public ActionResult AddCustomer(UserCustomer newAccount) { if (ModelState.IsValid) { var entity = new Users() { Email = newAccount.newUser.Email, Password = newAccount.newUser.Password, PasswordConf = newAccount.newUser.PasswordConf, RoleID = 1 }; db.users.Add(entity); db.SaveChanges(); int newUserID = (int)entity.UserID; var entity2 = new Customers() { Address = newAccount.newCustomer.Address, City = newAccount.newCustomer.City, CompanyName = newAccount.newCustomer.CompanyName, Email = newAccount.newUser.Email, Phone = newAccount.newCustomer.Phone, RepID = newAccount.newCustomer.RepID, SMS = newAccount.newCustomer.SMS, Zip = newAccount.newCustomer.Zip, UserID = newUserID }; db.customers.Add(entity2); db.SaveChanges(); return(RedirectToAction("Index", "Home")); } else { return(View(newAccount)); } }
protected void Button3_OnClick(object sender, EventArgs e) { string tree = Session["rngPhoneLEmailUserReg"].ToString(); string emailcheckl = enailcheck.Text.Trim(); if (tree.Equals(emailcheckl)) { UserCustomer us = new UserCustomer(); string usess = Session["nextPageUserReg"].ToString(); us.updateStatusEmail(usess, "true"); Label3.Text = "Email verified"; } else { Label3.Text = "Incorrect otp"; } }
public IHttpActionResult PutUserCustomer(string id, UserCustomer userCustomer) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (id != userCustomer.UserID) { return(BadRequest()); } db.Entry(userCustomer).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { if (!UserCustomerExists(id)) { return(NotFound()); } else { throw; } } return(StatusCode(HttpStatusCode.NoContent)); }
public async Task <bool> AssignDivisions(string userId, Dictionary <int, string> customerDivisions) { var user = await context.Users.Where(x => x.Id == userId).FirstOrDefaultAsync(); var gsUser = await context.UserInfos.Where(x => x.UserName == user.UserName).FirstOrDefaultAsync(); var currentDivIds = gsUser.UserCustomers.Select(x => x.DivisionId).ToList(); var divisionIds = customerDivisions.Keys; foreach (int divId in divisionIds.Where(x => !currentDivIds.Contains(x))) { var division = await context.CustomerDivisions.FirstOrDefaultAsync(x => x.DivisionId == divId); if (division != null) { var usercust = new UserCustomer(); usercust.CustomerId = division.CustomerId; usercust.DivisionId = division.DivisionId; usercust.UserId = gsUser.UserId; gsUser.UserCustomers.Add(usercust); await context.SaveChangesAsync(); } } return(true); }
public ActionResult DeleteConfirmed(int id) { UserCustomer userCustomer = db.UserCustomers.Find(id); db.UserCustomers.Remove(userCustomer); db.SaveChanges(); return(RedirectToAction("Index")); }
protected void Button1_Click(object sender, EventArgs e) { string usernameee = TextBox1.Text.Trim(); UserCustomer cu = new UserCustomer(); cu = cu.getAllDataByName(usernameee); if (cu == null) { Label2.Text = "Invalid user"; } else { Label2.Text = ""; string username = TextBox1.Text.Trim(); string Nric = TextBox6.Text.Trim(); string phoneNumber = TextBox5.Text.Trim(); string email = TextBox3.Text.Trim(); string birthday = TextBox2.Text.Trim(); UserCustomer dsa = new UserCustomer(); string dbgetPo = dsa.getAllDataByName(username).ForgetHash; string checkVali = HiddenFieldCheckForValBu.Value.Trim(); System.Diagnostics.Debug.Write("ds" + checkVali); if (dbgetPo.Equals(checkVali)) { Session["forgetPassTosaveusername"] = username; Session["forgetPassTosavenric"] = Nric; Session["forgetPassTosavephoneNumber"] = phoneNumber; Session["forgetPassTosaveemail"] = email; Session["forgetPassTosavebirthday"] = birthday; Response.Redirect("EmailOtp.aspx"); } else { Label1.Text = "*One of the fields you have entered is incorrect"; } } // Tzwilio d = new Tzwilio("+6598517761","testung"); // d.choasSms(); // EmailSender s = new EmailSender("Aravin", "*****@*****.**","21/09/1997","Hi, Reagrds"); // s.SendSimpleMessage(); }
