Пример #1
0
        //private void saveDateTimeOfUser(string userID, string connectionString, string loginTime, string date, string publicIP, string publicMAC)
        //{
        //    SqlConnection con;
        //    SqlCommand cmd;
        //    con = new SqlConnection(connectionString);
        //    string currentHostname = System.Environment.MachineName.ToString();
        //    con.Open();
        //    try
        //    {


        //        cmd = new SqlCommand("INSERT INTO [dbo].[LogAnalysis] (UserID, LoginTime, LoginDate, IpAddress , MacAddress , hostname) VALUES (@UserID, @LoginTime, @LoginDate , @IPAddress , @MACAddress , @HostName)", con);
        //        cmd.Parameters.AddWithValue("@UserID", userID);
        //        cmd.Parameters.AddWithValue("@LoginTime", loginTime);
        //        cmd.Parameters.AddWithValue("@LoginDate", date.ToString());
        //        cmd.Parameters.AddWithValue("@IPAddress", publicIP);
        //        cmd.Parameters.AddWithValue("@MACAddress", publicMAC);
        //        cmd.Parameters.AddWithValue("@HostName", currentHostname);
        //        cmd.ExecuteNonQuery();

        //    }
        //    catch (Exception ex)
        //    {
        //        Console.WriteLine(ex.Message);
        //    }
        //    finally
        //    {
        //        con.Close();
        //    }
        //}

        private void ForgotPassword3NextButton_Click(object sender, RoutedEventArgs e)
        {
            string selected_ForgotPasswordCode = UserModel.UserModel.twoFAcode;

            UserModel.UserModel cm = UserModel.UserModel._currentUserModel;
            string userID          = cm.userID;

            if (ForgotPasswordCodeTextBox.Text == selected_ForgotPasswordCode)
            {
                MessageBox.Show("Correct!");
                string date      = AlgorithmLibary.PredictionModel.getCurrentDate();
                string loginTime = DateTime.Now.ToString("HH.mm");
                string publicIP  = PredictionModel.getCurrentPublicIP();
                string publicMAC = PredictionModel.getCurrentMAC();
                Console.WriteLine(publicMAC + "HELLO");
                string riskLevelStatement = "Low";
                //Use the same class for saveDateTime Method - Justin Changed at 1:20 am on 6/8/2017
                UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
                string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);

                string selected_UserID = (App.Current as App).LoginUserID;

                try
                {
                    string connectionString = conSettings.ConnectionString;

                    con = new SqlConnection(connectionString);
                    con.Open();
                    cmd = new SqlCommand("DELETE FROM [dbo].[FailedAttempt] where UserID = '" + selected_UserID + "'", con);
                    cmd.ExecuteNonQuery();
                }
                catch (Exception ex)
                {
                    System.Windows.MessageBox.Show(ex.Message);
                }
                finally
                {
                    con.Close();
                }

                if (exist != null)
                {
                    UserModel.UserModel.updateFollowUp(userID, connectionString, "False");
                }
                else
                {
                    UserModel.UserModel.saveFollowUp(userID, connectionString, "False");
                }

                Page cloud = new StartupPage();
                PredictionModel.SessionRiskValue = riskLevelStatement;
                this.NavigationService.Navigate(cloud);
            }
            else
            {
                MessageBox.Show("Invalid code! Please Try Again");
                //Remove the statement below because it will conflict with my fe
                counter++;
                if (counter > 3)
                {
                    MessageBox.Show("More than 3 attempts! Account will be locked now!");
                    string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);
                    if (exist != null)
                    {
                        UserModel.UserModel.updateFollowUp(userID, connectionString, "True");
                    }
                    else
                    {
                        UserModel.UserModel.saveFollowUp(userID, connectionString, "True");
                    }
                    Page LoginPage = new LoginPage();
                    this.NavigationService.Navigate(LoginPage);
                }
            }
        }
Пример #2
0
        private void ForgotPassword4NextButton_Click(object sender, RoutedEventArgs e)
        {
            LoginPage LP = new LoginPage();

            OldPasswordTextBox.Password = LP.GetSha512FromString(OldPasswordTextBox.Password);
            NewPasswordTextBox.Password = LP.GetSha512FromString(NewPasswordTextBox.Password);

            string selected_ForgotPasswordEmail = (App.Current as App).ForgotPasswordEmail;

            try
            {
                ConnectionStringSettings conSettings = ConfigurationManager.ConnectionStrings["connString"];
                string connectionString = conSettings.ConnectionString;

                con = new SqlConnection(connectionString);
                con.Open();
                cmd    = new SqlCommand("select * from [dbo].[test] where Password = '******' and Email = '" + selected_ForgotPasswordEmail + "'", con);
                reader = cmd.ExecuteReader();

                int count = 0;
                while (reader.Read())
                {
                    count += 1;
                }
                if (count == 1)
                {
                    try
                    {
                        ConnectionStringSettings conSettings1 = ConfigurationManager.ConnectionStrings["connString"];
                        string connectionString1 = conSettings1.ConnectionString;

                        con = new SqlConnection(connectionString1);
                        con.Open();
                        cmd = new SqlCommand("UPDATE [dbo].[test] SET Password = '******' WHERE Email = '" + selected_ForgotPasswordEmail + "'", con);
                        cmd.ExecuteNonQuery();
                    }
                    catch (Exception ex)
                    {
                        System.Windows.MessageBox.Show(ex.Message);
                    }
                    finally
                    {
                        con.Close();
                    }

                    MessageBox.Show("You have changed your password.");
                    OldPasswordTextBox.Clear();
                    NewPasswordTextBox.Clear();
                    this.NavigationService.Navigate(new Uri(@"LoginPage.xaml", UriKind.RelativeOrAbsolute));
                }
                else
                {
                    MessageBox.Show("Incorrect old password.");
                }
            }
            catch (Exception ex)
            {
                System.Windows.MessageBox.Show(ex.Message);
            }
            finally
            {
                con.Close();
            }

            OldPasswordTextBox.Clear();
            NewPasswordTextBox.Clear();
        }