protected void btnLogin_Click(object sender, EventArgs e)
        {
            this.lblError.Text    = string.Empty;
            this.lblError.Visible = false;
            this.btnResendValidationEmail.Visible = false;

            this.txtEmail.CssClass      = this.txtEmail.CssClass.Replace("has-error", "");
            this.txtPassword.CssClass   = this.txtPassword.CssClass.Replace("has-error", "");
            this.fgtxtEmail.CssClass    = this.fgtxtEmail.CssClass.Replace("has-error", "");
            this.fgtxtPassword.CssClass = this.fgtxtPassword.CssClass.Replace("has-error", "");

            if (string.IsNullOrEmpty(this.txtEmail.Text.ToString()))
            {
                this.lblError.Text       = "Please enter your email address";
                this.lblError.Visible    = true;
                this.fgtxtEmail.CssClass = this.fgtxtEmail.CssClass.Replace("form-group", "form-group has-error");
                return;
            }

            if (string.IsNullOrEmpty(this.txtPassword.Text.ToString()))
            {
                this.lblError.Text          = "Please enter your password";
                this.lblError.Visible       = true;
                this.fgtxtPassword.CssClass = this.fgtxtPassword.CssClass.Replace("form-group", "form-group has-error");
                return;
            }


            string IPAddress = "";

            try
            {
                IPAddress = GetIPAddress();
            }
            catch { }

            string sql       = "SELECT * FROM app_user WHERE emailaddress = @email AND userpassword = crypt(@password, userpassword);";
            var    paramList = new List <KeyValuePair <string, string> >()
            {
                new KeyValuePair <string, string>("email", this.txtEmail.Text),
                new KeyValuePair <string, string>("password", this.txtPassword.Text)
            };



            DataSet   ds = DataServices.DataSetFromSQL(sql, paramList);
            DataTable dt = ds.Tables[0];

            if (dt.Rows.Count > 0)
            {
                //Valid User
                Session["UserDetailsSxn"] = dt;

                //Record Login
                string userid = "0";
                try
                {
                    userid = dt.Rows[0]["userid"].ToString();
                }
                catch { }
                Session["userID"] = userid;

                string emailconfirmed = "False";
                try
                {
                    emailconfirmed = dt.Rows[0]["emailconfirmed"].ToString();
                }
                catch { }

                string userFullName = "";
                try
                {
                    userFullName = dt.Rows[0]["firstname"].ToString() + " " + dt.Rows[0]["lastname"].ToString();
                }
                catch { }
                Session["userFullName"] = userFullName;

                string userType = "";
                try
                {
                    userType = dt.Rows[0]["usertype"].ToString();
                }
                catch
                {
                    //Response.Redirect("Login.aspx");
                }
                Session["userType"] = userType;

                string matchedclinicianid = "";
                try
                {
                    matchedclinicianid = dt.Rows[0]["matchedclinicianid"].ToString();
                }
                catch
                {
                    //Response.Redirect("Login.aspx");
                }
                Session["matchedclinicianid"] = matchedclinicianid;


                this.hdnEmail.Value = this.txtEmail.Text;

                if (emailconfirmed == "False")
                {
                    this.lblError.Text = "Your account has been created but you have not confirmed your email address yet.<br /><br />Please check your spam folder for the email containing the link to confirm your account";
                    this.btnResendValidationEmail.Visible = true;
                    this.lblError.Visible = true;
                    return;
                }

                string isauthorised = "False";
                try
                {
                    isauthorised = dt.Rows[0]["isauthorised"].ToString();
                }
                catch { }

                if (isauthorised == "False")
                {
                    this.lblError.Text    = "Your account hasnot been authorised yet";
                    this.lblError.Visible = true;
                    return;
                }

                sql = "INSERT INTO loginhistory (userid, emailaddress, ipaddress) VALUES (CAST(@userid AS INT), @emailaddress, @ipaddress);";
                var paramListHistory = new List <KeyValuePair <string, string> >()
                {
                    new KeyValuePair <string, string>("userid", userid),
                    new KeyValuePair <string, string>("emailaddress", this.txtEmail.Text),
                    new KeyValuePair <string, string>("ipaddress", IPAddress)
                };
                DataServices.executeSQLStatement(sql, paramListHistory);

