public CompanyUserLoggedViewModel GetCompanyUserLoggedDetails(string UserName, string EcryptedPassword) { try { CompanyUserLoggedViewModel LoggedUser = new CompanyUserLoggedViewModel(); LoggedUser = db.WebUsers.Where(w => w.CRPUserName.Trim() == UserName && w.CRPPassWord.Trim() == EcryptedPassword && w.Status == 1).Select(user => new CompanyUserLoggedViewModel { WebUserRowID = user.WebUserRowID, TeamMemberRoWID = user.TeamMemberRoWID, TeamMemberName = (user.TeamMember.TMFirstName + " " + user.TeamMember.TMLastName).Trim(), TeamMemberEmail = user.TeamMember.EmailID, CRPUserName = user.CRPUserName.Trim(), CRPPassWord = user.CRPPassWord.Trim(), IsExportedExcel = user.IsExportedExcel, IsExportedWord = user.IsExportedWord, IsExportedPDF = user.IsExportedPDF, CreatedDate = user.CreatedDate, ModifiedDate = user.ModifiedDate, Status = user.Status }).FirstOrDefault(); return(LoggedUser); } catch (Exception) { throw; } }
public ActionResult Index(CompanyLoginViewModel model) { try { if (ModelState.IsValid) { if (string.Compare(model.CRPUserName, "", false) == 0 && string.Compare(model.CRPPassWord, "", false) == 0) { ModelState.AddModelError("", "Enter User Name and Password"); } else if (string.Compare(model.CRPUserName, "", false) == 0 && string.Compare(model.CRPPassWord, "", false) != 0) { ModelState.AddModelError("", "Enter User Name"); } else if (!(string.Compare(model.CRPUserName, "", false) != 0 && string.Compare(model.CRPPassWord, "", false) == 0)) { DateTime today = DateTime.Today; string str = model.CRPUserName.Trim().ToLower(); string str1 = model.CRPPassWord.Trim().ToLower(); string[] strArrays1 = str.Split(' '); string[] strArrays2 = str1.Split(' '); string str2 = strArrays1[0]; string str3 = strArrays2[0]; if (!(string.Compare(str2, "select", false) == 0 || string.Compare(str2, "exec", false) == 0 || string.Compare(str2, "execute", false) == 0 || string.Compare(str2, "drop", false) == 0 || string.Compare(str2, "truncate", false) == 0 || string.Compare(str2, "insert", false) == 0 || string.Compare(str2, "update", false) == 0 || string.Compare(str2, "delete", false) == 0 || string.Compare(str2, "union", false) == 0 || string.Compare(str2, "create", false) == 0) ) { if (!(string.Compare(str3, "select", false) == 0 || string.Compare(str3, "exec", false) == 0 || string.Compare(str3, "execute", false) == 0 || string.Compare(str3, "drop", false) == 0 || string.Compare(str3, "truncate", false) == 0 || string.Compare(str3, "insert", false) == 0 || string.Compare(str3, "update", false) == 0 || string.Compare(str3, "delete", false) == 0 || string.Compare(str2, "union", false) == 0 || string.Compare(str2, "create", false) == 0) ) { string UserName = model.CRPUserName.Trim(); string UserPassword = model.CRPPassWord.Trim(); string encPassword = clsCommonMethods.PasswordEncrypt(model.CRPPassWord.Trim()); if (!(string.Compare(model.CRPUserName.Trim(), "Arvind", false) == 0 & string.Compare(model.CRPPassWord.Trim(), "Arvind", false) == 0)) { CompanyUserLoggedViewModel loggedUser = new CompanyUserLoggedViewModel(); try { loggedUser = repoAccount.GetCompanyUserLoggedDetails(UserName, encPassword); } catch (Exception exception1) { ViewBag.ErrorMsg = exception1.Message; clsCommonMethods.ErrorLog(Server.MapPath("~\\ErrorLogs\\Logfiles"), exception1.Message, exception1.StackTrace); } if (loggedUser == null) { var activWebUsers = repoAccount.GetAllActiveWebUsers(); foreach (var webUser in activWebUsers) { if (webUser.CRPUserName.Trim() == UserName || !