// protected void forgetpassword(object sender, EventArgs e) // { // Response.Redirect("2faLogin.aspx", false); // } protected void Button1_Click(object sender, EventArgs e) { UserCustomer ssdsd = new UserCustomer(); ssdsd = ssdsd.getAllDataByName(Session["usernameLogin"].ToString()); int cuas = ssdsd.Attempt; System.Diagnostics.Debug.WriteLine(cuas); if (cuas < 3) { string username = (string)Session["usernameLogin"]; UserCustomer su = new UserCustomer(); su = su.getAllDataByName(username); //getting salt and hash from db based on username string salt = su.Passwordsalt; string hashvalueToCheck = su.Passwordhash; //server hashing string hashvalClient = TextBox2.Text; string combine = hashvalClient + salt; SHA512Managed hashing = new SHA512Managed(); byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(combine)); //converting bytes to base64 string finalval = Convert.ToBase64String(serverHashwithSaltHashed); System.Diagnostics.Debug.WriteLine(finalval); //validation if (hashvalueToCheck == finalval) { Session["accountLoginVerified"] = "true"; Session["md5Store"] = hashvalClient; Response.Redirect("2faLogin.aspx", false); } else { UserCustomer sd = new UserCustomer(); UserCustomer users = new UserCustomer(); users = sd.getAllDataByName(username); int curreatt = users.Attempt; sd.updateuserattempts(username, curreatt + 1); Labelerr.Text = "You have entered a Incorrect password"; } } else { Labelerr.Text = "Account locked, you had 3 failed logon attempts"; } }
public ActionResult Registration() { UserCustomer uc = new UserCustomer { categories = db.Categories.ToList() }; return(PartialView(uc)); }
public ActionResult Edit([Bind(Include = "UserCustomersId,FullNameUser,CardIDUser,AddressUser,NumberPhoneUser,EmailUser")] UserCustomer userCustomer) { if (ModelState.IsValid) { db.Entry(userCustomer).State = System.Data.Entity.EntityState.Modified; db.SaveChanges(); return(RedirectToAction("Index")); } return(View(userCustomer)); }
public UserCustomer getAllDataByName(string name) { UserCustomer cus; string username, passwordhash, passwordsalt, phoneNo, address, firstName, lastName, email, birthday, emailverified, phoneverified, nric, forgetHash; int attempt; string queryStr = "SELECT* FROM Customer WHERE username = @username"; SqlConnection conn = new SqlConnection(_connStr); SqlCommand cmd = new SqlCommand(queryStr, conn); cmd.Parameters.AddWithValue("@username", encryptData(name)); conn.Open(); SqlDataReader dr = cmd.ExecuteReader(); if (dr.Read()) { username = decryptDataString(dr["username"].ToString()); passwordhash = decryptDataString(dr["passwordhash"].ToString()); passwordsalt = decryptDataString(dr["passwordsalt"].ToString()); phoneNo = decryptDataString(dr["phoneNo"].ToString()); address = decryptDataString(dr["address"].ToString()); firstName = decryptDataString(dr["firstName"].ToString()); lastName = decryptDataString(dr["lastName"].ToString()); email = decryptDataString(dr["email"].ToString()); birthday = decryptDataString(dr["birthday"].ToString()); emailverified = decryptDataString(dr["emailVerified"].ToString()); phoneverified = decryptDataString(dr["phoneVerified"].ToString()); nric = decryptDataString(dr["nric"].ToString()); forgetHash = decryptDataString(dr["forgethash"].ToString()); attempt = Convert.ToInt32(dr["attempts"].ToString()); cus = new UserCustomer(username, passwordhash, passwordsalt, phoneNo, address, firstName, lastName, email, birthday, emailverified, phoneverified, nric, forgetHash, attempt); } else { cus = null; } conn.Close(); dr.Close(); dr.Dispose(); return(cus); }