                Response.Redirect(this.lblRedirect.Text);
            }
            else
            {
                //Invalid User
                sql = "INSERT INTO failedlogin(emailaddress, ipaddress)	VALUES ( @emailaddress, @ipaddress); ";
                var paramListFail = new List <KeyValuePair <string, string> >()
                {
                    new KeyValuePair <string, string>("emailaddress", this.txtEmail.Text),
                    new KeyValuePair <string, string>("ipaddress", IPAddress)
                };
                DataServices.executeSQLStatement(sql, paramListFail);
                this.lblError.Text    = "Invalid Username or Password";
                this.lblError.Visible = true;
            }
        }
Пример #2
0
        protected void btnRegister_Click(object sender, EventArgs e)

        {
            string haserr = "form-group has-error";
            string noerr  = "form-group";


            this.lblError.Text                  = string.Empty;
            this.lblError.Visible               = false;
            this.fgEmail.CssClass               = noerr;
            this.fgPassword.CssClass            = noerr;
            this.fgEmail.CssClass               = noerr;
            this.fgPassword.CssClass            = noerr;
            this.fgConfirmPassword.CssClass     = noerr;
            this.fgMatchedOrganisation.CssClass = noerr;
            this.fgMatchedClinician.CssClass    = noerr;

            this.fgFirstName.CssClass = noerr;
            this.fgLastName.CssClass  = noerr;
            this.fgDOB.CssClass       = noerr;

            this.fgTnCs.CssClass = noerr;

            if (this.ddlMatchedOrganisation.SelectedIndex == 0)
            {
                this.lblError.Text    = "Please select an organisation";
                this.lblError.Visible = true;
                this.fgMatchedOrganisation.CssClass = haserr;
                return;
            }

            if (this.ddlMatchedClinician.SelectedIndex == 0)
            {
                this.lblError.Text               = "Please select a clinician";
                this.lblError.Visible            = true;
                this.fgMatchedClinician.CssClass = haserr;
                return;
            }

            if (string.IsNullOrEmpty(this.txtFirstName.Text.ToString()))
            {
                this.lblError.Text        = "Please enter your first name";
                this.lblError.Visible     = true;
                this.fgFirstName.CssClass = haserr;
                return;
            }

            if (string.IsNullOrEmpty(this.txtLastName.Text.ToString()))
            {
                this.lblError.Text       = "Please enter your last name";
                this.lblError.Visible    = true;
                this.fgLastName.CssClass = haserr;
                return;
            }


            if (string.IsNullOrEmpty(this.txtDOB.Text.ToString()))
            {
                this.lblError.Text    = "Please enter your date of birth";
                this.lblError.Visible = true;
                this.fgDOB.CssClass   = haserr;
                return;
            }
            else
            {
                DateTime DTm;
                try
                {
                    DTm = Convert.ToDateTime(this.txtDOB.Text);
                }
                catch
                {
                    this.lblError.Text    = "Please enter your date of birth in the format dd/mm/yyyy";
                    this.lblError.Visible = true;
                    this.fgDOB.CssClass   = haserr;
                    return;
                }
            }

            if (string.IsNullOrEmpty(this.txtRegistrationEmail.Text.ToString()))
            {
                this.lblError.Text    = "Please enter your email address";
                this.lblError.Visible = true;
                this.fgEmail.CssClass = haserr;
                return;
            }

            if (CheckEmailAddress() == 1)
            {
                this.lblError.Text    = "This email address has already been registered";
                this.lblError.Visible = true;
                this.fgEmail.CssClass = haserr;
                return;
            }

