protected void ValidateInput(object sender, EventArgs e) { //Handle no email entered if (Email.Text.Trim() == String.Empty) { VerifyFailureText.Text = "Email is required."; Email.Focus(); ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } //Handle no SSN if (SSN.Text.Trim() == String.Empty) { VerifyFailureText.Text = "Please enter the last 4 digits of your SSN."; SSN.Focus(); ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } //Always try to use SSN if it has something in the text box Boolean ssnSuccess = false; if (SSN.Text.Trim() != String.Empty) { String cleanSSN = Regex.Replace(Encoder.HtmlEncode(SSN.Text), "[^0-9]", ""); if (cleanSSN.Length == 4) { using (GetEnrollmentsForAllEmployers gefae = new GetEnrollmentsForAllEmployers()) { gefae.Email = Encoder.HtmlEncode(Email.Text); gefae.LastFour = cleanSSN; gefae.GetFrontEndData(); if (gefae.Tables.Count > 0 && gefae.Tables[0].Rows.Count > 0) { sSSN = cleanSSN; ssnSuccess = true; } } } } if (ssnSuccess) { sUserName = Membership.GetUserNameByEmail(Encoder.HtmlEncode(Email.Text.Trim())); if (String.IsNullOrWhiteSpace(sUserName)) { VerifyFailureText.Text = "User not found."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } else { lblQuestion.Text = Membership.GetUser(Email.Text.Trim()).PasswordQuestion; tblVerify.Visible = pnlVerify.Visible = false; tblReset.Visible = pnlReset.Visible = true; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } } else { VerifyFailureText.Text = "There was an error resetting your password with the information provided.<br />Please double check the information you entered and try again."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } }
protected void ValidateInput(object sender, EventArgs e) { //Handle no email entered if (Email.Text.Trim() == String.Empty) { VerifyFailureText.Text = "Email is required."; Email.Focus(); ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } //Handle no SSN nor Member ID if (SSN.Text.Trim() == String.Empty && MemberID.Text.Trim() == String.Empty) { if (onlySSN) { VerifyFailureText.Text = "Please enter the last 4 digits of your SSN."; SSN.Focus(); } else { VerifyFailureText.Text = "Please enter either the last 4 digits of your SSN or you Member ID."; } ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } //Get the Employer Connection String to validate the user String cnxString = String.Empty; using (GetEmployerConnString gecs = new GetEmployerConnString(empID)) { if (!gecs.HasErrors && gecs.Tables[0].Rows.Count > 0) { cnxString = gecs.ConnectionString; } else { VerifyFailureText.Text = "There was an error validating your enrollment."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); return; } } //Always try to use SSN if it has something in the text box Boolean ssnSuccess = false; if (SSN.Text.Trim() != String.Empty) { String cleanSSN = Regex.Replace(SSN.Text, "[^0-9]", ""); if (cleanSSN.Length == 4) { String query = String.Concat( "SELECT MemberSSN FROM Enrollments WHERE Email = '", Email.Text.Trim(), "'"); using (BaseCCHData b = new BaseCCHData(query, true)) { b.GetData(cnxString); if (!b.HasErrors && b.Tables[0].Rows.Count > 0) { Int32 idFromDB = Convert.ToInt32(b.Tables[0].Rows[0]["MemberSSN"].ToString()); if (idFromDB == Convert.ToInt32(cleanSSN)) { ssnSuccess = true; sSSN = cleanSSN; } } } } } //If nothing was entered into SSN or if SSN validation failed Boolean memberIdSuccess = false; if (!ssnSuccess) { if (MemberID.Text.Trim() != String.Empty) { String cleanMemberID = Regex.Replace(MemberID.Text, "[^0-9]", ""); if (cleanMemberID.Length == 11) { String query = String.Concat( "SELECT MemberMedicalID FROM Enrollments WHERE Email = '", Microsoft.Security.Application.Encoder.HtmlEncode(Email.Text.Trim()), "'"); using (BaseCCHData b = new BaseCCHData(query, true)) { b.GetData(cnxString); if (!b.HasErrors && b.Tables[0].Rows.Count > 0) { Int64 idFromDB = Convert.ToInt64(b.Tables[0].Rows[0]["MemberMedicalID"].ToString()); if (idFromDB == Convert.ToInt64(cleanMemberID)) { memberIdSuccess = true; } } } } } } if (ssnSuccess || memberIdSuccess) { sUserName = Membership.GetUserNameByEmail(Microsoft.Security.Application.Encoder.HtmlEncode(Email.Text.Trim())); if (String.IsNullOrWhiteSpace(sUserName)) { VerifyFailureText.Text = "User not found."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } else { lblQuestion.Text = Membership.GetUser(Microsoft.Security.Application.Encoder.HtmlEncode(Email.Text.Trim())).PasswordQuestion; tblVerify.Visible = pnlVerify.Visible = false; tblReset.Visible = pnlReset.Visible = true; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } } else { VerifyFailureText.Text = "There was an error resetting your password with the information provided.<br />Please double check the information you entered and try again."; ScriptManager.RegisterStartupScript(this, this.GetType(), "ResetCursor", "document.body.style.cursor = 'default';", true); } }