public IHttpActionResult PostPatientVerificaiton([FromBody] PatientVerifiactionRequest request) { PatientVerificationResponse response = new PatientVerificationResponse(); try { if (CommonHelpers.ValidateRequest(request.UserToken)) { if (!request.LogVerificaiton) { DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); DBAgent.AddParameter("@ParamPatientID", request.PatientID); string data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientDetails"); if (data.Length > 0) { DataSet ds = CommonHelpers.GetDataSetFromXml(data); if (ds.Tables.Count > 0) { DataRow dr = ds.Tables[0].Rows[0]; response.PatientFirstName = dr["PatientFirstName"].ToString(); response.PatientLastName = dr["PatientLastName"].ToString(); response.DOB = dr["FormattedDOB"].ToString(); response.MaskedName = dr["MaskedName"].ToString(); response.PhysicianName = dr["PhysicianName"].ToString(); response.AccountNumber = dr["PatientAccountNumber"].ToString(); } else { response.ErrorMessage = "No Data"; } } else { response.ErrorMessage = "No Data"; } } else { DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); DBAgent.AddParameter("@ParamRefID", request.PatientID); DBAgent.AddParameter("@ParamRefType", "PatientInfo"); DBAgent.AddParameter("@ParamAction", "VR"); DBAgent.AddParameter("@ParamComment", "Patient Verificaiton from Mobile App"); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); } } else { response.ErrorMessage = "Invalid Request"; DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); DBAgent.AddParameter("@ParamRefID", request.PatientID); DBAgent.AddParameter("@ParamRefType", "PatientID"); DBAgent.AddParameter("@ParamAction", "IR"); DBAgent.AddParameter("@ParamComment", "Invalid Request from Mobile App - PatientVerification - " + request.UserToken); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); } } catch (Exception ex) { response.ErrorMessage = ex.Message; CommonHelpers.writeLogToFile("API: PostPatientVerificaiton - PatientVerificaitonController.cs", ex.Message + Environment.NewLine + ex.StackTrace); } return(Ok(response)); }
protected void cmdLogin_Click(object sender, EventArgs e) { try { lblErr.Text = ""; bool ValidUser = false; bool TempPassword = false; securityAgent = new CryptoProvider(); DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.AddParameter("@ParamUserName", txtUserName.Value); string data = DBAgent.ExecuteStoredProcedure("dbo.spGetUserDetails"); if (string.IsNullOrEmpty(data)) { ValidUser = false; lblErr.Text = "Invalid Username/Password conbination. Please try again"; DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.AddParameter("@ParamRefID", 0); DBAgent.AddParameter("@ParamRefType", "Users"); DBAgent.AddParameter("@ParamAction", "FL"); DBAgent.AddParameter("@ParamComment", "Login Failed - " + txtUserName.Value); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); } else { DataSet ds = CommonHelpers.GetDataSetFromXml(data); if (ds.Tables.Count > 0) { DataRow dRow = ds.Tables[0].Rows[0]; string upassword = ""; if ((bool.Parse(dRow["IsTempPassword"].ToString()))) { upassword = dRow["Password"].ToString(); TempPassword = true; } else { TempPassword = false; string test = securityAgent.EncryptText("ClarityApp"); upassword = securityAgent.decryptText(dRow["Password"].ToString().Replace(" ", "+")); } if (upassword.Equals(txtPassword.Value)) { DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.AddParameter("@ParamRefID", dRow["LoginID"].ToString()); DBAgent.AddParameter("@ParamRefType", "Users"); DBAgent.AddParameter("@ParamAction", "LI"); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); ValidUser = true; Session["FullName"] = String.Format("{0}, {1}", dRow["LastName"], dRow["FirstName"]); if (!TempPassword) { Session["LoginID"] = dRow["LoginID"].ToString(); Session["UserName"] = dRow["Username"].ToString(); Response.Redirect("Dashboard.aspx", true); } else { Response.Redirect(String.Format("ResetPassword.aspx?UN={0}&UID={1}", securityAgent.EncryptText(txtUserName.Text), securityAgent.EncryptText(dRow["LoginID"].ToString())), true); } } else { ValidUser = false; lblErr.Text = "Invalid Username/Password conbination. Please try again"; DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.AddParameter("@ParamRefID", 0); DBAgent.AddParameter("@ParamRefType", "Users"); DBAgent.AddParameter("@ParamAction", "FL"); DBAgent.AddParameter("@ParamComment", "Login Failed - " + txtUserName.Value); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); } } } } catch (Exception ex) { lblErr.Text = "There was a problem processing your request. Please contact IT."; lblErr.Visible = true; CommonHelpers.writeLogToFile("cmdLogin_Click: Login.aspx", ex.Message); } }
public IHttpActionResult PostPatientQuestionnaire([FromBody] PatientQuestionnaireRequest request) { PatientQuestionnaireResponse response = new PatientQuestionnaireResponse(); try { if (CommonHelpers.ValidateRequest(request.UserToken)) { List <QuestionnaireDetails> QuestionnaireList = new List <QuestionnaireDetails>(); //Assigned Questionnaires DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); DBAgent.AddParameter("@ParamPatientID", request.PatientID); DBAgent.AddParameter("@ParamHistoryList", 0); string data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientQuestionnaireList"); if (data.Length > 0) { DataSet ds = CommonHelpers.GetDataSetFromXml(data); if (ds.Tables.Count > 0) { foreach (DataRow dr in ds.Tables[0].Rows) { QuestionnaireDetails qd = new QuestionnaireDetails(dr["QuestionnaireID"].ToString(), dr["QuestionnaireName"].ToString(), dr["ScheduledDate"].ToString(), dr["Score"].ToString(), dr["RiskCategory"].ToString(), dr["PQID"].ToString()); QuestionnaireList.Add(qd); } } } //Completed Questionnaires DBAgent.ClearParams(); DBAgent.AddParameter("@ParamPatientID", request.PatientID); DBAgent.AddParameter("@ParamHistoryList", 1); data = DBAgent.ExecuteStoredProcedure("dbo.spGetPatientQuestionnaireList"); if (data.Length > 0) { DataSet ds = CommonHelpers.GetDataSetFromXml(data); if (ds.Tables.Count > 0) { foreach (DataRow dr in ds.Tables[0].Rows) { QuestionnaireDetails qd = new QuestionnaireDetails(dr["QuestionnaireID"].ToString(), dr["QuestionnaireName"].ToString(), dr["ScheduledDate"].ToString(), dr["Score"].ToString(), dr["RiskCategory"].ToString(), dr["PQID"].ToString()); QuestionnaireList.Add(qd); } } } if (QuestionnaireList.Count == 0) { response.ErrorMessage = "No Data"; } else { response.QuestionnaireList = QuestionnaireList; } } else { response.ErrorMessage = "Invalid Request"; DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); DBAgent.AddParameter("@ParamRefID", request.PatientID); DBAgent.AddParameter("@ParamRefType", "PatientID"); DBAgent.AddParameter("@ParamAction", "IR"); DBAgent.AddParameter("@ParamComment", "Invalid Request from Mobile App - PatientQuestionnaire - " + request.UserToken); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); } } catch (Exception ex) { response.ErrorMessage = ex.StackTrace; CommonHelpers.writeLogToFile("API: PostPatientQuestionnaire - PatientQuestionnaireController.cs", ex.Message + Environment.NewLine + ex.StackTrace); } return(Ok(response)); }
public IHttpActionResult PostSaveQuestionnaire([FromBody] SaveQuestionnaireRequest request) { SaveQuestionnaireResponse response = new SaveQuestionnaireResponse(); try { if (CommonHelpers.ValidateRequest(request.UserToken)) { DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); List <QuestionDetail> QuestionAnswerList = request.QuestionAnswerList; int Score = 0; foreach (QuestionDetail Qn in QuestionAnswerList) { DBAgent.ClearParams(); DBAgent.AddParameter("@ParamPQID", request.PatientQuestionnaireID); DBAgent.AddParameter("@ParamQuestionID", Qn.QuestionID); int Points = 