Пример #1
0
        private void cxBtnOk_Click(object sender, EventArgs e)
        {
            if (cxTextEditOldPwd.EditValue == null || Convert.ToString(cxTextEditOldPwd.EditValue).Trim() == "")
            {
                oSecMainFrm.MessageDlg("Old Password cannot be blank...", "mtWarning", "mbOk", 0);
                return;
            }
            if (cxTextEditNewPwd.EditValue == null || Convert.ToString(cxTextEditNewPwd.EditValue).Trim() == "")
            {
                oSecMainFrm.MessageDlg("New Password cannot be blank...", "mtWarning", "mbOk", 0);
                return;
            }
            if (cxTextEditConfirmPwd.EditValue == null || Convert.ToString(cxTextEditConfirmPwd.EditValue).Trim() == "")
            {
                oSecMainFrm.MessageDlg("Confirm Password cannot be blank...", "mtWarning", "mbOk", 0);
                return;
            }

            RetrieveUserLoginInfo(cxTextEditUserName.EditValue.ToString());
            if (dtUserLoginInfo != null && dtUserLoginInfo.Rows.Count > 0)
            {
                string sUserName, sPassword, sOldPassword, sNewPassword;
                sUserName = dtUserLoginInfo.Rows[0]["USERNAME"].ToString();
                sPassword = dtUserLoginInfo.Rows[0]["USER_PASSWORD"].ToString();

                try
                {
                    sOldPassword = XpedeonCrypto.XpedeonServerEncrypt(Convert.ToString(cxTextEditOldPwd.EditValue));
                }
                catch (Exception ex)
                {
                    throw ex;
                }

                if (sPassword != sOldPassword)
                {
                    oSecMainFrm.MessageDlg("Old Password does not match.", "mtWarning", "mbOk", 0);
                    return;
                }
                if (Convert.ToString(cxTextEditNewPwd.EditValue) != Convert.ToString(cxTextEditConfirmPwd.EditValue))
                {
                    oSecMainFrm.MessageDlg("New Password and Confirm Password dont match.", "mtWarning", "mbOk", 0);
                    return;
                }

                try
                {
                    sNewPassword = XpedeonCrypto.XpedeonServerEncrypt(Convert.ToString(cxTextEditNewPwd.EditValue));
                    UpdateUserPassword(Convert.ToString(cxTextEditUserName.EditValue), sNewPassword);
                    oSecMainFrm.MessageDlg("Password Changed Successfully.", "mtConfirmation", "mbOk", 0);
                    this.DialogResult = System.Windows.Forms.DialogResult.OK;
                }
                catch (Exception ex)
                {
                    throw ex;
                }
            }
        }
Пример #2
0
        private void cxBtnOk_Click(object sender, EventArgs e)
        {
            string sSQLServOldPwd, sSQLServNewPwd;

            if (cxTextEditOldPwd.EditValue == null || Convert.ToString(cxTextEditOldPwd.EditValue).Trim() == "")
            {
                oSecMainFrm.MessageDlg("Old Password cannot be blank...", "mtWarning", "mbOk", 0);
                return;
            }
            if (cxTextEditNewPwd.EditValue == null || Convert.ToString(cxTextEditNewPwd.EditValue).Trim() == "")
            {
                oSecMainFrm.MessageDlg("Please enter the new password.", "mtWarning", "mbOk", 0);
                return;
            }
            if (cxTextEditConfirmPwd.EditValue == null || Convert.ToString(cxTextEditConfirmPwd.EditValue).Trim() == "")
            {
                oSecMainFrm.MessageDlg("Please enter the confirm password.", "mtWarning", "mbOk", 0);
                return;
            }

            try
            {
                sSQLServOldPwd = XpedeonCrypto.XpedeonServerDecrypt(PCFSecurity.oSecDM.sSuperUserPassword);
            }
            catch (Exception ex)
            {
                throw ex;
            }

