public IHttpActionResult Post([FromBody] UserLogin_Web user) { IOrganizationService service = (IOrganizationService) client.OrganizationWebProxyClient != null ? (IOrganizationService)client.OrganizationWebProxyClient : (IOrganizationService)client.OrganizationServiceProxy; QueryExpression query = new QueryExpression(); query.EntityName = "revfinal_mortgage"; query.ColumnSet = new ColumnSet(new string[] { "revfinal_contact" }); query.Criteria.AddCondition("revfinal_mortgagenumber", ConditionOperator.Equal, user.MortgageNumber); Entity mortgage = service.RetrieveMultiple(query).Entities.FirstOrDefault(); UserLogin login = new UserLogin { UserName = user.UserName, Password = user.Password, GUID = mortgage.GetAttributeValue <EntityReference>("revfinal_contact").Id.ToString() }; try { UserLoginDB db = new UserLoginDB(); db.UserLogins.Add(login); db.SaveChanges(); return(Ok("Success")); } catch (Exception ex) { return(BadRequest(ex.ToString())); } }
protected void GrdUserLogin_RowCommand(object sender, GridViewCommandEventArgs e) { if (e.CommandName.Equals("Insert")) { DropDownList ddlParent = (DropDownList)GrdUserLogin.FooterRow.FindControl("ddlNewParent"); TextBox txtTitle = (TextBox)GrdUserLogin.FooterRow.FindControl("txtNewTitle"); //UserLogin2DB.Insert(txtTitle.Text, Convert.ToInt32(ddlParent.SelectedValue)); FillGrid(); } if (e.CommandName.Equals("_LogOff")) { int user_login_id = Convert.ToInt32(e.CommandArgument); try { UserLoginDB.UpdateLoggedOffByUserLoginID(user_login_id); } catch (ForeignKeyConstraintException fkcEx) { if (Utilities.IsDev()) { SetErrorMessage("Can not delete because other records depend on this : " + fkcEx.Message); } else { SetErrorMessage("Can not delete because other records depend on this"); } } FillGrid(); } }
protected void UpdateLogout(bool hideHeader) { bool isLoggedIn = Session["IsLoggedIn"] != null && Convert.ToBoolean(Session["IsLoggedIn"]); bool isStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]); bool isMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]); bool isAdmin = Session["IsAdmin"] != null && Convert.ToBoolean(Session["IsAdmin"]); bool isPrincipal = Session["IsPrincipal"] != null && Convert.ToBoolean(Session["IsPrincipal"]); bool isAdminView = isStakeholder || isMasterAdmin || isAdmin; if (!isLoggedIn) { Logout(hideHeader); return; } // if another session logged in - logout here if (!(new List <int> { -5, -7, -8 }).Contains((int)Session["StaffID"])) { UserLogin userlogin = (Session["PatientID"] == null) ? UserLoginDB.GetByUserID(Convert.ToInt32(Session["StaffID"]), -1) : UserLoginDB.GetByUserID(-1, Convert.ToInt32(Session["StaffID"])); if (userlogin == null || userlogin.SessionID != HttpContext.Current.Session.SessionID.ToString()) { Logout(hideHeader); return; } if (Session["SiteID"] == null && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/LoginV2.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/LogoutV2.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/SelectSiteV2.aspx")) { Response.Redirect("~/Account/SelectSiteV2.aspx?from_url=" + Request.RawUrl); } if (!isAdminView && Session["OrgID"] == null && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/Login.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/Logout.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/SelectOrg.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/SelectSite.aspx")) { Response.Redirect("~/Account/SelectOrgV2.aspx?from_url=" + Request.RawUrl); } if (!(new List <int> { -5, -7, -8 }).Contains((int)Session["StaffID"])) { UserLoginDB.UpdateLastAccessTime(userlogin.UserloginID, DateTime.Now, Request.RawUrl.Contains("/Account/Logout.aspx") ? "" : Request.RawUrl); } } }
protected void LogoutAll() { try { if (Session != null && Session["StaffID"] != null && Session["DB"] != null) { UserLoginDB.UpdateLoggedOffByStaffID(Convert.ToInt32(Session["StaffID"])); } } catch (Exception) {} Utilities.UnsetSessionVariables(); Utilities.LogoutV2(Session, Response, Request, false); }