            if (string.IsNullOrEmpty(this.txtRegistrationPassword.Text.ToString()))
            {
                this.lblError.Text       = "Please enter a password";
                this.lblError.Visible    = true;
                this.fgPassword.CssClass = haserr;
                return;
            }

            if (string.IsNullOrEmpty(this.txtConfirmPassword.Text.ToString()))
            {
                this.lblError.Text              = "Please confirm your password";
                this.lblError.Visible           = true;
                this.fgConfirmPassword.CssClass = haserr;
                return;
            }

            if (this.txtRegistrationPassword.Text != this.txtConfirmPassword.Text)
            {
                this.lblError.Text              = "Passwords do not match";
                this.lblError.Visible           = true;
                this.fgConfirmPassword.CssClass = haserr;
                this.fgPassword.CssClass        = haserr;
                return;
            }


            if (!this.chkAcceptTnCs.Checked)
            {
                this.lblError.Text    = "Please accept the terms and conditions";
                this.lblError.Visible = true;
                this.fgTnCs.CssClass  = haserr;
                return;
            }

            string sql = "INSERT INTO app_user(usertype, userpassword, matchedorganisationid, matchedclinicianid, nhsnumber, emailaddress, firstname, lastname, dateofbirth, acceptedtermsandconditions)";

            sql += " VALUES (@usertype, crypt(@userpassword, gen_salt('bf', 8)), CAST(@matchedorganisationid AS INT), CAST(@matchedclinicianid AS INT), @nhsnumber, @emailaddress, @firstname, @lastname, CAST(@dateofbirth AS date), CAST(@acceptedtermsandconditions AS BOOL))";

            string acceptedtermsandconditions = "False";

            if (this.chkAcceptTnCs.Checked)
            {
                acceptedtermsandconditions = "True";
            }
            var paramListSave = new List <KeyValuePair <string, string> >()
            {
                new KeyValuePair <string, string>("usertype", this.ddlUserType.SelectedValue),
                new KeyValuePair <string, string>("userpassword", this.txtRegistrationPassword.Text),
                new KeyValuePair <string, string>("matchedorganisationid", this.ddlMatchedOrganisation.SelectedValue),
                new KeyValuePair <string, string>("matchedclinicianid", this.ddlMatchedClinician.SelectedValue),
                new KeyValuePair <string, string>("nhsnumber", this.txtNHSNo.Text),
                new KeyValuePair <string, string>("emailaddress", this.txtRegistrationEmail.Text),
                new KeyValuePair <string, string>("firstname", this.txtFirstName.Text),
                new KeyValuePair <string, string>("lastname", this.txtLastName.Text),
                new KeyValuePair <string, string>("dateofbirth", this.txtDOB.Text),
                new KeyValuePair <string, string>("acceptedtermsandconditions", acceptedtermsandconditions)
            };

            DataServices.executeSQLStatement(sql, paramListSave);

            this.hdnEmail.Value = this.txtRegistrationEmail.Text;

            sendConfirmationEmail();

            Response.Redirect("RegistrationThankYou.aspx?id=patient");
        }
        private void GetUserData(string id)
        {
            string sql       = "SELECT * FROM app_user WHERE userid = CAST(@userid AS INT);";
            var    paramList = new List <KeyValuePair <string, string> >()
            {
                new KeyValuePair <string, string>("userid", id)
            };



            DataSet   ds = DataServices.DataSetFromSQL(sql, paramList);
            DataTable dt = ds.Tables[0];

            if (dt.Rows.Count > 0)
            {
                string userFullName = dt.Rows[0]["firstname"].ToString() + " " + dt.Rows[0]["lastname"].ToString();
                try
                {
                    this.lblUserFullName.Text = userFullName.ToUpper();
                }
                catch { }


                switch (Session["userType"].ToString().ToLower())
                {
                case "patient":
                    break;

                case "clinician":
                    try
                    {
                        this.lblUniqueID.Text = dt.Rows[0]["nhsnumber"].ToString();
                    }
                    catch { }
                    break;

