示例#1
0
    //public bool ValidateUser(string username, string encryptedPassword)
    //{
    //    string message = string.Empty;
    //    DBFilter filter = new DBFilter();
    //    filter.add(new Match("LoginID", username));
    //    filter.add(new Match("UserAccountStatus", "<>", "D"));
    //    ArrayList list = EUser.db.select(dbConn, filter);
    //    if (list.Count == 0)
    //    {
    //        message = "Invalid User Name or Password";
    //        throw new Exception(message);
    //        return;
    //    }
    //    EUser user = (EUser)list[0];
    //    if (user.UserPassword == null)
    //        user.UserPassword = "";
    //    if (!(user.UserAccountStatus == "A"))
    //    {
    //        message = "Account is Inactive/Locked";
    //        throw new Exception(message);
    //        return;
    //    }

    //    if (!user.UserPassword.Equals(encryptedPassword))
    //    {
    //        message = "Invalid User Name or Password";
    //        user.FailCount++;
    //        string maxFailCountParameterString = ESystemParameter.getParameter(ESystemParameter.PARAM_CODE_LOGIN_MAX_FAIL_COUNT);
    //        if (!maxFailCountParameterString.Equals(string.Empty))
    //        {
    //            int MaxFailCount = 0;
    //            if (int.TryParse(maxFailCountParameterString, out MaxFailCount))
    //                if (MaxFailCount > 0)
    //                    if (user.FailCount >= MaxFailCount)
    //                    {
    //                        user.UserAccountStatus = "I";
    //                        user.FailCount = 0;
    //                    }
    //                    else if (user.FailCount - MaxFailCount == 1)
    //                    {
    //                        message += "\r\n" + "The account will be locked if you fail to login 1 more time";
    //                    }

    //        }
    //        EUser.db.update(dbConn, user);
    //        throw new Exception(message);
    //        return;
    //    }

    //    Session["User"] = user;

    //    WebUtils.SetSessionLanguage(Session, user);

    //    user.FailCount = 0;
    //    EUser.db.update(dbConn, user);
    //    //WebUtils.RefreshPermission(Session);
    //    bool isForceChangePassword = false;

    //    if (user.UserChangePasswordUnit == "D")
    //    {
    //        if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddDays(user.UserChangePasswordPeriod))
    //            isForceChangePassword = false;
    //        else
    //            isForceChangePassword = true;
    //    }
    //    else if (user.UserChangePasswordUnit == "M")
    //    {
    //        if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddMonths(user.UserChangePasswordPeriod))
    //            isForceChangePassword = false;
    //        else
    //            isForceChangePassword = true;
    //    }
    //    else if (user.UserChangePasswordUnit == "Y")
    //    {
    //        if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddYears(user.UserChangePasswordPeriod))
    //            isForceChangePassword = false;
    //        else
    //            isForceChangePassword = true;
    //    }
    //    else
    //        isForceChangePassword = false;
    //    if (user.UserChangePassword)
    //        isForceChangePassword = true;

    //    //EInbox.GenerateInboxMessage(user.UserID);
    //    if (isForceChangePassword)
    //        Session["ForceChangePassword"] = true;
    //    if (Session["LastURL"] != null)
    //        Response.Redirect(Session["LastURL"].ToString());
    //    else
    //        HROne.Common.WebUtility.RedirectURLwithEncryptedQueryString(Response, Session, "Emp_List.aspx");

    //}

    protected void Login_Click(object sender, EventArgs e)
    {
        HROne.Lib.Entities.EUser user = null;

        Session.Clear();

        HROne.DataAccess.DatabaseConnection  mainDBConn = null;
        HROne.SaaS.Entities.ECompanyDatabase companyDB  = null;
        bool   hasError = false;
        string message  = string.Empty;

        // always check whether companyDB exists after click
        if (Application["MasterDBConfig"] != null)
        {
            DatabaseConfig masterDBConfig = (DatabaseConfig)Application["MasterDBConfig"];
            HROne.DataAccess.DatabaseConnection masterDBConn = masterDBConfig.CreateDatabaseConnectionObject();
            DBFilter companyDatabaseFilter = new DBFilter();
            companyDatabaseFilter.add(new Match("CompanyDBClientCode", txtCustomerID.Text));
            ArrayList companyDatabaseList = HROne.SaaS.Entities.ECompanyDatabase.db.select(masterDBConn, companyDatabaseFilter);
            if (companyDatabaseList.Count > 0)
            {
                companyDB = (HROne.SaaS.Entities.ECompanyDatabase)companyDatabaseList[0];