protected void UpdateLogout(bool hideHeader) { UserView userView = UserView.GetInstance(); if (!userView.IsLoggedIn) { Logout(hideHeader); return; } // if another session logged in - logout here if (Session["StaffID"] == null || !(new List <int> { -5, -7, -8 }).Contains((int)Session["StaffID"])) { UserLogin userlogin = null; if (HttpContext.Current.Session != null && HttpContext.Current.Session["DB"] != null) { userlogin = !userView.IsPatient ? UserLoginDB.GetByUserID(Convert.ToInt32(Session["StaffID"]), -1) : UserLoginDB.GetByUserID(-1, Convert.ToInt32(Session["PatientID"])); } if (userlogin == null || userlogin.SessionID != HttpContext.Current.Session.SessionID.ToString()) { Logout(hideHeader); return; } if (Session["SiteID"] == null && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/LoginV2.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/LogoutV2.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/SelectSiteV2.aspx")) { Response.Redirect("~/Account/SelectSiteV2.aspx?from_url=" + Request.RawUrl); } if (!userView.IsAdminView && Session["OrgID"] == null && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/LoginV2.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/LogoutV2.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/SelectOrgV2.aspx") && !HttpContext.Current.Request.Url.LocalPath.Contains("/Account/SelectSiteV2.aspx")) { Response.Redirect("~/Account/SelectOrgV2.aspx?from_url=" + Request.RawUrl); } UserLoginDB.UpdateLastAccessTime(userlogin.UserloginID, DateTime.Now, Request.RawUrl.Contains("/Account/Logout.aspx") ? "" : Request.RawUrl); } }
protected void btnToggleSiteRestriction_Click(object sender, CommandEventArgs e) { if (e.CommandName == "TurnOff" || e.CommandName == "TurnOn") { int siteID = Convert.ToInt32(e.CommandArgument); int staffID = GetFormID(); bool setRestriction = e.CommandName == "TurnOff"; StaffSiteRestrictionDB.Update(staffID, siteID, setRestriction); // log them out so to make this have an immeidate effect if (setRestriction) { UserLoginDB.UpdateSetAllSessionsLoggedOut(staffID, -1); } UpdateSiteRestrictions(); } }
private void UserLogin(object sender, Exchange e) { MySqlDataReader reader; try { var email = e.Request[0]; var password = e.Request[1]; UserLoginDB.Parameters[0].Value = email; UserLoginDB.Parameters[1].Value = password; Connection.Open(); using (reader = UserLoginDB.ExecuteReader( )) { reader.Read(); var token = reader[0].ToString(); XElement reply; if (token == "") { reply = new XElement(ReplyFailure); reply.Element("content").Add(new XElement("tryagain")); } else { reply = new XElement(ReplySuccess); reply.Element("content").Add(new XElement("userloggedin" , new XElement("token", new XText(token)))); } e.Reply = reply.ToString(); } } catch { Invalid(sender, e); } finally { Connection.Close(); } }
protected void Select(int siteID) { Site site = SiteDB.GetByID(siteID); Session["SiteID"] = site.SiteID; Session["SiteName"] = site.Name; Session["SiteIsClinic"] = site.SiteType.ID == 1; Session["SiteIsAgedCare"] = site.SiteType.ID == 2; Session["SiteIsGP"] = site.SiteType.ID == 3; Session["SiteTypeID"] = site.SiteType.ID; Session["SiteTypeDescr"] = site.SiteType.Descr; if (Session["PatientID"] == null) { UserLoginDB.UpdateSite(Convert.ToInt32(Session["StaffID"]), -1, siteID); } else { UserLoginDB.UpdateSite(-1, Convert.ToInt32(Session["PatientID"]), siteID); } if (!Convert.ToBoolean(Session["IsAdmin"]) && Session["OrgID"] == null) // need to choose org { Response.Redirect("~/Account/SelectOrgV2.aspx" + (Request.QueryString["from_url"] == null ? "" : "?" + Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url="))), false); return; } else { if (Request.QueryString["from_url"] != null) { Response.Redirect(Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9)), false); return; } else { Response.Redirect(Convert.ToInt32(Session["StaffID"]) >= 0 ? "~/Default.aspx" : "~/StaffLoginsV2.aspx", false); return; } } }