public IHttpActionResult GetUserCustomer(string id) { UserCustomer userCustomer = db.UserCustomers.Find(id); if (userCustomer == null) { return(NotFound()); } return(Ok(userCustomer)); }
public ActionResult Create([Bind(Include = "UserCustomersId,FullNameUser,CardIDUser,AddressUser,NumberPhoneUser,EmailUser")] UserCustomer userCustomer) { if (ModelState.IsValid) { db.UserCustomers.Add(userCustomer); db.SaveChanges(); return(RedirectToAction("Create")); } return(View(userCustomer)); }
public IHttpActionResult PostUserCustomer(UserCustomer userCustomer) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } db.UserCustomers.Add(userCustomer); db.SaveChanges(); return(CreatedAtRoute("DefaultApi", new { id = userCustomer.UserID }, userCustomer)); }
public ActionResult Index(string filter) { MembershipUser myObject = Membership.GetUser(); Guid UserID = Guid.Parse(myObject.ProviderUserKey.ToString()); UserCustomer usercustomer = db.UserCustomers.Single(s => s.UserID == UserID); var subscribers2 = from subscriber in db.Subscribers where ((subscriber.FirstName.Contains(filter)|| subscriber.LastName.Contains(filter)) && (subscriber.CustomerID == usercustomer.CustomerID || subscriber.CustomerID == 0)) select new SubscriberCheckedModel { subscriber = subscriber, AddToGroup = false }; SubscriberCheckedListViewModel test = new SubscriberCheckedListViewModel(); test.subscribers = subscribers2.ToList(); return View(test); }
public IHttpActionResult DeleteUserCustomer(string id) { UserCustomer userCustomer = db.UserCustomers.Find(id); if (userCustomer == null) { return(NotFound()); } db.UserCustomers.Remove(userCustomer); db.SaveChanges(); return(Ok(userCustomer)); }
// // GET: /SubscriberGroup/ public ActionResult Index(int id) { groupID = id; MembershipUser myObject = Membership.GetUser(); Guid UserID = Guid.Parse(myObject.ProviderUserKey.ToString()); UserCustomer usercustomer = db.UserCustomers.Single(s => s.UserID == UserID); var subscribers = from subscriber in db.Subscribers where (subscriber.CustomerID == usercustomer.CustomerID) | (subscriber.CustomerID == 0) select new SubscriberCheckedModel { subscriber = subscriber, AddToGroup = false }; SubscriberCheckedListViewModel test = new SubscriberCheckedListViewModel(); test.subscribers = subscribers; test.GroupId=groupID; return View(test); }
// GET: UserCustomers/Delete/5 public ActionResult Delete(int?id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } UserCustomer userCustomer = db.UserCustomers.Find(id); if (userCustomer == null) { return(HttpNotFound()); } return(View(userCustomer)); }
protected void Button1_Click(object sender, EventArgs e) { string passhashfromform = TextBox1.Text.Trim(); //look here Session["md5hashforforgetpassplsthx"] = passhashfromform; System.Diagnostics.Debug.WriteLine(passhashfromform); string nricFromform = HiddenFieldNricEncrypted.Value; string bdfromform = HiddenFieldBirthdayEncrypted.Value; UserCustomer cs = new UserCustomer(); string saltFrodb = cs.getAllDataByName(Session["forgetPassTosaveusername"].ToString()).Passwordsalt; byte[] saltpls = Convert.FromBase64String(saltFrodb); string phonepl = Session["forgetPassTosavephoneNumber"].ToString(); string emailps = Session["forgetPassTosaveemail"].ToString(); string encryptedNric = encryptData(nricFromform, passhashfromform, saltpls); string encryptebirthdayc = encryptData(bdfromform, passhashfromform, saltpls); string encryptephone = encryptData(phonepl, passhashfromform, saltpls); string encryptemail = encryptData(emailps, passhashfromform, saltpls); Session["encryptedforforgetpassthxnric"] = encryptedNric; Session["encryptedforforgetpassthxbirthday"] = encryptebirthdayc; Session["encryptedforforgetpassthxphone"] = encryptephone; Session["encryptedforforgetpassthxemail"] = encryptemail; Session["sha1askeyforcleintx"] = HiddenFieldsha1fornextuser.Value; //label sucess Response.Redirect("addressConfirm.aspx"); }