                DatabaseConfig tempDBConfig = new DatabaseConfig();
                tempDBConfig.ConnectionString = companyDB.getConnectionString(masterDBConn);
                tempDBConfig.DBType           = WebUtils.DBTypeEmun.MSSQL;

                if (tempDBConfig.TestConnection())
                {
                    mainDBConn = tempDBConfig.CreateDatabaseConnectionObject();

                    HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTKEY, companyDB.CompanyDBProductKey);
                    HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTFEATURECODE, companyDB.getProductFeatureCode(masterDBConn));

                    string[] smtpParameterList = new string[]
                    {
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SERVER_NAME,
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PORT,
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_USERNAME,
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_ENABLE_SSL,
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SMTP_OUTGOING_EMAIL_ADDRESS
                    };
                    foreach (string smptParameter in smtpParameterList)
                    {
                        HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, smptParameter, HROne.SaaS.Entities.ESystemParameter.getParameter(masterDBConn, smptParameter));
                    }
                    HROne.Lib.Entities.ESystemParameter.setParameterWithEncryption(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD
                                                                                   , HROne.SaaS.Entities.ESystemParameter.getParameterWithEncryption(masterDBConn, HROne.SaaS.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD));
                }
                else
                {
                    if (HROne.DataAccess.DBAESEncryptStringFieldAttribute.InvalidRSAKey)
                    {
                        HttpRuntime.UnloadAppDomain();
                    }
                }
            }
        }
        else
        {
            mainDBConn = WebUtils.GetDatabaseConnection();
            if (mainDBConn == null)
            {
                if (multiDBRow.Visible)
                {
                    int idx;
                    if (int.TryParse(cboDatabase.SelectedValue, out idx))
                    {
                        HROneConfig    config   = HROneConfig.GetCurrentHROneConfig();
                        DatabaseConfig dbconfig = config.DatabaseConfigList[idx];
                        if (dbconfig.TestConnection())
                        {
                            mainDBConn = dbconfig.CreateDatabaseConnectionObject();
                        }
                        else
                        {
                            ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"Fail to connect database\");", true);
                            return;
                        }
                    }
                }
            }
        }
        if (mainDBConn != null)
        {
            WebUtils.SetSessionDatabaseConnection(Session, mainDBConn);
        }

        HROne.ProductLicense productLicense = WebUtils.productLicense(Session);
        if (productLicense != null)
        {
            if (companyDB == null && productLicense.ProductType == HROne.ProductLicense.ProductLicenseType.HROneSaaS)
            {
                productLicense.LoadProductKey(string.Empty);
            }
        }

        if (mainDBConn == null && companyDB != null)
        {
            hasError = true;
            message  = "Fail to connect to database. Please contact to customer service.";
        }
        if (!hasError)
        {
            try
            {
                WebUtils.ValidateUser(mainDBConn, Username.Text, HROne.CommonLib.Hash.PasswordHash(Password.Text), true, true, out user);
            }
            catch (Exception ex)
            {
                hasError = true;
                message  = ex.Message;
            }
            // Check the database status after login is verified
            if (companyDB != null && !hasError)
            {
                if (!companyDB.CompanyDBIsActive)
                {
                    hasError = true;
                    message  = "Subscribed service has been expired; please contact customer service hotline for assistant.";
                }
            }

            if (!hasError)
            {
                //  Create Login Audit for successfully login
                HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, user.UserID, Username.Text, Request, AppUtils.ServerDateTime(), false, string.Empty);
                Session["LoginID"]           = user.LoginID;
                Session["PasswordEncrypted"] = user.UserPassword;
                if (companyDB != null)
                {
                    Session["CompanyDBID"] = companyDB.CompanyDBID;
                }

                if (mainDBConn is HROne.DataAccess.DatabaseConnectionWithAudit)
                {
                    ((HROne.DataAccess.DatabaseConnectionWithAudit)mainDBConn).UserID = user.UserID;
                }
                WebUtils.SetSessionLanguage(Session, user);