public IHttpActionResult Get(string id) { UserLoginDB db = new UserLoginDB(); try { var data = (from a in db.UserLogins where a.UserName.Equals(id) select a).FirstOrDefault(); if (data != null) { return(BadRequest("Contact Exist!")); } else { return(Ok("Success")); } } catch (Exception ex) { return(BadRequest(ex.ToString())); } }
protected void GrdUserLogin_RowDeleting(object sender, GridViewDeleteEventArgs e) { Label lblId = (Label)GrdUserLogin.Rows[e.RowIndex].FindControl("lblId"); try { UserLoginDB.Delete(Convert.ToInt32(lblId.Text)); } catch (ForeignKeyConstraintException fkcEx) { if (Utilities.IsDev()) { SetErrorMessage("Can not delete because other records depend on this : " + fkcEx.Message); } else { SetErrorMessage("Can not delete because other records depend on this"); } } FillGrid(); }
public IHttpActionResult Post([FromBody] UserLogin login) { UserLoginDB db = new UserLoginDB(); UserLogin userLogin = (from a in db.UserLogins where a.UserName.Equals(login.UserName) select a).FirstOrDefault(); if (userLogin != null) { if (userLogin.Password.Equals(login.Password)) { return(Ok(userLogin.GUID)); } else { return(BadRequest("Invalid Username or Password")); } } else { return(BadRequest("Invalid Username or Password")); } }
protected void DisplayInfo() { string curDbName = Session["DB"].ToString(); ddlDBs.Items.Clear(); ddlDBs.Items.Add(new ListItem("All Clients", "0")); ddlDBs2.Items.Clear(); ddlDBs2.Items.Add(new ListItem("All Clients", "0")); ArrayList dbNames = new ArrayList(); Hashtable dbHash = new Hashtable(); try { bool isSupportStaff3 = Session != null && Session["StaffID"] != null && Convert.ToInt32(Session["StaffID"]) == -4; List <Tuple <string, string> > list = new List <Tuple <string, string> >(); System.Data.DataTable tbl = DBBase.ExecuteQuery("EXEC sp_databases;", "master").Tables[0]; for (int i = 0; i < tbl.Rows.Count; i++) { string databaseName = tbl.Rows[i][0].ToString(); if (!Regex.IsMatch(databaseName, @"Mediclinic_\d{4}")) { continue; } //if (databaseName == "Mediclinic_0001") // continue; SystemVariables sysVariables = SystemVariableDB.GetAll(databaseName); dbNames.Add(sysVariables["Site"].Value); dbHash[sysVariables["Site"].Value] = databaseName; System.Text.StringBuilder output = new System.Text.StringBuilder(); Session["DB"] = databaseName; Session["SystemVariables"] = SystemVariableDB.GetAll(); string callCenterPrefix = ((SystemVariables)Session["SystemVariables"])["CallCenterPrefix"].Value; int loginsPastWeek_Total = UserLoginDB.GetCount(7); int loginsPastWeek_Staff = UserLoginDB.GetStaffCount(7); if (((SystemVariables)Session["SystemVariables"])["UseMediclinicCallCenter"].Value == "1") { Organisation[] orgs = OrganisationDB.GetAll(false, true, false, false, true, true); Site[] sites = SiteDB.GetAll(); int clinicSiteID = -1; int agedCareSiteID = -1; for (int j = 0; j < sites.Length; j++) { if (sites[j].SiteType.ID == 1) { clinicSiteID = sites[j].SiteID; } if (sites[j].SiteType.ID == 2) { agedCareSiteID = sites[j].SiteID; } } string showHideID1 = "heading_" + databaseName; string showHideLink1 = @"<a href=""javascript:void(0)"" onclick=""hide_show_all('" + showHideID1 + @"');return false;"">Show/Hide Clinics/Facs</a>"; string siteTitleLink = @"<span style=""display:inline-block;vertical-align:middle;max-width:300px;min-width:300px;overflow:hidden;text-overflow:ellipsis;""><a style=""white-space:nowrap;"" class=""call_centre_header"" title=""" + ((SystemVariables)Session["SystemVariables"])["Site"].Value + @""" href=""" + HttpContext.Current.Request.Url.AbsolutePath + "?db=" + databaseName + @""" onclick=""http_post('" + databaseName + @"','0','0',-1);return false;"">" + ((SystemVariables)Session["SystemVariables"])["Site"].Value + @"</a></span>"; //string siteTitleLink = @"<span style=""display:inline-block;min-width:250px;""><a class=""call_centre_header"" title=""" + ((SystemVariables)Session["SystemVariables"])["Site"].Value + @""" href=""" + HttpContext.Current.Request.Url.AbsolutePath + "?db=" + databaseName + @""" onclick=""http_post('" + databaseName + @"','0','0',-1);return false;"">" + ((SystemVariables)Session["SystemVariables"])["Site"].Value + @"</a></span>"; string callCentrePrefixText = @"<span style=""display:inline-block;min-width:160px;"">[Call Center Prefix: " + callCenterPrefix + "]</span>"; output.AppendLine("<tr>"); //output.AppendLine(" <td><u>" + ((SystemVariables)Session["SystemVariables"])["Site"].Value + "</u> [Call Center Prefix: " + callCenterPrefix + "] [" + Session["DB"] + "]</td>"); output.AppendLine(" <td>" + showHideLink1 + " " + (isSupportStaff3 ? @"<span style=""display:inline-block;min-width:55px;"">" + (loginsPastWeek_Staff == 0 && loginsPastWeek_Total == 0 ? "" : "[" + loginsPastWeek_Staff + "," + loginsPastWeek_Total + "]") + "</span>" + " " : "") + siteTitleLink + " " + callCentrePrefixText + " [" + Session["DB"] + "]</td>"); output.AppendLine("</tr>"); if (orgs.Length > 0) { for (int j = 0; j < orgs.Length; j++) { string showHideID = databaseName + "_" + orgs[j].OrganisationID; string contactInfo = GetContactInfo(orgs[j].EntityID, 60, showHideID); string titleLink = @"<a href=""" + HttpContext.Current.Request.Url.AbsolutePath + "?db=" + databaseName + @"&org=" + orgs[j].OrganisationID + @""" onclick=""http_post('" + databaseName + "','" + orgs[j].OrganisationID + @"','" + (orgs[j].IsClinic ? clinicSiteID : agedCareSiteID) + @"',-1);return false;"">" + orgs[j].Name + " " + (orgs[j].IsClinic ? @"(Clinic)" : "(Aged Care)") + @"</a>"; string showHideLink = @"<a href=""javascript:void(0)"" onclick=""hide_show('" + showHideID + @"');return false;"">Show/Hide Details</a>"; output.AppendLine(@"<tr id=""" + showHideID1 + j.ToString() + @""" style=""margin:0 0;display:none;"">"); output.AppendLine(@" <td style=""margin:0 0;"">"); output.AppendLine(@" <table><tr style=""vertical-align:top;""><td style=""width:500px;""><ul style=""margin:0 0;""><li>" + titleLink + @"</li></ul></td><td style=""min-width:10px;""></td><td>" + (contactInfo.Length > 0 ? showHideLink : "") + "</td></tr></table>"); if (contactInfo.Length > 0) { output.AppendLine(contactInfo); } output.AppendLine(@" </td>"); output.AppendLine(@"</tr>"); } } } list.Add(new Tuple <string, string>(((SystemVariables)Session["SystemVariables"])["Site"].Value, output.ToString())); Session.Remove("DB"); Session.Remove("SystemVariables"); } dbNames.Sort(); foreach (string siteName in dbNames) { ddlDBs.Items.Add(new ListItem("[" + dbHash[siteName] + "] " + siteName, dbHash[siteName].ToString())); ddlDBs2.Items.Add(new ListItem("[" + dbHash[siteName] + "] " + siteName, dbHash[siteName].ToString())); } list.Sort((a, b) => a.Item1.CompareTo(b.Item1)); System.Text.StringBuilder finalOutput = new System.Text.StringBuilder(); foreach (Tuple <string, string> item in list) { finalOutput.Append(item.Item2); } lblInfo1.Text = "<table>" + finalOutput.ToString() + "</table>"; } finally { Session["DB"] = curDbName; Session["SystemVariables"] = SystemVariableDB.GetAll(); } }
private void LogIn(string login, string pwd) { try { Session.Remove("DB"); if (Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"])) { Session["DB"] = ConfigurationManager.AppSettings["Database"]; } else // Get DB from Mediclinic_Main { UserDatabaseMapper user = UserDatabaseMapperDB.GetByLogin(login); if (user == null) { this.FailureText.Text = "<div class=\"alert alert-danger\" runat=\"server\"><strong>Login Failed.</strong> Please ensure that your username and password are correct and try again.