            if (!Convert.ToString(cxTextEditOldPwd.EditValue).Equals(sSQLServOldPwd, StringComparison.InvariantCulture))
            {
                oSecMainFrm.MessageDlg("Old Password does not match.", "mtWarning", "mbOk", 0);
                return;
            }
            if (Convert.ToString(cxTextEditNewPwd.EditValue) != Convert.ToString(cxTextEditConfirmPwd.EditValue))
            {
                oSecMainFrm.MessageDlg("New Password and Confirm Password dont match.", "mtWarning", "mbOk", 0);
                return;
            }

            try
            {
                sSQLServNewPwd = XpedeonCrypto.XpedeonServerEncrypt(Convert.ToString(cxTextEditNewPwd.EditValue));
                UpdateSQLServPassword(Convert.ToString(cxTextEditUserName.EditValue), Convert.ToString(cxTextEditNewPwd.EditValue), Convert.ToString(cxTextEditOldPwd.EditValue));

                string sAppPath = Application.StartupPath.ToString();
                System.Xml.XmlDocument xdDataBaseConnection = new System.Xml.XmlDocument();
                xdDataBaseConnection.Load(@sAppPath + "\\PCFSecurityAccessInfo.xml");
                if (xdDataBaseConnection.GetElementsByTagName("PASSWORD").Count > 0)
                {
                    // Get the target node using XPath
                    System.Xml.XmlNode xnOldPwd = xdDataBaseConnection.SelectSingleNode("//PASSWORD");
                    // Create a new comment node with XML content of the target node
                    System.Xml.XmlComment xcOldPwd = xdDataBaseConnection.CreateComment(xnOldPwd.OuterXml);
                    // Replace the target node with the comment
                    xdDataBaseConnection.DocumentElement.ReplaceChild(xcOldPwd, xnOldPwd);

                    // Create a new node
                    System.Xml.XmlElement xeNewPwd = xdDataBaseConnection.CreateElement("PASSWORD");
                    xeNewPwd.InnerText = sSQLServNewPwd;
                    // Add the node to the document
                    xdDataBaseConnection.DocumentElement.AppendChild(xeNewPwd);
                }
                xdDataBaseConnection.Save(@sAppPath + "\\PCFSecurityAccessInfo.xml");

                PCFSecurity.oSecDM.DataModuleCreate();

                oSecMainFrm.MessageDlg("Password Changed Successfully.", "mtConfirmation", "mbOk", 0);
                this.DialogResult = System.Windows.Forms.DialogResult.OK;
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
Пример #3
0
        private void cxDBVerGridUserCreation_ValidateRecord(object sender, DevExpress.XtraVerticalGrid.Events.ValidateRecordEventArgs e)
        {
            DevExpress.XtraVerticalGrid.VGridControl vGrid = sender as DevExpress.XtraVerticalGrid.VGridControl;
            string sUsername = Convert.ToString(vGrid.GetCellValue(cxDBVerGridUserCreationUSERNAME, e.RecordIndex));

            if (drUserSetup == null)
            {
                return;
            }

            //if (sUsername.IndexOf(' ') > 0)
            if (drUserSetup["USERNAME"] != DBNull.Value && Convert.ToString(drUserSetup["USERNAME"]).IndexOf(' ') > 0)
            {
                oSecMainFrm.MessageDlg("Blank Spaces are not allowed in User Name.", "mtError", "mbOk", 0);
                e.Valid = false; sIsValided = "E";
                return;
            }

            //if (sUsername.Trim() == "")
            if (drUserSetup["USERNAME"] == DBNull.Value || string.IsNullOrWhiteSpace(drUserSetup["USERNAME"].ToString().Trim()))
            {
                oSecMainFrm.MessageDlg("User Name cannot be blank.", "mtError", "mbOk", 0);
                e.Valid = false; sIsValided = "E";
                return;
            }
            else if (Convert.ToString(drUserSetup["USERNAME"]).Length > 27)
            {
                oSecMainFrm.MessageDlg("User Name exceeds maximum permissible length of 27.", "mtError", "mbOk", 0);
                e.Valid = false; sIsValided = "E";
                return;
            }
            else
            {
                drUserSetup["USERNAME"] = Convert.ToString(drUserSetup["USERNAME"]).Trim().ToUpper();
            }