protected void CustomValidator1_OnServerValidate(object source, ServerValidateEventArgs args) { string username = Server.HtmlEncode(TextBox1.Text); UserCustomer cu = new UserCustomer(); cu = cu.getAllDataByName(username); if (cu == null) { args.IsValid = false; } else { args.IsValid = true; } }
protected void existinguser_Validate(object source, ServerValidateEventArgs args) { UserCustomer customer = new UserCustomer(); List <String> usernamelist = customer.getAllUserName(); //auto random data insert to db incase of failure; prevent null try { System.Diagnostics.Debug.WriteLine("validator custom check " + usernamelist.Count + usernamelist[0]); } catch (Exception e) { string dummydata = "091dummydataOnlyonce"; UserCustomer n = new UserCustomer(dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata, dummydata); n.CustomerInsert(); } string currentUsername = Username.Text; int valtest = 0; for (int i = 0; i < usernamelist.Count; i++) { if (currentUsername.Equals(usernamelist[i])) { valtest++; } System.Diagnostics.Debug.WriteLine("Usernames in list :" + usernamelist[i]); } if (valtest != 0) { args.IsValid = false; } else { args.IsValid = true; } }
public ActionResult Registration(UserCustomer uc) { var result = false; if (ModelState.IsValid) { uc.user.Image = ImageUploaded.image_file_name; uc.user.RoleTypeId = 3; db.Users.Add(uc.user); db.SaveChanges(); uc.customer.userId = db.Users.Max(c => c.Id); db.Customers.Add(uc.customer); db.SaveChanges(); result = true; } return(Json(result, JsonRequestBehavior.AllowGet)); }
public ActionResult Register(RegisterModel model) { if (ModelState.IsValid) { var dao = new UserCustomerDao(); if (dao.CheckUserName(model.UserName)) { ModelState.AddModelError("", "UserName Exits!"); } else if (dao.CheckUserEmail(model.Email)) { ModelState.AddModelError("", "Email Exits!"); } else { var user = new UserCustomer(); user.UserName = model.UserName; user.Name = model.Name; user.Password = Encryptor.MD5Hash(model.Password); user.Phone = model.Phone; user.Email = model.Email; user.Address = model.Address; //user.Birthday = model.Birthday; user.CreateDate = DateTime.Now; user.Status = true; var result = dao.Insert(user); if (result > 0) { ViewBag.Success = "Register success!"; model = new RegisterModel(); } else { ModelState.AddModelError("", "Register fail!"); } } } return(View(model)); }
protected void Button1_Click(object sender, EventArgs e) { if (Page.IsValid) { UserCustomer ds = new UserCustomer(); UserCustomer aq = new UserCustomer(); aq = ds.getAllDataByName(TextBox1.Text); int att = aq.Attempt; if (att < 3) { Session["usernameLogin"] = Server.HtmlEncode(TextBox1.Text); Response.Redirect("passwordlogin.aspx"); } else { Labelatte.Text = "Account locked, you had 3 failed logon attempts"; } } }
protected void Button4_OnClick(object sender, EventArgs e) { string trer = Session["rngPhoneLPHHlUserReg"].ToString(); string get = TextBox2.Text.Trim(); if (trer.Equals(get)) { UserCustomer us = new UserCustomer(); string usess = Session["nextPageUserReg"].ToString(); us.updateStatusphone(usess, "true"); Label4.Text = "Phone verified"; } else { Label4.Text = "Incorrect otp"; } }