</div>"; return; } Session["DB"] = user.DBName; } Staff staff = StaffDB.GetByLogin(login); Patient patient = PatientDB.GetByLogin(login); bool allowPatientLogins = Convert.ToInt32(SystemVariableDB.GetByDescr("AllowPatientLogins").Value) == 1; bool validStaff = staff != null && staff.Pwd == pwd && !staff.IsFired; bool validPatient = allowPatientLogins && patient != null && patient.Pwd == pwd && !patient.IsDeleted; if (validStaff) { UserLogin curLogin = UserLoginDB.GetCurLoggedIn(staff.StaffID, -1, HttpContext.Current.Session.SessionID, -1); if (curLogin != null) { UserLoginDB.UpdateLastAccessTime(curLogin.UserloginID, DateTime.Now, Request.RawUrl); UserLoginDB.UpdateSetOtherSessionsOfThisUserLoggedOut(curLogin.UserloginID, staff.StaffID, -1); } else { UserLoginDB.UpdateSetAllSessionsLoggedOut(staff.StaffID, -1); UserLoginDB.Insert((staff == null) ? -1 : staff.StaffID, -1, login, -1, validStaff, HttpContext.Current.Session.SessionID, Request.UserHostAddress); } this.FailureText.Text = ""; Session["IsLoggedIn"] = true; Session["IsStakeholder"] = staff.IsStakeholder; Session["IsMasterAdmin"] = staff.IsMasterAdmin; Session["IsAdmin"] = staff.IsAdmin; Session["IsPrincipal"] = staff.IsPrincipal; Session["IsProvider"] = staff.IsProvider; Session["IsExternal"] = staff.IsExternal; Session["StaffID"] = staff.StaffID; Session["StaffFullnameWithoutMiddlename"] = staff.Person.FullnameWithoutMiddlename; Session["StaffFirstname"] = staff.Person.Firstname; Session["NumDaysToDisplayOnBookingScreen"] = staff.NumDaysToDisplayOnBookingScreen; Session["HideBookingNotes"] = staff.HideBookingNotes; Session["ShowOtherProvidersOnBookingScreen"] = false; Session["ShowHeaderOnBookingScreen"] = staff.ShowHeaderOnBookingScreen; Session["SystemVariables"] = SystemVariableDB.GetAll(); Session["OfferingColors"] = OfferingDB.GetColorCodes(); System.Web.Security.FormsAuthentication.SetAuthCookie("--", true); // needed to use forms authentication UserView userView = UserView.GetInstance(); Site[] allowedSites = StaffSiteRestrictionDB.GetSitesNotRestricted(staff.StaffID, -1, false); // // until aged care is running, remove aged care from display // /* * System.Collections.ArrayList list = new System.Collections.ArrayList(); * for (int i = 0; i < allowedSites.Length; i++) * if (allowedSites[i].SiteType.ID == 1 || Utilities.IsDev()) * list.Add(allowedSites[i]); * allowedSites = (Site[])list.ToArray(typeof(Site)); */ Site[] allSites = SiteDB.GetAll(); if (allowedSites.Length == 0 && allSites.Length == 1) { Session["SiteID"] = allSites[0].SiteID; Session["SiteName"] = allSites[0].Name; Session["IsMultipleSites"] = false; Session["SiteIsClinic"] = allSites[0].SiteType.ID == 1; Session["SiteIsAgedCare"] = allSites[0].SiteType.ID == 2; Session["SiteIsGP"] = allSites[0].SiteType.ID == 3; Session["SiteTypeID"] = allSites[0].SiteType.ID; Session["SiteTypeDescr"] = allSites[0].SiteType.Descr; UserLoginDB.UpdateSite(staff.StaffID, -1, allSites[0].SiteID); if (!userView.IsAdminView) // need to choose org { if (Session["OrgID"] == null) // providers need to select an org, need to choose one { Response.Redirect("~/Account/SelectOrgV2.aspx" + GetUrlCarryOverParams(), false); return; } } } if (allowedSites.Length == 1) { Session["SiteID"] = allowedSites[0].SiteID; Session["SiteName"] = allowedSites[0].Name; Session["IsMultipleSites"] = false; Session["SiteIsClinic"] = allowedSites[0].SiteType.ID == 1; Session["SiteIsAgedCare"] = allowedSites[0].SiteType.ID == 2; Session["SiteIsGP"] = allowedSites[0].SiteType.ID == 3; Session["SiteTypeID"] = allowedSites[0].SiteType.ID; Session["SiteTypeDescr"] = allowedSites[0].SiteType.Descr; UserLoginDB.UpdateSite(staff.StaffID, -1, allowedSites[0].SiteID); if (!userView.IsAdminView) // need to choose org { if (Session["OrgID"] == null) // providers need to select an org, need to choose one { Response.Redirect("~/Account/SelectOrgV2.aspx" + GetUrlCarryOverParams(), false); return; } } } else // if more than one site, go to choose. if no sites this page