                case "super user":
                    try
                    {
                        this.lblUniqueID.Text = dt.Rows[0]["nhsnumber"].ToString();
                    }
                    catch { }
                    break;
                }

                try
                {
                    this.lblDoB.Text = dt.Rows[0]["dateofbirth"].ToString().Substring(0, 10);;
                }
                catch { }

                try
                {
                    this.lblUserType.Text = dt.Rows[0]["usertype"].ToString();
                }
                catch { }

                try
                {
                    this.hdnEmail.Value = dt.Rows[0]["emailaddress"].ToString();
                }
                catch { }

                try
                {
                    this.hdnMatchedclinicianid.Value = dt.Rows[0]["matchedclinicianid"].ToString();
                }
                catch { }

                string currentStatus      = "Currently Unauthorised";
                string currentStatusClass = "alert alert-info";

                bool isAuthorised = false;
                try
                {
                    isAuthorised = System.Convert.ToBoolean(dt.Rows[0]["isauthorised"].ToString());
                }
                catch { }

                bool isRejected = false;
                try
                {
                    isRejected = System.Convert.ToBoolean(dt.Rows[0]["isrejected"].ToString());
                }
                catch { }

                if (isAuthorised)
                {
                    currentStatus             = "Currently Authorised";
                    currentStatusClass        = "alert alert-success";
                    this.btnAuthorise.Visible = false;
                    //this.btnReject.Visible = false;
                }

                if (isRejected)
                {
                    currentStatus          = "Currently Rejected";
                    currentStatusClass     = "alert alert-danger";
                    this.btnReject.Visible = false;
                }

                this.lblCurrentStatus.Text     = currentStatus;
                this.pnlCurrentStatus.CssClass = currentStatusClass;
            }
        }
Пример #4
0
        public static int SendMail(string messageBody, string messageSubject, string emailTo, out string msg)
        {
            string emailhost        = "";
            string emailuser        = "";
            string emailpassword    = "";
            Int16  emailport        = 0;
            bool   emailusetls      = false;
            string emailfromaddress = "";
            string emailfromname    = "Physical Health App";

            string sql = "SELECT * FROM systemsetup WHERE systemsetupid = 1;";

            DataSet   ds = DataServices.DataSetFromSQL(sql, null);
            DataTable dt = ds.Tables[0];

            if (dt.Rows.Count > 0)
            {
                try { emailhost = dt.Rows[0]["emailhost"].ToString(); } catch { }
                try { emailuser = dt.Rows[0]["emailuser"].ToString(); } catch { }
                try { emailpassword = dt.Rows[0]["emailpassword"].ToString(); } catch { }
                try { emailport = System.Convert.ToInt16(dt.Rows[0]["emailport"].ToString()); } catch { }
                try { emailusetls = System.Convert.ToBoolean(dt.Rows[0]["emailusetls"].ToString()); } catch { }
                try { emailfromaddress = dt.Rows[0]["emailfromaddress"].ToString(); } catch { }
                try { emailfromname = dt.Rows[0]["emailfromname"].ToString(); } catch { }
            }


            if (string.IsNullOrEmpty(emailhost))
            {
                msg = "Email not configured";
                return(0);
            }

            MailMessage Message = new MailMessage();

            Message.Subject = messageSubject;
            Message.Body    = messageBody;
            Message.From    = new System.Net.Mail.MailAddress(emailfromaddress, emailfromname);
            Message.ReplyToList.Add(Message.From);
            Message.IsBodyHtml = true;
            Message.To.Add(new MailAddress(emailTo));

            SmtpClient client = new SmtpClient();

            client.Host = emailhost;
            client.Port = emailport;
            client.UseDefaultCredentials = true;
            client.DeliveryMethod        = SmtpDeliveryMethod.Network;
            client.EnableSsl             = emailusetls;
            client.Credentials           = new NetworkCredential(emailuser, emailpassword);
            try
            {
                client.Send(Message);
                msg = "Email sent successfully";
                return(1);
            }
            catch (Exception ex)
            {
                msg = "Problem with email account: " + ex.ToString();
                return(0);
            }
        }
Пример #5
0
        protected void btnRegister_Click(object sender, EventArgs e)