0; foreach (AnswerDetail An in Qn.QuestionAnswers) { if (An.SelectedAnswer) { Points = An.AnswerPoints; DBAgent.AddParameter("@ParamAnswerID", An.AnswerID); break; } } Score += Points; //Save Answer one by one DBAgent.ExecuteNonQuery("dbo.spAddPatientResponse"); } DBAgent.ClearParams(); DBAgent.AddParameter("@ParamPQID", request.PatientQuestionnaireID); DBAgent.AddParameter("@ParamStartDate", request.QuestionnaireStartDate); DBAgent.AddParameter("@ParamScore", Score); DBAgent.ExecuteNonQuery("dbo.spUpdatePatientQuestionnare"); response.SaveStatus = true; } else { response.ErrorMessage = "Invalid Request"; DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); DBAgent.AddParameter("@ParamRefID", request.PatientQuestionnaireID); DBAgent.AddParameter("@ParamRefType", "PQID"); DBAgent.AddParameter("@ParamAction", "IR"); DBAgent.AddParameter("@ParamComment", "Invalid Request from Mobile App - SaveQuestionnaire - " + request.UserToken); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); } } catch (Exception ex) { response.ErrorMessage = ex.Message; response.SaveStatus = false; CommonHelpers.writeLogToFile("API: PostSaveQuestionnaire - SaveQuestionnaireController.cs", ex.Message + Environment.NewLine + ex.StackTrace); } return(Ok(response)); }
public IHttpActionResult PostStaffLogin([FromBody] StaffAuthenticationRequest request) { StaffAuthenticationResponse response = new StaffAuthenticationResponse(); try { DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.AddParameter("@ParamUserName", request.UserName); string data = DBAgent.ExecuteStoredProcedure("dbo.spGetUserDetails"); if (string.IsNullOrEmpty(data)) { response.ErrorMessage = "Invalid Username/Password conbination. Please try again"; response.IsAuthenticated = false; response.LoginID = -1; DBAgent.ClearParams(); DBAgent.AddParameter("@ParamRefID", 0); DBAgent.AddParameter("@ParamRefType", "Users"); DBAgent.AddParameter("@ParamAction", "FL"); DBAgent.AddParameter("@ParamComment", "Login Failed from Mobile App- " + request.UserName); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); } else { DataSet ds = CommonHelpers.GetDataSetFromXml(data); if (ds.Tables.Count > 0) { securityAgent = new CryptoProvider(); DataRow dRow = ds.Tables[0].Rows[0]; string upassword = securityAgent.decryptText(dRow["Password"].ToString().Replace(" ", "+")); if (upassword.Equals(request.Password)) { DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); DBAgent.AddParameter("@ParamRefID", dRow["LoginID"].ToString()); DBAgent.AddParameter("@ParamRefType", "Users"); DBAgent.AddParameter("@ParamAction", "LI"); DBAgent.AddParameter("@ParamComment", "Successful Login from Mobile App- " + request.UserName); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); response.IsAuthenticated = true; response.UserFirstName = dRow["FirstName"].ToString(); response.UserLastName = dRow["LastName"].ToString(); response.UserToken = ConfigurationManager.AppSettings["UserToken"]; } else { response.IsAuthenticated = false; response.ErrorMessage = "Invalid Username/Password conbination. Please try again"; DBAgent = new DataAccessProvider(DataAccessProvider.ParamType.ServerCredentials, ConfigurationManager.AppSettings["DBServerName"], ConfigurationManager.AppSettings["DBUserName"], ConfigurationManager.AppSettings["DBPassword"]); DBAgent.ClearParams(); DBAgent.AddParameter("@ParamRefID", 0); DBAgent.AddParameter("@ParamRefType", "Users"); DBAgent.AddParameter("@ParamAction", "FL"); DBAgent.AddParameter("@ParamComment", "Login Failed from Mobile App- " + request.UserName); DBAgent.ExecuteNonQuery("dbo.spAddUserAction"); } } } } catch (Exception ex) { response.ErrorMessage = ex.Message; response.IsAuthenticated = false; CommonHelpers.writeLogToFile("API: PostStaffLogin - StaffLoginController.cs", ex.Message + Environment.NewLine + ex.StackTrace); } return(Ok(response)); }