public static string ValidatePasswordRules(int userId, string newPassword) { //get existing site settings string attributeList = ""; int siteId; string existingPassword; List <ApiSelectSiteAttributeMapReturnModel> passwordRestrictions = new List <ApiSelectSiteAttributeMapReturnModel>(); attributeList = ((int)Enums.CodeCategoryEnum.SitePasswordResetInterval).ToString() + "," + ((int)Enums.CodeCategoryEnum.SitePasswordSpecialRequirements).ToString() + "," + ((int)Enums.CodeCategoryEnum.SitePasswordLength).ToString() + "," + ((int)Enums.CodeCategoryEnum.SitePasswordUpperCaseRequirements).ToString() + "," + ((int)Enums.CodeCategoryEnum.SitePasswordNumericRequirements).ToString(); ExceptionLogServices exceptionLog = new ExceptionLogServices(); using (var db = new DBAMPContext()) { try { siteId = db.ApiGetUserDefaultSiteId(userId).FirstOrDefault().DefaultSelectedSiteId; } catch (Exception ex) { string sqlParam = "ApiGetUserDefaultSiteId(" + userId + ")"; string methodName = "JCRAPI/Business/UserServices/ValidatePasswordRules"; exceptionLog.ExceptionLogInsert(ex.Message.ToString(), "", methodName, userId, null, sqlParam, string.Empty); siteId = 0; } try { existingPassword = db.ApiGetUserPassword(userId).FirstOrDefault().AttributeValue; } catch (Exception ex) { string sqlParam = "ApiGetUserPassword(" + userId + ")"; string methodName = "JCRAPI/Business/UserServices/ValidatePasswordRules"; exceptionLog.ExceptionLogInsert(ex.Message.ToString(), "", methodName, userId, siteId, sqlParam, string.Empty); existingPassword = string.Empty; } } using (var db = new DBMEdition01Context()) { try { passwordRestrictions = db.ApiSelectSiteAttributeMap(siteId, attributeList); } catch (Exception ex) { string sqlParam = "ApiSelectSiteAttributeMap(" + siteId + "," + attributeList + ")"; string methodName = "JCRAPI/Business/UserServices/ValidatePasswordRules"; exceptionLog.ExceptionLogInsert(ex.Message.ToString(), "", methodName, userId, siteId, sqlParam, string.Empty); existingPassword = string.Empty; } } bool textRestrictions = false; string retValue = ""; bool passwordGood = true; foreach (var restriction in passwordRestrictions) { int rowCode = Convert.ToInt32(restriction.AttributeTypeID.ToString()); int rowValue = Convert.ToInt32(restriction.AttributeValueID.ToString()); switch (rowCode) { case (int)Enums.CodeCategoryEnum.SitePasswordLength: if (newPassword.Trim().Length < rowValue) { retValue += "###Minimum Password Length is " + rowValue.ToString() + " Characters"; passwordGood = false; } break; case (int)Enums.CodeCategoryEnum.SitePasswordResetInterval: string encyptEnteredPwd = ""; if (newPassword.Trim().Length > 0) { encyptEnteredPwd = CryptHelpers.Encrypt(newPassword.Trim(), WebConstants.EncryptionKey); } if (encyptEnteredPwd == existingPassword) { retValue += "###Existing password cannot be used"; passwordGood = false; } break; case (int)Enums.CodeCategoryEnum.SitePasswordSpecialRequirements: if (rowValue == 1) { char[] anyChars = { '!', '#', '$', '%', '&', '(', ')', '*', '+', ',', '.', '/', ':', '<', '=' , '>', '?', '@', '[', '\\', ']', '^', '_', '`', '{', '|', '}', '~', '"' }; // special chars int index = newPassword.IndexOfAny(anyChars); if (index < 0) { passwordGood = false; retValue += "###At least one Special Character is required: ! # $ % & ( ) * + , . / : < = > ? @ [ \\ ] ^ _ ` { | } ~ \" Characters below cannot be used ' - ; "; } textRestrictions = true; } break; case (int)Enums.CodeCategoryEnum.SitePasswordUpperCaseRequirements: if (rowValue == 1) { char[] anyChars = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O' , 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z' }; // special chars int index = newPassword.IndexOfAny(anyChars); if (index < 0) { passwordGood = false; retValue += "###At least one Upper Case Character is required "; } textRestrictions = true; } break; case (int)Enums.CodeCategoryEnum.SitePasswordNumericRequirements: if (rowValue == 1) { char[] anyChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' }; // special chars int index = newPassword.IndexOfAny(anyChars); if (index < 0) { passwordGood = false; retValue += "###At least one Numeric Character is required "; } textRestrictions = true; } break; } } if (textRestrictions) { char[] anyChars = { 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' }; // special chars int index = newPassword.IndexOfAny(anyChars); if (index < 0) { passwordGood = false; retValue += "###At least one Lower Case Character is required"; } } if (passwordGood) { retValue = ""; } return(retValue); }