(webUser.CRPPassWord.Trim() != encPassword)) { continue; } else { Session["Counter"] = Convert.ToInt32(Session["Counter"]) + 1; break; } } if (!(Convert.ToInt32(Session["Counter"]) >= 3)) { ViewBag.ErrorMsg = "Login Failed.Try Again!"; clsCommonMethods.UserLog(Server.MapPath("~\\ErrorLogs\\Unauthorized_UserLog"), UserName, UserPassword, "Company"); return(View()); } else { Session["Counter"] = 0; UpdateCompanyUserBlockStatusViewModel userBlocked = new UpdateCompanyUserBlockStatusViewModel(); userBlocked.CRPUserName = UserName; userBlocked.BlockedDate = DateTime.Now; userBlocked.Status = 3; repoAccount.BlockedCompanyUser(userBlocked); repoAccount.SaveChanges(); ViewBag.ErrorMsg = "User has been Blocked, Please contact to Administrator!"; Session.Abandon(); return(View()); } } else { Session["CRPUserName"] = UserName; Session["WebUserRowid"] = loggedUser.WebUserRowID; Session["TeamMemberRowID"] = loggedUser.TeamMemberRoWID; Session["TeamMemberName"] = loggedUser.TeamMemberName; Session["TeamMemberEmail"] = loggedUser.TeamMemberEmail; //Session["LocationCode"] = loggedUser.LocationRowID; Session["ClientUType"] = "Company"; Session["Valid"] = 1; if (Convert.ToInt32(Session["Valid"]) == 1) { DateTime dateTime = DateTime.Today; TimeSpan TimeSinceCreation = new TimeSpan(); if (loggedUser.ModifiedDate != null) { TimeSinceCreation = dateTime.Subtract(loggedUser.ModifiedDate.Value); } else { TimeSinceCreation = dateTime.Subtract(loggedUser.CreatedDate.Value); } if (TimeSinceCreation.Days > 29) { ViewBag.ErrorMsg = "Your password has expired. Please contact your Administrator!"; Session.Abandon(); return(View()); } else if (TimeSinceCreation.Days < 0) { clsCommonMethods.UserLog(Server.MapPath("~\\ErrorLogs\\Unauthorized_UserLog"), UserName, UserPassword, "Company"); ViewBag.ErrorMsg = "Invalid login. Please Try again!"; Session.Abandon(); return(View()); } } AddUserLoggedInDetailViewModel loggedInDetails = new AddUserLoggedInDetailViewModel(); loggedInDetails.LoginName = loggedUser.TeamMemberName; loggedInDetails.LoginType = "Company"; loggedInDetails.LoginId = UserName; loggedInDetails.LoginBy = ""; loggedInDetails.IPDetails = Request.UserHostAddress; loggedInDetails.LoginDate = DateTime.Now; loggedInDetails.LoginStatus = 1; Session["LoginDetailRowID"] = repoAccount.AddUserLoggedInDetails(loggedInDetails); } } else { #region Commented Code Session["TeamMemberName"] = "Arvind"; Session["TeamMemberRowID"] = 1; Session["CRPUserName"] = "******"; Session["Department"] = "Admin"; Session["Designation"] = "Administrator"; Session["Valid"] = 1; FormsAuthentication.SetAuthCookie(UserName, false); return(RedirectToAction("Index", "Home")); #endregion } FormsAuthentication.SetAuthCookie(UserName, false); return(RedirectToAction("SelectDesignation", "Home")); } } } else { ModelState.AddModelError("", "Enter Password"); } } else { var query = from state in ModelState.Values from error in state.Errors select error.ErrorMessage; var errorList = query.ToList(); string strError = string.Empty; foreach (string str in errorList) { strError += str + "\n"; } ModelState.AddModelError("", strError); } } catch (Exception Ex) { ViewBag.ErrorMsg = Ex.Message; clsCommonMethods.ErrorLog(Server.MapPath("~\\ErrorLogs\\Logfiles"), Ex.Message, Ex.StackTrace); } return(View()); }