            //if(Convert.ToString(vGrid.GetCellValue(cxDBVerGridUserCreationPASSWORD, e.RecordIndex)).Trim() == "")
            if (drUserSetup["USER_PASSWORD"] == DBNull.Value || string.IsNullOrWhiteSpace(drUserSetup["USER_PASSWORD"].ToString().Trim()))
            {
                oSecMainFrm.MessageDlg("Password cannot be blank.", "mtError", "mbOk", 0);
                e.Valid = false; sIsValided = "E";
                return;
            }

            //if (Convert.ToString(vGrid.GetCellValue(cxDBVerGridUserCreationCONfPASSWORD, e.RecordIndex)).Trim() == "")
            if (drUserSetup["CON_PASSWORD"] == DBNull.Value || string.IsNullOrWhiteSpace(drUserSetup["CON_PASSWORD"].ToString().Trim()))
            {
                oSecMainFrm.MessageDlg("Confirm Password cannot be blank.", "mtError", "mbOk", 0);
                e.Valid = false; sIsValided = "E";
                return;
            }

            /*if (Convert.ToString(vGrid.GetCellValue(cxDBVerGridUserCreationMaintainBlackoutPeriod, e.RecordIndex)) == "Y" &&
             *  Convert.ToString(vGrid.GetCellValue(cxDBVerGridUserCreationCorporateUser, e.RecordIndex)) == "N")*/
            if (drUserSetup["PCF_MAINTAIN_BLACKOUT_PERIOD"] != DBNull.Value && Convert.ToString(drUserSetup["PCF_MAINTAIN_BLACKOUT_PERIOD"]) == "Y" &&
                drUserSetup["PCF_CORPORATE_USER"] != DBNull.Value && Convert.ToString(drUserSetup["PCF_CORPORATE_USER"]) == "N")
            {
                oSecMainFrm.MessageDlg("Only a corporate user can maintain blackout period.", "mtError", "mbOk", 0);
                e.Valid = false; sIsValided = "E";
                return;
            }

            if (drUserSetup.RowState == DataRowState.Added)
            {
                object oResult = oUserSetup.CheckUserNameExist(drUserSetup["USERNAME"].ToString());
                if (oResult != null && Convert.ToInt32(oResult) > 0)
                {
                    oSecMainFrm.MessageDlg("User Name already exits.", "mtError", "mbOk", 0);
                    e.Valid = false; sIsValided = "E";
                    return;
                }

                if (Convert.ToString(drUserSetup["USER_PASSWORD"]) != Convert.ToString(drUserSetup["CON_PASSWORD"]))
                {
                    oSecMainFrm.MessageDlg("Password confirmation is wrong.", "mtError", "mbOk", 0);
                    e.Valid = false; sIsValided = "E";
                    return;
                }

                try
                {
                    drUserSetup["USER_PASSWORD"] = XpedeonCrypto.XpedeonServerEncrypt(drUserSetup["USER_PASSWORD"].ToString());
                }
                catch (Exception ex)
                {
                    e.Valid = false; sIsValided = "E";
                    throw ex;
                }
            }
            else //if (drUserSetup.RowState == DataRowState.Modified)
            if (sPrevPassword != Convert.ToString(drUserSetup["USER_PASSWORD"]))
            {
                if (Convert.ToString(drUserSetup["USER_PASSWORD"]) != Convert.ToString(drUserSetup["CON_PASSWORD"]))
                {
                    oSecMainFrm.MessageDlg("Password confirmation is wrong.", "mtError", "mbOk", 0);
                    e.Valid = false; sIsValided = "E";
                    return;
                }

                try
                {
                    drUserSetup["USER_PASSWORD"] = XpedeonCrypto.XpedeonServerEncrypt(drUserSetup["USER_PASSWORD"].ToString());
                }
                catch (Exception ex)
                {
                    e.Valid = false; sIsValided = "E";
                    throw ex;
                }