                //WebUtils.RefreshPermission(Session);
                bool isForceChangePassword = false;

                if (user.UserChangePasswordUnit == "D")
                {
                    if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddDays(user.UserChangePasswordPeriod))
                    {
                        isForceChangePassword = false;
                    }
                    else
                    {
                        isForceChangePassword = true;
                    }
                }
                else if (user.UserChangePasswordUnit == "M")
                {
                    if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddMonths(user.UserChangePasswordPeriod))
                    {
                        isForceChangePassword = false;
                    }
                    else
                    {
                        isForceChangePassword = true;
                    }
                }
                else if (user.UserChangePasswordUnit == "Y")
                {
                    if (AppUtils.ServerDateTime() < user.UserChangePasswordDate.AddYears(user.UserChangePasswordPeriod))
                    {
                        isForceChangePassword = false;
                    }
                    else
                    {
                        isForceChangePassword = true;
                    }
                }
                else
                {
                    isForceChangePassword = false;
                }
                if (user.UserChangePassword)
                {
                    isForceChangePassword = true;
                }

                //EInbox.GenerateInboxMessage(user.UserID);
                if (isForceChangePassword)
                {
                    Session["ForceChangePassword"] = true;
                }

                WebUtils.SetSessionLanguage(Session, WebUtils.GetCurUser(Session));
                //RegenerateSessionId();
                HROne.Lib.Entities.EInbox.DeleteAllDeletedUserID(mainDBConn);
                HROne.Common.WebUtility.RedirectURLwithEncryptedQueryString(Response, Session, "~/Default.aspx?LastURL=" + DecryptedRequest["LastURL"]);
            }
        }
        //  Remove all item for release session
        Session.Clear();
        Request.Cookies.Remove(HROne.Common.WebUtility.getDefaultSessionCookieName());
        //if (companyDB != null)
        //{
        //    Session.Remove("DatabaseConnection");
        //}
        {
            //  Create Login Audit for fail login
            if (user != null)
            {
                HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, user.UserID, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
            }
            else
            {
                HROne.Lib.Entities.ELoginAudit.CreateLoginAudit(mainDBConn, 0, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
            }

            message = message.Replace("\\", "\\\\").Replace("\r", "\\r").Replace("\n", "\\n").Replace("\"", "\\\"");
            message = message.Replace(HROne.Common.WebUtility.GetLocalizedString("validate.prompt"), "");
            ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"" + message + "\");", true);
            System.Threading.Thread.Sleep(1000);
        }
    }
示例#2
0
    protected void Login_Click(object sender, EventArgs e)
    {
        EESSUser user = null;

        Session.Clear();

        HROne.DataAccess.DatabaseConnection  mainDBConn = null;
        HROne.SaaS.Entities.ECompanyDatabase companyDB  = null;
        bool   hasError = false;
        string message  = string.Empty;

        // always check whether companyDB exists after click
        if (Application["MasterDBConfig"] != null)
        {
            DatabaseConfig masterDBConfig = (DatabaseConfig)Application["MasterDBConfig"];
            HROne.DataAccess.DatabaseConnection masterDBConn = masterDBConfig.CreateDatabaseConnectionObject();
            DBFilter companyDatabaseFilter = new DBFilter();
            companyDatabaseFilter.add(new Match("CompanyDBClientCode", txtCustomerID.Text));
            ArrayList companyDatabaseList = HROne.SaaS.Entities.ECompanyDatabase.db.select(masterDBConn, companyDatabaseFilter);
            if (companyDatabaseList.Count > 0)
            {
                companyDB = (HROne.SaaS.Entities.ECompanyDatabase)companyDatabaseList[0];

                DatabaseConfig tempDBConfig = new DatabaseConfig();
                tempDBConfig.ConnectionString = companyDB.getConnectionString(masterDBConn);
                tempDBConfig.DBType           = WebUtils.DBTypeEmun.MSSQL;

                if (tempDBConfig.TestConnection())
                {
                    mainDBConn = tempDBConfig.CreateDatabaseConnectionObject();