        {
            string haserr = "form-group has-error";
            string noerr  = "form-group";


            this.lblError.Text                  = string.Empty;
            this.lblError.Visible               = false;
            this.fgEmail.CssClass               = noerr;
            this.fgPassword.CssClass            = noerr;
            this.fgEmail.CssClass               = noerr;
            this.fgPassword.CssClass            = noerr;
            this.fgConfirmPassword.CssClass     = noerr;
            this.fgMatchedOrganisation.CssClass = noerr;
            this.fgFirstName.CssClass           = noerr;
            this.fgLastName.CssClass            = noerr;
            this.fgGMCCode.CssClass             = noerr;

            //if (this.ddlMatchedOrganisation.SelectedIndex == 0)
            //{
            //    this.lblError.Text = "Please select an organisation";
            //    this.lblError.Visible = true;
            //    this.fgMatchedOrganisation.CssClass = haserr;
            //    return;
            //}


            if (string.IsNullOrEmpty(this.txtFirstName.Text.ToString()))
            {
                this.lblError.Text        = "Please enter your first name";
                this.lblError.Visible     = true;
                this.fgFirstName.CssClass = haserr;
                return;
            }

            if (string.IsNullOrEmpty(this.txtLastName.Text.ToString()))
            {
                this.lblError.Text       = "Please enter your last name";
                this.lblError.Visible    = true;
                this.fgLastName.CssClass = haserr;
                return;
            }

            //if (string.IsNullOrEmpty(this.txtGMCCode.Text.ToString()))
            //{
            //    this.lblError.Text = "Please enter your GMC Number";
            //    this.lblError.Visible = true;
            //    this.fgGMCCode.CssClass = haserr;
            //    return;
            //}


            if (string.IsNullOrEmpty(this.txtRegistrationEmail.Text.ToString()))
            {
                this.lblError.Text    = "Please enter your email address";
                this.lblError.Visible = true;
                this.fgEmail.CssClass = haserr;
                return;
            }

            if (CheckEmailAddress() == 1)
            {
                this.lblError.Text    = "This email address has already been registered";
                this.lblError.Visible = true;
                this.fgEmail.CssClass = haserr;
                return;
            }

            if (string.IsNullOrEmpty(this.txtRegistrationPassword.Text.ToString()))
            {
                this.lblError.Text       = "Please enter a password";
                this.lblError.Visible    = true;
                this.fgPassword.CssClass = haserr;
                return;
            }

            if (string.IsNullOrEmpty(this.txtConfirmPassword.Text.ToString()))
            {
                this.lblError.Text              = "Please confirm your password";
                this.lblError.Visible           = true;
                this.fgConfirmPassword.CssClass = haserr;
                return;
            }

            if (this.txtRegistrationPassword.Text != this.txtConfirmPassword.Text)
            {
                this.lblError.Text              = "Passwords do not match";
                this.lblError.Visible           = true;
                this.fgConfirmPassword.CssClass = haserr;
                this.fgPassword.CssClass        = haserr;
                return;
            }



            string sql = "INSERT INTO app_user(usertype, userpassword, gmccode, matchedorganisationid,  emailaddress, firstname, lastname, organisationid, isclinician, isactive, emailconfirmed, issysadmin, isauthorised)";

            sql += " VALUES (@usertype, crypt(@userpassword, gen_salt('bf', 8)), @gmccode, CAST(@matchedorganisationid AS INT), @emailaddress, @firstname, @lastname, CAST(@organisationid AS INT), true, true, true, true, true)";

            var paramListSave = new List <KeyValuePair <string, string> >()
            {
                new KeyValuePair <string, string>("usertype", this.ddlUserType.SelectedValue),
                new KeyValuePair <string, string>("userpassword", this.txtRegistrationPassword.Text),
                new KeyValuePair <string, string>("matchedorganisationid", this.ddlMatchedOrganisation.SelectedValue),
                new KeyValuePair <string, string>("organisationid", this.ddlMatchedOrganisation.SelectedValue),
                new KeyValuePair <string, string>("gmccode", this.txtGMCCode.Text),
                new KeyValuePair <string, string>("emailaddress", this.txtRegistrationEmail.Text),
                new KeyValuePair <string, string>("firstname", this.txtFirstName.Text),
                new KeyValuePair <string, string>("lastname", this.txtLastName.Text)
            };