                drUserSetup["PASSWORD_UPDATED_ON"] = DateTime.Now;
            }

            sIsValided = "Y";
        }
Пример #4
0
        private void cxBttnOK_Click(object sender, EventArgs e)
        {
            if (cxEdiUserName.EditValue == null || Convert.ToString(cxEdiUserName.EditValue).Trim() == "")
            {
                oSecMainFrm.MessageDlg("User Name cannot be blank...", "mtWarning", "mbOk", 0);
                return;
            }
            if (cxEdPassword.EditValue == null || Convert.ToString(cxEdPassword.EditValue).Trim() == "")
            {
                oSecMainFrm.MessageDlg("Password cannot be blank...", "mtWarning", "mbOk", 0);
                return;
            }

            if (cxEdiUserName.EditValue != null && !string.IsNullOrWhiteSpace(cxEdiUserName.EditValue.ToString()))
            {
                if (Convert.ToString(cxEdiUserName.EditValue).Length > 27)
                {
                    oSecMainFrm.MessageDlg("User Name exceeds maximum permissible length of 27.", "mtError", "mbOk", 0);
                    return;
                }
                PCFSecurity.oSecDM.pUserName = cxEdiUserName.EditValue.ToString();

                string sEncryptPassword = "";
                try
                {
                    sEncryptPassword = XpedeonCrypto.XpedeonServerEncrypt(Convert.ToString(cxEdPassword.EditValue));

                    RetrieveUserLoginInfo(Convert.ToString(cxEdiUserName.EditValue));
                    if (dtUserLoginInfo != null && dtUserLoginInfo.Rows.Count > 0)
                    {
                        if (dtUserLoginInfo.Rows[0]["ENABLE_DISABLE"] != DBNull.Value && dtUserLoginInfo.Rows[0]["ENABLE_DISABLE"].ToString() == "N")
                        {
                            oSecMainFrm.MessageDlg("User needs to be enabled to log in.", "mtWarning", "mbOk", 0);
                            return;
                        }

                        if (dtUserLoginInfo.Rows[0]["CURRENT_DATE"] != DBNull.Value && dtUserLoginInfo.Rows[0]["PASSWORD_UPDATED_ON"] != DBNull.Value &&
                            (Convert.ToDateTime(dtUserLoginInfo.Rows[0]["CURRENT_DATE"]) - Convert.ToDateTime(dtUserLoginInfo.Rows[0]["PASSWORD_UPDATED_ON"])).TotalDays > 30)
                        {
                            oSecMainFrm.MessageDlg("Password has been expired.", "mtWarning", "mbOk", 0);

                            ChngUserPassword oChngPwd = new ChngUserPassword();
                            oChngPwd.ShowDialog();
                            oChngPwd.Dispose();

                            this.Close();
                        }

                        if (dtUserLoginInfo.Rows[0]["USER_PASSWORD"] != DBNull.Value && dtUserLoginInfo.Rows[0]["USER_PASSWORD"].ToString() != sEncryptPassword)
                        {
                            oSecMainFrm.MessageDlg("Password entered is incorrect.", "mtError", "mbOk", 0);
                            return;
                        }

                        this.DialogResult = System.Windows.Forms.DialogResult.OK;
                    }
                    else
                    {
                        oSecMainFrm.MessageDlg("User Name or Password do not match.", "mtError", "mbOk", 0);
                        return;
                    }
                }
                catch (Exception ex)
                {
                    throw ex;
                }
            }
        }
Пример #5
0
        private Dictionary <string, object> GetPCFSecAccessInfo()
        {
            string      sAppPath                = Application.StartupPath.ToString();
            XmlDocument xdDataBaseConnection    = new XmlDocument();
            Dictionary <string, object> oResult = null;

            try
            {
                xdDataBaseConnection.Load(@sAppPath + "\\PCFSecurityAccessInfo.xml");
            }
            catch (Exception ex)
            {
                /*if (ex is System.IO.FileNotFoundException)
                 *  throw ex;
                 * else*/
                if (ex is System.Xml.XmlException)
                {
                    oSecMainFrm.MessageDlg("PCFSecurityAccessInfo.xml : " + ex.Message, "mtError", "mbOk", 0);
                    return(oResult);
                }
                else
                {
                    throw ex;
                }
            }

