should be added for this user.");
return;
}
//successful login.
if (!IsSimpleSwitch)
{
Security.CurUser = selectedUser.Copy();
Security.IsUserLoggedIn = true;
//Jason approved always storing the cleartext password that the user typed in
//since this is necessary for Reporting Servers over middle tier and was already happening when a user logged in over middle tier.
Security.PasswordTyped = password;
if (PrefC.GetBool(PrefName.PasswordsMustBeStrong) && PrefC.GetBool(PrefName.PasswordsWeakChangeToStrong))
{
if (Userods.IsPasswordStrong(textPassword.Text) != "") //Password is not strong
{
MsgBox.Show(this, "You must change your password to a strong password due to the current Security settings.");
FormOpenDental FormOD = Application.OpenForms.OfType <FormOpenDental>().ToList()[0]; //There always should be exactly 1.
if (!FormOD.ChangePassword(true)) //Failed password update.
{
return;
}
}
}
}
else
{
CurUserSimpleSwitch = selectedUser.Copy();
}
if (!IsSimpleSwitch)
{
SecurityLogs.MakeLogEntry(Permissions.UserLogOnOff, 0, "User: "******" has logged on.");
}
Plugins.HookAddCode(this, "FormLogOn.butOK_Click_end");
DialogResult = DialogResult.OK;
}
private void butLogin_Click(object sender, EventArgs e)
{
Userod userEntered;
string password;
try {
bool useEcwAlgorithm = Programs.UsingEcwTightOrFullMode();
//ecw requires hash, but non-ecw requires actual password
password = textPassword.Text;
if (useEcwAlgorithm)
{
//Userods.HashPassword explicitly goes over to middle tier in order to use it's MD5 algorithm.
//It doesn't matter what Security.CurUser is when it is null because we are technically trying to set it for the first time.
//It cannot be null before invoking HashPassword because middle needs it to NOT be null when creating the credentials for DtoGetString.
if (Security.CurUser == null)
{
Security.CurUser = new Userod();
}
password = Userods.HashPassword(password, true);
}
string username = textUser.Text;
#if DEBUG
if (username == "")
{
username = "******";
password = "******";
}
#endif
userEntered = Userods.CheckUserAndPassword(username, password, useEcwAlgorithm);
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
//successful login.
Security.CurUser = userEntered;
Security.PasswordTyped = password;
Security.IsUserLoggedIn = true;
RemotingClient.HasLoginFailed = false;
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb &&
string.IsNullOrEmpty(userEntered.Password) &&
string.IsNullOrEmpty(textPassword.Text))
{
MsgBox.Show(this, "When using the web service, not allowed to log in with no password. A password should be added for this user.");
FormOpenDental FormOD = Application.OpenForms.OfType <FormOpenDental>().ToList()[0]; //There always should be exactly 1.
if (!FormOD.ChangePassword(true)) //Failed password update.
{
return;
}
}
if (PrefC.GetBool(PrefName.PasswordsMustBeStrong) &&
PrefC.GetBool(PrefName.PasswordsWeakChangeToStrong) &&
Userods.IsPasswordStrong(textPassword.Text) != "") //Password is not strong
{
MsgBox.Show(this, "You must change your password to a strong password due to the current Security settings.");
FormOpenDental FormOD = Application.OpenForms.OfType <FormOpenDental>().ToList()[0]; //There always should be exactly 1.
if (!FormOD.ChangePassword(true)) //Failed password update.
{
return;
}
}
SecurityLogs.MakeLogEntry(Permissions.UserLogOnOff, 0, "User: "******" has logged on.");
DialogResult = DialogResult.OK;
}
