protected void btnSubmit_Click(object sender, EventArgs e)
{
//added by kuntal karar on 26thMay 2016to make user force to change password
JKS.Users objUsers = new JKS.Users();
string strResetAnswer = string.Empty;
if (txtResetQuestionAnswer.Text.Trim().Length == 0)
{
this.RegisterClientScriptBlock("clientScript", "<script language=javascript>alert('Please enter Answer.'); </script>");
return;
}
else
{
// Salting Password Needed
SimpleHash objSimpleHash = new SimpleHash();
string salt = ConfigurationManager.AppSettings["SaltingKey"].Trim().ToString();
strResetAnswer = objSimpleHash.ComputeHash(txtResetQuestionAnswer.Text.Trim().ToString().ToUpper(), "SHA1", System.Text.Encoding.ASCII.GetBytes(salt));
// strResetAnswer=txtResetQuestionAnswer.Text.Trim().ToString().ToUpper();
}
int UserID = 0;
if (Request.QueryString["UserID"] != null)
{
UserID = Convert.ToInt32(Request.QueryString["UserID"]);
}
int iReturnValue = 0;
//blocked by kuntalkarar on 26thMay2016
// List<PasswordReset> lstSaltedPassword = objPasswordReset.checkSaltedPassword(UserID, txtResetQuestionAnswer.Text);//strResetAnswer
//added by kuntalkarar on 26thMay2016
List <PasswordReset> lstSaltedPassword = objPasswordReset.checkSaltedPassword(UserID, strResetAnswer);
if (lstSaltedPassword.Count > 0)
{
iReturnValue = lstSaltedPassword[0].iReturnValue;
}
if (iReturnValue == 1)
{
string strPassword = Guid.NewGuid().ToString().Substring(0, 8);
int strDbUserID = Convert.ToInt32(Request.QueryString["UserID"]);
ChangePassword(strDbUserID, strPassword);
// Change Password Section
int iReturnVal = 0;
//blocked by kuntal karar on 28thMay 2016 for RijnDael encryption.
//iReturnVal = ForgotChangePassword(strDbUserID, EncryptJKS.EncryptData(strPassword));
//Added by kuntal karar on 28thMay 2016 for RijnDael encryption.
iReturnVal = ForgotChangePassword(strDbUserID, objEncrypt.RijndaelEncription(strPassword));
if (iReturnVal == -101)
{
this.RegisterClientScriptBlock("clientScript", "<script language=javascript>alert('Error Changing Password.'); </script>");
return;
}
else
{
//added by kuntal karar on 26thMay 2016 to make user force to change password
objUsers.PasswordChangeRequired(strDbUserID);
}
string Email = FetchUserEmail(strDbUserID);
SendMailInfo(strDbUserID, Email, strPassword);
Response.Redirect("JKSSecurityIntermediate.aspx"); // need to create this page..
}
else if (iReturnValue == -501)
{
Page.RegisterStartupScript("Reg", "<script>PopulateMessage(-501);</script>");
return;
}
else if (iReturnValue == -500)
{
Page.RegisterStartupScript("Reg", "<script>PopulateMessage(-500);</script>");
return;
}
}