private PricingSubscriber SubscriberPassswordCheck(string SubscriberName, string password)
{
PricingSubscriber DBUser = new PricingSubscriber();
try
{
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_Pricing_SubscriberAuth";
sqlParam = new SqlParameter("SubscriberName", SubscriberName);
sqlCommandX.Parameters.Add(sqlParam);
sqlDR = sqlCommandX.ExecuteReader();
while (sqlDR.Read())
{
DBUser.SubscriberID = sqlDR.GetInt32(0);
DBUser.Subscribername = sqlDR.GetString(1);
DBUser.Password = sqlDR.GetString(2);
}
sqlDR.Close();
sqlCommandX.Cancel();
sqlCommandX.Dispose();
//Check the password is correct
bool flag = VerifyHash(password, "SHA512", DBUser.Password);
if (flag != true)
{
if (DBUser.Result != null)
{
DBUser.Result += "incorrect";
}
else
{
DBUser.Result = "incorrect";
}
}
else
{
DBUser.Result = "Success";
DBUser.Password = "";
}
}
catch (Exception)
{
//mySubscriber.ResultMessage = ex.Message;
}
finally
{
sqlDR.Close();
sqlDR.Dispose();
sqlConnectionX.Close();
}
return DBUser;
}
protected void RadButtonSave_Click(object sender, EventArgs e)
{
//Save all the user details
if (SubscriberID > 0)
{
#region "Update the user"
try
{
string strPasswordHashed = string.Empty;
string strMenuIDs = string.Empty;
string strResult = string.Empty;
PricingSubscriber _User = new PricingSubscriber();
if (panl_Changepassword.Visible == true)
{
_User = SubscriberPassswordCheck(RadTextBoxSubscriberName.Text.Trim(), RadTextBoxCurrentPassword.Text.Trim());
if (_User.Result == "Success")
{
if (RadTextBoxNewPassword.Text.Trim() == RadTextBoxConfirmPassword.Text.Trim())
{
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
strPasswordHashed = ComputeHash(RadTextBoxNewPassword.Text.Trim(), "SHA512", null);
#region "Values"
string strSubscriberStatus = string.Empty;
string strRisk = string.Empty;
string strPremium = string.Empty;
string strCover = string.Empty;
if (CheckBoxStatus.Checked == true)
{
strSubscriberStatus = "1";
}
else
{
strSubscriberStatus = "0";
}
if (CheckBoxRisk.Checked == true)
{
strRisk = "T";
}
else
{
strRisk = "F";
}
if (CheckBoxPremium.Checked == true)
{
strPremium = "T";
}
else
{
strPremium = "F";
}
if (CheckBoxCover.Checked == true)
{
strCover = "T";
}
else
{
strCover = "F";
}
#endregion
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_UPDATE_Subscriber";
sqlParam = new SqlParameter("SubscriberID", SubscriberID);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Subscribername", RadTextBoxSubscriberName.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Password", strPasswordHashed);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("SubscriberCode", RadTextBoxSubscriberCode.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("SubscriberStatus", strSubscriberStatus);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnRisk", strRisk);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnPremium", strPremium);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnCover", strCover);
sqlCommandX.Parameters.Add(sqlParam);
sqlCommandX.ExecuteNonQuery();
//Close the window
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "mykey", "CloseAndRebind();", true);
}
else
{
lblInfo.Text = "The new password does not match the confirmation password";
}
}
else
{
lblInfo.Text = "The current password you entered is not correct";
}
}
else
{
//Update the userwithout changing the password
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
#region "Values"
string strSubscriberStatus = string.Empty;
string strRisk = string.Empty;
string strPremium = string.Empty;
string strCover = string.Empty;
if (CheckBoxStatus.Checked == true)
{
strSubscriberStatus = "1";
}
else
{
strSubscriberStatus = "0";
}
if (CheckBoxRisk.Checked == true)
{
strRisk = "T";
}
else
{
strRisk = "F";
}
if (CheckBoxPremium.Checked == true)
{
strPremium = "T";
}
else
{
strPremium = "F";
}
if (CheckBoxCover.Checked == true)
{
strCover = "T";
}
else
{
strCover = "F";
}
#endregion
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_UPDATE_Subscriber";
sqlParam = new SqlParameter("SubscriberID", SubscriberID);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Subscribername", RadTextBoxSubscriberName.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Password", "");
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("SubscriberCode", RadTextBoxSubscriberCode.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("SubscriberStatus", strSubscriberStatus);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnRisk", strRisk);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnPremium", strPremium);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnCover", strCover);
sqlCommandX.Parameters.Add(sqlParam);
sqlCommandX.ExecuteNonQuery();
//Close the window
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "mykey", "CloseAndRebind();", true);
}
}
catch (Exception ex)
{
lblInfo.Text = ex.Message;
}
finally
{
sqlConnectionX.Close();
}
#endregion
}
else
{
#region "create the new Subscriber"
try
{
sqlConnectionX = new SqlConnection(ConfigurationManager.AppSettings["SQLConnection"]);
sqlConnectionX.Open();
string strPasswordHashed = string.Empty;
string strResult = string.Empty;
strPasswordHashed = ComputeHash(RadTextBoxNewPassword.Text.Trim(), "SHA512", null);
#region "Values"
string strSubscriberStatus = string.Empty;
string strRisk = string.Empty;
string strPremium = string.Empty;
string strCover = string.Empty;
if (CheckBoxStatus.Checked == true)
{
strSubscriberStatus = "1";
}
else
{
strSubscriberStatus = "0";
}
if (CheckBoxRisk.Checked == true)
{
strRisk = "T";
}
else
{
strRisk = "F";
}
if (CheckBoxPremium.Checked == true)
{
strPremium = "T";
}
else
{
strPremium = "F";
}
if (CheckBoxCover.Checked == true)
{
strCover = "T";
}
else
{
strCover = "F";
}
#endregion
sqlCommandX = new SqlCommand();
sqlCommandX.Connection = sqlConnectionX;
sqlCommandX.CommandType = CommandType.StoredProcedure;
sqlCommandX.CommandText = "spx_UPDATE_Subscriber";
sqlParam = new SqlParameter("SubscriberID", SubscriberID);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Subscribername", RadTextBoxSubscriberName.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("Password", strPasswordHashed);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("SubscriberCode", RadTextBoxSubscriberCode.Text.Trim());
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("SubscriberStatus", strSubscriberStatus);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnRisk", strRisk);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnPremium", strPremium);
sqlCommandX.Parameters.Add(sqlParam);
sqlParam = new SqlParameter("returnCover", strCover);
sqlCommandX.Parameters.Add(sqlParam);
SqlDataReader dr = sqlCommandX.ExecuteReader();
while (dr.Read())
{
strResult = dr.GetString(0);
}
if (strResult == "Ok")
{
//Close the window
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "mykey", "CloseAndRebind();", true);
}
else
{
lblInfo.Text = strResult;
}
}
catch (Exception ex)
{
lblInfo.Text = ex.Message;
}
finally
{
sqlConnectionX.Close();
}
#endregion
}
}