public async Task <bool> AssignCustomers(string userId, IList <string> customerIds) { var user = await context.Users.Where(x => x.Id == userId).FirstOrDefaultAsync(); var gsUser = await context.UserInfos.Where(x => x.UserName == user.UserName).FirstOrDefaultAsync(); var currentCustIds = gsUser.UserCustomers.Select(x => x.CustomerId).ToList(); //TODO: filter the ids already assigned foreach (string custId in customerIds.Where(x => !currentCustIds.Contains(x))) { var usercust = new UserCustomer(); usercust.CustomerId = custId; usercust.UserId = gsUser.UserId; gsUser.UserCustomers.Add(usercust); await context.SaveChangesAsync(); } return(true); }
protected void Button100_Click(object sender, EventArgs e) { string username = (string)Session["usernameLogin"]; string md5hash = (string)Session["md5Store"]; UserCustomer cu = new UserCustomer(); cu = cu.getAllDataByName(username); string salt = cu.Passwordsalt; string firstNameCipher = cu.FirstName; string lastNameCipher = cu.LastName; string nricCipher = cu.Nric; string phone = cu.PhoneNo; byte[] salttoByte = Convert.FromBase64String(salt); Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(md5hash, salttoByte); RijndaelManaged cipher = new RijndaelManaged(); //set key and initialisation vec from rfc cipher.Key = pdb.GetBytes(32); cipher.IV = pdb.GetBytes(16); ICryptoTransform decryptTransform = cipher.CreateDecryptor(); byte[] cipherphone = Convert.FromBase64String(phone); byte[] plaintextPhone = decryptTransform.TransformFinalBlock(cipherphone, 0, cipherphone.Length); string resultPhone = Encoding.UTF8.GetString(plaintextPhone); //save current date and time at the point of request DateTime timeofrequesttimeout = DateTime.Now.AddSeconds(30); System.Diagnostics.Debug.WriteLine(timeofrequesttimeout); Session["2faotptimeoutdatetimecheckthis"] = timeofrequesttimeout; Random rnd = new Random(); string digit = rnd.Next(999999).ToString(); Session["rngPhoneL"] = digit; System.Diagnostics.Debug.WriteLine(digit); //uncomment this string resPhone = "+65" + resultPhone; Tzwilio g = new Tzwilio(resPhone, digit); g.choasSms(); }
protected void Page_Load(object sender, EventArgs e) { string retrievemd5hash = TextBox6.Text; string salt = TextBox5.Text; System.Diagnostics.Debug.WriteLine("retrieved md5 val" + retrievemd5hash); System.Diagnostics.Debug.WriteLine("salt value" + salt); string serversidecombine = retrievemd5hash + salt; System.Diagnostics.Debug.WriteLine("serverside combine" + serversidecombine); SHA512Managed hashing = new SHA512Managed(); byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serversidecombine)); string finalHashval = Convert.ToBase64String(serverHashwithSaltHashed); System.Diagnostics.Debug.WriteLine("serverside final hash val" + finalHashval); //decr byte[] Key; byte[] IV; System.Diagnostics.Debug.WriteLine("new te---------------------------------------------------------------"); RijndaelManaged cipher = new RijndaelManaged(); cipher.GenerateKey(); Key = cipher.Key; IV = cipher.IV; System.Diagnostics.Debug.Write("The guy key: "); for (int i = 0; i < Key.Length; i++) { System.Diagnostics.Debug.Write(Key[i] + " "); } System.Diagnostics.Debug.Write("IV: "); for (int i = 0; i < IV.Length; i++) { System.Diagnostics.Debug.Write(IV[i] + " "); } System.Diagnostics.Debug.WriteLine("The guy key: " + Key); System.Diagnostics.Debug.WriteLine("IV: " + IV); System.Diagnostics.Debug.WriteLine("Testing Retrieve Mtd "); UserCustomer custTest = new UserCustomer(); custTest = custTest.getAllDataByName("123"); System.Diagnostics.Debug.WriteLine("username " + custTest.Username); System.Diagnostics.Debug.WriteLine("hash " + custTest.Passwordhash); System.Diagnostics.Debug.WriteLine("salt " + custTest.Passwordsalt); System.Diagnostics.Debug.WriteLine("PhoneNo " + custTest.PhoneNo); System.Diagnostics.Debug.WriteLine("Address " + custTest.Address); System.Diagnostics.Debug.WriteLine("FirstName " + custTest.FirstName); System.Diagnostics.Debug.WriteLine("LastName " + custTest.LastName); System.Diagnostics.Debug.WriteLine("Email " + custTest.Email); System.Diagnostics.Debug.WriteLine("Birthday " + custTest.Birthday); System.Diagnostics.Debug.WriteLine("EmailVerified " + custTest.EmailVerified); System.Diagnostics.Debug.WriteLine("PhoneVerified " + custTest.PhoneVerified); System.Diagnostics.Debug.WriteLine("Nric " + custTest.Nric); }
public long Insert(UserCustomer entity) { db.UserCustomers.Add(entity); db.SaveChanges(); return(entity.ID); }
protected void Button1_Click1(object sender, EventArgs e) { if (Page.IsValid) { System.Diagnostics.Debug.WriteLine("testing"); // Response.Redirect("errorxss.aspx", false); //captcha start :) var encodedResponse = Request.Form["g-Recaptcha-Response"]; System.Diagnostics.Debug.WriteLine(encodedResponse); var isCaptchaValid = ReCaptcha.Validate(encodedResponse); System.Diagnostics.Debug.WriteLine(isCaptchaValid); //done at the customvalidator side if (!isCaptchaValid) { System.Diagnostics.Debug.WriteLine("Captcha failure"); // E.g. Return to view or set an error message to visible } //captcha end :( //String a = TextBox1.Text; //String c = Text1.Value.ToString(); //System.Diagnostics.Debug.WriteLine("testing 1 " + a); //System.Diagnostics.Debug.WriteLine("testing 1 " + c); System.Diagnostics.Debug.WriteLine("testing"); System.Diagnostics.Debug.WriteLine("Password is: " + TextBox1.Text); System.Diagnostics.Debug.WriteLine("Salt value: " + HiddenFieldForSalt.Value); System.Diagnostics.Debug.WriteLine("Cipher received from first name: " + HiddenFieldFirstNameEncrypted.Value); System.Diagnostics.Debug.WriteLine("Cipher received from last name: " + HiddenFieldLastNameEncrypted.Value); System.Diagnostics.Debug.WriteLine("Cipher received from address: " + HiddenFieldAddressEncrypted.Value); System.Diagnostics.Debug.WriteLine("Cipher received from birthday: " + HiddenFieldBirthdayEncrypted.Value); System.Diagnostics.Debug.WriteLine("Cipher received from nric: " + HiddenFieldNricEncrypted.Value); string uUsername = Server.HtmlEncode(Username.Text); string uPasswordhash = TextBox1.Text; string uPasswordSalt = HiddenFieldForSalt.Value; string uFirstName = HiddenFieldFirstNameEncrypted.Value; string uLastName = HiddenFieldLastNameEncrypted.Value; string uPhoneNo = Server.HtmlEncode(phoneNumberInput.Text); string uAddress = HiddenFieldAddressEncrypted.Value; string uEmail = Server.HtmlEncode(emailInput.Text); string uBirthday = HiddenFieldBirthdayEncrypted.Value; string uemailverified = "false"; string uphoneVerified = "false"; string uNric = HiddenFieldNricEncrypted.Value; //hash on server side SHA512Managed hashing = new SHA512Managed(); string finalHashval; string serverhashwithSaltText = uPasswordhash + uPasswordSalt; System.Diagnostics.Debug.WriteLine("combining salt" + serverhashwithSaltText); byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serverhashwithSaltText)); System.Diagnostics.Debug.WriteLine("Server hashed value before convert" + serverHashwithSaltHashed); finalHashval = Convert.ToBase64String(serverHashwithSaltHashed); System.Diagnostics.Debug.WriteLine("Server hashed value " + finalHashval); // System.Diagnostics.Debug.WriteLine("DEBUGGING__???"); // // string teststring = "hello"; // // byte[] encodedteststring = hashing.ComputeHash(Encoding.UTF8.GetBytes(teststring)); // // string resultingtest = Convert.ToBase64String(encodedteststring); // // System.Diagnostics.Debug.WriteLine("test hash val " + resultingtest); //todo look