            DataServices.executeSQLStatement(sql, paramListSave);

            Response.Redirect("RegistrationThankYou.aspx?id=patient");
        }
        private void GetTestData(string id)
        {
            string sql       = "SELECT * FROM app_test WHERE testid = CAST(@testid AS INT);";
            var    paramList = new List <KeyValuePair <string, string> >()
            {
                new KeyValuePair <string, string>("testid", id)
            };



            DataSet   ds = DataServices.DataSetFromSQL(sql, paramList);
            DataTable dt = ds.Tables[0];

            if (dt.Rows.Count > 0)
            {
                string patientid = "";
                try
                {
                    patientid = dt.Rows[0]["patientid"].ToString();
                    this.hdnPatientID.Value = patientid;
                    GetPatientData(patientid);
                }
                catch { }

                string testtypeid = "";
                try
                {
                    testtypeid = dt.Rows[0]["testtypeid"].ToString();
                    GetTestType(testtypeid);
                }
                catch { }

                try
                {
                    this.lbltestnumericresult.Text = dt.Rows[0]["testnumericresult"].ToString();
                }
                catch { }

                try
                {
                    this.lblunitstext.Text = dt.Rows[0]["unitstext"].ToString();
                }
                catch { }

                try
                {
                    this.lbllowerreferencerange.Text = dt.Rows[0]["lowerreferencerange"].ToString();
                }
                catch { }

                try
                {
                    this.lblupperreferencerange.Text = dt.Rows[0]["upperreferencerange"].ToString();
                }
                catch { }

                try
                {
                    this.lblclinicianmessage.Text = dt.Rows[0]["clinicianmessage"].ToString();
                }
                catch { }

                try
                {
                    this.lblnexttestdate.Text = dt.Rows[0]["nexttestdate"].ToString().Substring(0, 10);;
                }
                catch { }
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                string id = "";
                try
                {
                    id = Request.QueryString["id"].ToString();
                }
                catch
                {
                    Response.Redirect("Default.aspx");
                    return;
                }

                this.hdnTestId.Value = id;

                GetTestData(id);

                //this.lblError.Visible = false;


                switch (Session["userType"].ToString().ToLower())
                {
                case "patient":
                    //Response.Redirect("Unauthorised.aspx");
                    //this.lblSummaryType.Text = "My Summary";



                    if (this.hdnPatientID.Value != Session["userID"].ToString())
                    {
                        Response.Redirect("Unauthorised.aspx");
                    }
                    else
                    {
                        //Update test to viewed by patient
                        string sql       = "UPDATE app_test SET patienthasviewed = true, patientvieweddate = NOW() WHERE testid = CAST(@testid AS INT) AND COALESCE(patienthasviewed, false) = false;";
                        var    paramList = new List <KeyValuePair <string, string> >()
                        {
                            new KeyValuePair <string, string>("testid", id)
                        };
                        DataServices.executeSQLStatement(sql, paramList);
                    }
                    break;

                case "clinician":
                    //this.lblSummaryType.Text = "New Result";
                    if (Session["userID"].ToString() != this.hdnMatchedclinicianid.Value)
                    {
                        Response.Redirect("Unauthorised.aspx");
                    }
                    break;

                case "super user":
                    Response.Redirect("Unauthorised.aspx");
                    break;
                }

                this.hdnUserId.Value = Session["userID"].ToString();
            }
        }