                    HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTKEY, companyDB.CompanyDBProductKey);
                    HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_PRODUCTFEATURECODE, companyDB.getProductFeatureCode(masterDBConn));

                    string[] smtpParameterList = new string[]
                    {
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SERVER_NAME,
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PORT,
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_USERNAME,
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_ENABLE_SSL,
                        HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_SMTP_OUTGOING_EMAIL_ADDRESS
                    };
                    foreach (string smptParameter in smtpParameterList)
                    {
                        HROne.Lib.Entities.ESystemParameter.setParameter(mainDBConn, smptParameter, ESystemParameter.getParameter(masterDBConn, smptParameter));
                    }
                    HROne.Lib.Entities.ESystemParameter.setParameterWithEncryption(mainDBConn, HROne.Lib.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD
                                                                                   , HROne.SaaS.Entities.ESystemParameter.getParameterWithEncryption(masterDBConn, HROne.SaaS.Entities.ESystemParameter.PARAM_CODE_SMTP_PASSWORD));
                }
                else
                {
                    if (HROne.DataAccess.DBAESEncryptStringFieldAttribute.InvalidRSAKey)
                    {
                        HttpRuntime.UnloadAppDomain();
                    }
                }
            }
        }
        else
        {
            mainDBConn = WebUtils.GetDatabaseConnection();
            if (mainDBConn == null)
            {
                if (multiDBRow.Visible)
                {
                    int idx;
                    if (int.TryParse(cboDatabase.SelectedValue, out idx))
                    {
                        HROneConfig    config   = HROneConfig.GetCurrentHROneConfig();
                        DatabaseConfig dbconfig = config.DatabaseConfigList[idx];
                        if (dbconfig.TestConnection())
                        {
                            mainDBConn = dbconfig.CreateDatabaseConnectionObject();
                        }
                        else
                        {
                            ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"Fail to connect database\");", true);
                            return;
                        }
                    }
                }
            }
        }
        if (mainDBConn != null)
        {
            WebUtils.SetSessionDatabaseConnection(Session, mainDBConn);
        }

        HROne.ProductLicense productLicense = WebUtils.productLicense(Session);
        if (productLicense != null)
        {
            if (companyDB == null && productLicense.ProductType == HROne.ProductLicense.ProductLicenseType.HROneSaaS)
            {
                productLicense.LoadProductKey(string.Empty);
            }
        }

        if (mainDBConn == null && companyDB != null)
        {
            hasError = true;
            message  = "Fail to connect to database. Please contact to customer service.";
        }
        if (!hasError)
        {
            bool ChangePassword = false;
            try
            {
                WebUtils.ValidateUser(mainDBConn, Username.Text, HROne.CommonLib.Hash.PasswordHash(Password.Text), true, out ChangePassword, out user);
            }
            catch (Exception ex)
            {
                hasError = true;
                message  = ex.Message;
            }
            // copy from GAP customization, checking Active Directory ID
            if (user != null)
            {
                DBFilter ADIDFilter = new DBFilter();
                ADIDFilter.add(new Match("EmpExtraFieldName", "AD ID"));
                DBFilter ADIDValueFilter = new DBFilter();
                ADIDValueFilter.add(new IN("EmpExtraFieldID", "Select EmpExtraFieldID from " + EEmpExtraField.db.dbclass.tableName, ADIDFilter));
                ADIDValueFilter.add(new Match("EmpID", user.EmpID));

                ArrayList ADIDList = EEmpExtraFieldValue.db.select(dbConn, ADIDValueFilter);
                if (ADIDList.Count > 0)
                {
                    string remoteUser = Request.ServerVariables["REMOTE_USER"].Trim();
                    string ADID       = ((EEmpExtraFieldValue)ADIDList[0]).EmpExtraFieldValue.Trim();

                    if (!remoteUser.Equals(ADID, StringComparison.CurrentCultureIgnoreCase) && !remoteUser.EndsWith("\\" + ADID, StringComparison.CurrentCultureIgnoreCase) && !remoteUser.EndsWith("/" + ADID, StringComparison.CurrentCultureIgnoreCase))
                    {
                        hasError = true;
                        message  = "This PC is not logged with your network ID!";
                    }
                }
            }
            if (companyDB != null && !hasError)
            {
                if (!companyDB.CompanyDBIsActive)
                {
                    hasError = true;
                    message  = "Subscribed service has been expired; please contact customer service hotline for assistant.";
                }
                if (!productLicense.IsESS)
                {
                    hasError = true;
                    message  = "You are NOT subscribed the service.";
                }
            }

            if (!hasError)
            {
                HROne.Lib.Entities.EESSLoginAudit.CreateLoginAudit(mainDBConn, user.EmpID, Username.Text, Request, AppUtils.ServerDateTime(), false, string.Empty);