will say to contact admin { if (Session["SiteID"] == null) // admins if yet to login to a site, need to choose one { Session["IsMultipleSites"] = true; Response.Redirect("~/Account/SelectSiteV2.aspx" + GetUrlCarryOverParams(), false); return; } } /* * * if (!staff.IsAdmin) * { * // provs only login to clinic site * Site site = SiteDB.GetByID(2); * Session["SiteID"] = site.SiteID; * Session["SiteName"] = site.Name; * * if (Session["OrgID"] == null) // providers et to login to select an org, need to choose one * { * if (Request.QueryString["from_url"] != null) * { * Response.Redirect("~/Account/SelectOrgV2.aspx?" + Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=")), false); * return; * } * else * { * Response.Redirect("~/Account/SelectOrgV2.aspx", false); * return; * } * } * } * else * { * if (Session["SiteID"] == null) // admins if yet to login to a site, need to choose one * { * if (Request.QueryString["from_url"] != null) * { * Response.Redirect("~/Account/SelectSiteV2.aspx?" + Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=")), false); * return; * } * else * { * Response.Redirect("~/Account/SelectSiteV2.aspx", false); * return; * } * } * } * */ if (Request.QueryString["from_url"] != null) { Response.Redirect(Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9)), false); return; } else { Response.Redirect(Convert.ToInt32(Session["StaffID"]) >= 0 ? "~/Default.aspx" : "~/StaffLoginsV2.aspx", false); return; } } else if (validPatient) { UserLogin curLogin = UserLoginDB.GetCurLoggedIn(-1, patient.PatientID, HttpContext.Current.Session.SessionID, -1); if (curLogin != null) { UserLoginDB.UpdateLastAccessTime(curLogin.UserloginID, DateTime.Now, Request.RawUrl); UserLoginDB.UpdateSetOtherSessionsOfThisUserLoggedOut(curLogin.UserloginID, -1, patient.PatientID); } else { UserLoginDB.UpdateSetAllSessionsLoggedOut(-1, patient.PatientID); UserLoginDB.Insert(-1, (patient == null) ? -1 : patient.PatientID, login, -1, validPatient, HttpContext.Current.Session.SessionID, Request.UserHostAddress); } this.FailureText.Text = ""; Session["IsLoggedIn"] = true; Session["IsStakeholder"] = false; Session["IsMasterAdmin"] = false; Session["IsAdmin"] = false; Session["IsPrincipal"] = false; Session["IsProvider"] = false; Session["IsExternal"] = false; Session["PatientID"] = patient.PatientID; Session["StaffFullnameWithoutMiddlename"] = patient.Person.FullnameWithoutMiddlename; Session["StaffFirstname"] = patient.Person.Firstname; Session["NumDaysToDisplayOnBookingScreen"] = 3; Session["ShowOtherProvidersOnBookingScreen"] = false; Session["ShowHeaderOnBookingScreen"] = true; Session["SystemVariables"] = SystemVariableDB.GetAll(); Session["OfferingColors"] = OfferingDB.GetColorCodes(); System.Web.Security.FormsAuthentication.SetAuthCookie("--", true); // needed to use forms authentication Site[] allSites = SiteDB.GetAll(); Site[] allowedSites = SiteDB.GetAll(); // // remove aged care from display // System.Collections.ArrayList list = new System.Collections.ArrayList(); for (int i = 0; i < allSites.Length; i++) { if (allSites[i].SiteType.ID == 1) { list.Add(allSites[i]); } } allowedSites = (Site[])list.ToArray(typeof(Site)); if (allowedSites.Length == 0 && allSites.Length == 1) { Session["SiteID"] = allSites[0].SiteID; Session["SiteName"] = allSites[0].Name; Session["SiteIsClinic"] = allSites[0].SiteType.ID == 1; Session["SiteIsAgedCare"] = allSites[0].SiteType.ID == 2; Session["SiteIsGP"] = allSites[0].SiteType.ID == 3; Session["SiteTypeID"] = allSites[0].SiteType.ID; Session["SiteTypeDescr"] = allSites[0].SiteType.Descr; UserLoginDB.UpdateSite(-1, patient.PatientID, allSites[0].SiteID); if (Session["OrgID"] == null) // providers, ext staff, patient logins need to select an org, need to choose one { if (Request.QueryString["from_url"] != null) { string from_url = Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9)); if (from_url.Contains("BookingsV2.aspx?") && from_url.Contains("orgs=")) { Uri theRealURL = new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + from_url); string orgs = HttpUtility.ParseQueryString(theRealURL.Query).Get("orgs"); if (Regex.IsMatch(orgs, @"^\d+$")) { Organisation org = OrganisationDB.GetByID(Convert.ToInt32(orgs)); if (org != null) { Session["OrgID"] = org.OrganisationID.ToString(); Session["OrgName"] = org.Name; Response.Redirect(from_url, false); return; } } } } Response.Redirect("~/Account/SelectOrgV2.aspx" + GetUrlCarryOverParams(), false); return; } } if (allowedSites.Length == 1) { Session["SiteID"] = allowedSites[0].SiteID; Session["SiteName"] = allowedSites[0].Name; Session["SiteIsClinic"] = allowedSites[0].SiteType.ID == 1; Session["SiteIsAgedCare"] = allowedSites[0].SiteType.ID == 2; Session["SiteIsGP"] = allowedSites[0].SiteType.ID == 3; Session["SiteTypeID"] = allowedSites[0].SiteType.ID; Session["SiteTypeDescr"] = allowedSites[0].SiteType.Descr; UserLoginDB.UpdateSite(-1, patient.PatientID, allowedSites[0].SiteID); if (Session["OrgID"] == null) // providers need to select an org, need to choose one { if (Request.QueryString["from_url"] != null) { string from_url = Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9)); if (from_url.Contains("BookingsV2.aspx?") && from_url.Contains("orgs=")) { Uri theRealURL = new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + from_url); string orgs = HttpUtility.ParseQueryString(theRealURL.Query).Get("orgs"); if (Regex.IsMatch(orgs, @"^\d+$")) { Organisation org = OrganisationDB.GetByID(Convert.ToInt32(orgs)); if (org != null) { Session["OrgID"] = org.OrganisationID.ToString(); Session["OrgName"] = org.Name; Response.Redirect(from_url, false); return; } } } } Response.Redirect("~/Account/SelectOrgV2.aspx" + GetUrlCarryOverParams(), false); return; } } else // if more than one site, go to choose. if no sites this page will say to contact admin { if (Session["SiteID"] == null) // admins if yet to login to a site, need to choose one { Response.Redirect("~/Account/SelectSiteV2.aspx" + GetUrlCarryOverParams(), false); return; } } if (Request.QueryString["from_url"] != null) { Response.Redirect(Server.UrlDecode(Request.RawUrl.Substring(Request.RawUrl.IndexOf("from_url=") + 9)), false); return; } else { Response.Redirect(Convert.ToInt32(Session["StaffID"]) >= 0 ? "~/Default.aspx" : "~/StaffLoginsV2.aspx", false); return; } } else { //UserLoginDB.Insert((staff == null) ? -1 : staff.StaffID, login, -1, validStaff, HttpContext.Current.Session.SessionID, Request.UserHostAddress); this.FailureText.Text = "Login Failed."; } } catch (Exception ex) { Logger.LogException(ex); if (Utilities.IsDev()) { FailureText.Text = ex.ToString(); } else { throw; } } }
protected void FillGrid() { if (GetFormIncStaffLogins() && GetFormIncPatientLogins()) { ddlDisplayUserType.SelectedValue = "All"; } else if (!GetFormIncStaffLogins() && GetFormIncPatientLogins()) { ddlDisplayUserType.SelectedValue = "Patients Only"; } else if (GetFormIncStaffLogins() && !GetFormIncPatientLogins()) { ddlDisplayUserType.SelectedValue = "Staff Only"; } DateTime fromDate = IsValidDate(txtStartDate.Text) ? GetDate(txtStartDate.Text) : DateTime.Now.Date.AddDays(-7); DateTime toDate = IsValidDate(txtEndDate.Text) ? GetDate(txtEndDate.Text).AddDays(1) : DateTime.Now.Date.AddDays(1); UserView userView = UserView.GetInstance(); int numCurrentlyLoggedIn = 0; Hashtable distinctLoggedInToday = new Hashtable(); DataTable dt = UserLoginDB.GetDataTable(userView.IsStakeholder, fromDate, toDate, GetFormIncStaffLogins(), GetFormIncPatientLogins(), IsValidFormStaffID() ? GetFormStaffID() : -1); dt.Columns.Add("user_to_display", typeof(string)); dt.Columns.Add("user_type", typeof(string)); for (int i = 0; i < dt.Rows.Count; i++) { UserLogin userLogin = UserLoginDB.LoadAll(dt.Rows[i]); if (userLogin.Staff == null && userLogin.Patient == null) { dt.Rows[i]["user_to_display"] = userLogin.Username; dt.Rows[i]["user_type"] = ""; } else if (userLogin.Staff != null) { dt.Rows[i]["user_to_display"] = userLogin.Staff.Person.FullnameWithoutMiddlename; dt.Rows[i]["user_type"] = "Staff"; } else if (userLogin.Patient != null) { dt.Rows[i]["user_to_display"] = userLogin.Patient.Person.FullnameWithoutMiddlename; dt.Rows[i]["user_type"] = "Patient"; } if (userLogin.Staff != null && userLogin.Staff.StaffID > 0 && !userLogin.IsLoggedOff) { numCurrentlyLoggedIn++; } if (userLogin.Staff != null && userLogin.Staff.StaffID > 0 && userLogin.LastAccessTime >= DateTime.Today) { distinctLoggedInToday[userLogin.Staff.StaffID] = 1; } } Session["userlogin_data"] = dt; lblNumCurrentlyLoggedIn.Text = "(current: " + numCurrentlyLoggedIn + ") " + "<font color=\"#A0A0A0\">(distinct today: " + distinctLoggedInToday.Keys.Count + ") </font>"; if (!userView.IsStakeholder) { img_log_user_off_icon.Visible = false; foreach (DataControlField col in GrdUserLogin.Columns) { if (col.HeaderText.ToLower().Trim() == "log off") { col.Visible = false; } } } if (dt.Rows.Count > 0) { if (IsPostBack && Session["userlogin_sortexpression"] != null && Session["userlogin_sortexpression"].ToString().Length > 0) { DataView dataView = new DataView(dt); dataView.Sort = Session["userlogin_sortexpression"].ToString(); GrdUserLogin.DataSource = dataView; } else { GrdUserLogin.DataSource = dt; } try { GrdUserLogin.DataBind(); GrdUserLogin.PagerSettings.FirstPageText = "1"; GrdUserLogin.PagerSettings.LastPageText = GrdUserLogin.PageCount.ToString(); GrdUserLogin.DataBind(); FillCountries(); } catch (Exception ex) { SetErrorMessage(ex.ToString()); } } else { dt.Rows.Add(dt.NewRow()); GrdUserLogin.DataSource = dt; GrdUserLogin.DataBind(); int TotalColumns = GrdUserLogin.Rows[0].Cells.Count; GrdUserLogin.Rows[0].Cells.Clear(); GrdUserLogin.Rows[0].Cells.Add(new TableCell()); GrdUserLogin.Rows[0].Cells[0].ColumnSpan = TotalColumns; GrdUserLogin.Rows[0].Cells[0].Text = "No Record Found"; } }
protected void Page_Load(object sender, EventArgs e) { try { if (!IsPostBack) { Utilities.SetNoCache(Response); } HideErrorMessage(); if (!IsPostBack) { PagePermissions.EnforcePermissions_RequireAll(Session, Response, false, false, true, false, false, true); Session.Remove("userlogin_sortexpression"); Session.Remove("userlogin_data"); // only allow support staff3 to do this string s = Session["StaffID"].ToString(); string s2 = Request.QueryString["del"]; if (Session["StaffID"].ToString() == "-4" && Request.QueryString["del"] != null && Regex.IsMatch(Request.QueryString["del"], @"^\-?\d+$")) { UserLoginDB.DeleteByStaffID(Convert.ToInt32(Request.QueryString["del"])); Response.Redirect(UrlParamModifier.Remove(Request.RawUrl, "del")); // redirect so that my 'last page accessed' should not show this } txtStartDate.Text = IsValidFormStartDate() ? GetFormStartDate(false).ToString("dd-MM-yyyy") : DateTime.Now.AddMonths(-1).ToString("dd-MM-yyyy"); txtEndDate.Text = IsValidFormEndDate() ? GetFormEndDate(false).ToString("dd-MM-yyyy") : DateTime.Now.ToString("dd-MM-yyyy"); FillGrid(); txtStartDate_Picker.OnClientClick = "displayDatePicker('txtStartDate', this, 'dmy', '-'); return false;"; txtEndDate_Picker.OnClientClick = "displayDatePicker('txtEndDate', this, 'dmy', '-'); return false;"; } this.GrdUserLogin.EnableViewState = true; } catch (CustomMessageException ex) { if (IsPostBack) { SetErrorMessage(ex.Message); } else { HideTableAndSetErrorMessage(ex.Message); } } catch (Exception ex) { if (IsPostBack) { SetErrorMessage("", ex.ToString()); } else { HideTableAndSetErrorMessage("", ex.ToString()); } } }
public async Task RemoveLoginAsync(string userId, UserLoginDB login) { var userLoginInfo = new UserLoginInfo(login.LoginProvider, login.ProviderKey); await _manager.RemoveLoginAsync(userId, userLoginInfo).ConfigureAwait(false); }