            if (xdDataBaseConnection.GetElementsByTagName("DB").Count == 0)
            {
                oSecMainFrm.MessageDlg("PCFSecurityAccessInfo.xml does not contain DB tag.", "mtError", "mbOk", 0);
                return(oResult);
            }
            if (xdDataBaseConnection.GetElementsByTagName("HOSTNAME").Count == 0)
            {
                oSecMainFrm.MessageDlg("PCFSecurityAccessInfo.xml does not contain HOSTNAME tag.", "mtError", "mbOk", 0);
                return(oResult);
            }
            if (xdDataBaseConnection.GetElementsByTagName("DB_NAME").Count == 0)
            {
                oSecMainFrm.MessageDlg("PCFSecurityAccessInfo.xml does not contain DB_NAME tag.", "mtError", "mbOk", 0);
                return(oResult);
            }
            if (xdDataBaseConnection.GetElementsByTagName("USERNAME").Count == 0)
            {
                oSecMainFrm.MessageDlg("PCFSecurityAccessInfo.xml does not contain USERNAME tag.", "mtError", "mbOk", 0);
                return(oResult);
            }

            if (xdDataBaseConnection.GetElementsByTagName("USERID").Count == 0)
            {
                oSecMainFrm.MessageDlg("PCFSecurityAccessInfo.xml does not contain USERID tag.", "mtError", "mbOk", 0);
                return(oResult);
            }
            if (xdDataBaseConnection.GetElementsByTagName("PASSWORD").Count == 0)
            {
                oSecMainFrm.MessageDlg("PCFSecurityAccessInfo.xml does not contain PASSWORD tag.", "mtError", "mbOk", 0);
                return(oResult);
            }

            oResult = new Dictionary <string, object>();

            string sDB = (xdDataBaseConnection.GetElementsByTagName("DB"))[0].InnerText;

            oResult.Add("DB", sDB);
            string sDataSource = (xdDataBaseConnection.GetElementsByTagName("HOSTNAME"))[0].InnerText;

            oResult.Add("HOSTNAME", sDataSource);
            string sInitialCatalog = (xdDataBaseConnection.GetElementsByTagName("DB_NAME"))[0].InnerText;

            oResult.Add("DB_NAME", sInitialCatalog);
            string sRegUserName = (xdDataBaseConnection.GetElementsByTagName("USERNAME"))[0].InnerText;

            oResult.Add("USERNAME", sRegUserName);

            if (xdDataBaseConnection.GetElementsByTagName("WORKING_DIRECTORY").Count > 0)
            {
                string sWorkDir = (xdDataBaseConnection.GetElementsByTagName("WORKING_DIRECTORY"))[0].InnerText;
                oResult.Add("WORK_DIR", sWorkDir);
            }

            string sUserID = (xdDataBaseConnection.GetElementsByTagName("USERID"))[0].InnerText;

            oResult.Add("USERID", sUserID);
            string sPassword = (xdDataBaseConnection.GetElementsByTagName("PASSWORD"))[0].InnerText;

            oResult.Add("PASSWORD", sPassword);
            try
            {
                sPassword = XpedeonCrypto.XpedeonServerDecrypt(sPassword);
            }
            catch (Exception ex)
            {
                throw ex;
            }

            //string connString = "Data Source=" + sDataSource + ";Initial Catalog=" + sInitialCatalog + ";User ID=" + sUserID + ";Password="******"Data Source=" + sDataSource + ";Initial Catalog=" + sInitialCatalog;

            if (sDB == "S" && !string.IsNullOrWhiteSpace(sRegUserName))
            {
                connString += ";User ID=" + sRegUserName.ToLower() + ";Password=site";
            }
            else
            {
                connString += ";User ID=" + sUserID + ";Password="******"CONN", connString);

            return(oResult);
        }