                // ADD the Session "User" Value is user
                Session["User"] = user;

                if (ChangePassword)
                {
                    Session.Add("ForceChangePassword", true);
                }
                WebUtils.SetSessionLanguage(Session, user);
                HROne.Common.WebUtility.RedirectURLwithEncryptedQueryString(Response, Session, "~/Default.aspx?LastURL=" + DecryptedRequest["LastURL"]);
            }
        }
        //  Remove all item for release session
        Session.Clear();
        Request.Cookies.Remove(HROne.Common.WebUtility.getDefaultSessionCookieName());
        //if (companyDB != null)
        //{
        //    Session.Remove("DatabaseConnection");
        //}
        {
            if (user != null)
            {
                HROne.Lib.Entities.EESSLoginAudit.CreateLoginAudit(mainDBConn, user.EmpID, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
            }
            else
            {
                HROne.Lib.Entities.EESSLoginAudit.CreateLoginAudit(mainDBConn, 0, Username.Text, Request, AppUtils.ServerDateTime(), true, message);
            }

            //message = message.Replace("\\", "\\\\").Replace("\r", "\\r").Replace("\n", "\\n").Replace("\"", "\\\"");
            //message = message.Replace(HROne.Common.WebUtility.GetLocalizedString("validate.prompt"), "");
            //ScriptManager.RegisterStartupScript(this, this.GetType(), "errorMessage", "alert(\"" + message + "\");", true);
            Prompt.Text = message;
            System.Threading.Thread.Sleep(1000);
        }
    }
示例#3
0
    protected void OK_Click(object sender, EventArgs e)
    {
        if (string.IsNullOrEmpty(txtProductKey.Text) && string.IsNullOrEmpty(txtTrialKey.Text))
        {
            return;
        }
        HROne.ProductLicense productKey = new HROne.ProductLicense();
        productKey.LoadProductLicense(dbConn);
        bool IsRedirect = true;

        if (!string.IsNullOrEmpty(txtProductKey.Text))
        {
            productKey.LoadProductKey(txtProductKey.Text);
            if (productKey.IsValidProductKey)
            {
                //if (!txtProductKey.Text.Equals(ESystemParameter.getParameter(ESystemParameter.PARAM_CODE_PRODUCTKEY), StringComparison.CurrentCultureIgnoreCase))
                //{
                //}
                //else
                //{
                //    if (AppUtils.ServerDateTime().Date > WebUtils.getLastTrialDate())
                //    {
                //        Prompt.Text = "Trial Period Expiry";
                //        return;
                //    }

                //}
                Session["TrialVersion"] = false;
            }
            else
            {
                Prompt.Text += "Invalid Product Key.<br/>";
                IsRedirect   = false;
            }
        }
        if (!string.IsNullOrEmpty(txtTrialKey.Text))
        {
            string trialKey = txtTrialKey.Text;
            productKey.LoadTrialKey(trialKey, dbConn);
            if (productKey.TrialKey == string.Empty)
            {
                Prompt.Text += "Invalid Trial Key.<br/>";
                IsRedirect   = false;
            }
            else
            {
                if (Session["TrialVersion"] == null)
                {
                    Session["TrialVersion"] = true;
                }
            }
        }
        if (!string.IsNullOrEmpty(txtAuthorizationCode.Text))
        {
            if (!productKey.IsValidAuthorizationCode(txtAuthorizationCode.Text))
            {
                Prompt.Text += "Invalid Authorization Code.<br/>";
                IsRedirect   = false;
            }
        }
        if (IsRedirect)
        {
            productKey.SaveProductLicense(dbConn);

            //  reset the connection for new key
            WebUtils.SetSessionDatabaseConnection(Session, dbConn);
            Response.Redirect(PreviousURL.Value);
        }
    }