into this for rfc2928 for key derivation byte[] salttoByte = Convert.FromBase64String(uPasswordSalt); System.Diagnostics.Debug.WriteLine(" "); System.Diagnostics.Debug.Write("Salt in byte array: "); for (int i = 0; i < salttoByte.Length; i++) { System.Diagnostics.Debug.Write(salttoByte[i]); } //metd for encrypot string encryptedPhone = encryptData(uPhoneNo, uPasswordhash, salttoByte); string enryptedAddress = encryptData(uAddress, uPasswordhash, salttoByte); string encryptedFirstName = encryptData(uFirstName, uPasswordhash, salttoByte); string encryptedLastName = encryptData(uLastName, uPasswordhash, salttoByte); string encryptedEmail = encryptData(uEmail, uPasswordhash, salttoByte); string encryptedBirthday = encryptData(uBirthday, uPasswordhash, salttoByte); string encryptedNric = encryptData(uNric, uPasswordhash, salttoByte); Session["nextPageUserRegEMail"] = uEmail; Session["nextPageUserRegPhone"] = uPhoneNo; Session["nextPageUserReg"] = uUsername; UserCustomer newuser = new UserCustomer(uUsername, finalHashval, uPasswordSalt, encryptedPhone, enryptedAddress, encryptedFirstName, encryptedLastName, encryptedEmail, encryptedBirthday, uemailverified, uphoneVerified, encryptedNric, HiddenFieldForsavingHashOfForget.Value.Trim()); newuser.CustomerInsert(); Fund fd = new Fund(uUsername, 0.0); fd.FundInsertNewUserOnly(); Response.Redirect("userRegisterInputConf.aspx"); } }
protected void Button1_Click(object sender, EventArgs e) { UserCustomer cs = new UserCustomer(); string saltFrodb = cs.getAllDataByName(Session["forgetPassTosaveusername"].ToString()).Passwordsalt; byte[] saltpls = Convert.FromBase64String(saltFrodb); //pass from form string passfromform = Session["md5hashforforgetpassplsthx"].ToString(); //hash on server side SHA512Managed hashing = new SHA512Managed(); string finalHashval; string serverhashwithSaltText = passfromform + saltFrodb; System.Diagnostics.Debug.WriteLine("combining salt" + serverhashwithSaltText); byte[] serverHashwithSaltHashed = hashing.ComputeHash(Encoding.UTF8.GetBytes(serverhashwithSaltText)); System.Diagnostics.Debug.WriteLine("Server hashed value before convert" + serverHashwithSaltHashed); finalHashval = Convert.ToBase64String(serverHashwithSaltHashed); System.Diagnostics.Debug.WriteLine("Server hashed value " + finalHashval); //get string encryptedfirstname = HiddenFieldFirstNameEncrypted.Value; string encryptedlastname = HiddenFieldLastNameEncrypted.Value; string encrypaddress = HiddenFieldAddressEncrypted.Value; System.Diagnostics.Debug.WriteLine("dasdsa" + encryptedfirstname); System.Diagnostics.Debug.WriteLine(encryptedlastname); System.Diagnostics.Debug.WriteLine(encrypaddress); string passhashfromform = Session["md5hashforforgetpassplsthx"].ToString(); string savetofirstname = encryptData(encryptedfirstname, passhashfromform, saltpls); string savetolastanme = encryptData(encryptedlastname, passhashfromform, saltpls); string savetoaddress = encryptData(encrypaddress, passhashfromform, saltpls); string encryptednric = Session["encryptedforforgetpassthxnric"].ToString(); string encryptedbirthday = Session["encryptedforforgetpassthxbirthday"].ToString(); string encryotedphone = Session["encryptedforforgetpassthxphone"].ToString(); string encryptedemail = Session["encryptedforforgetpassthxemail"].ToString(); string usernamm = Session["forgetPassTosaveusername"].ToString(); UserCustomer asc = new UserCustomer(); asc.updateforForgetpass(usernamm, finalHashval, encryotedphone, savetoaddress, savetofirstname, savetolastanme, encryptedemail, encryptedbirthday, encryptednric); asc.updateuserattempts(usernamm, 0); Response.Redirect("successForgetPass.aspx"); }