I have define the employee userID at the login page in order to save the development time. At the login page there is a button called 'Reset Password'. The process is that when I click on the reset button, the password inside the database will become NULL for that userID. I have manage to call the userID, but do not know how to set the password to become NULL.
Below is my code for the process flow.
Employee emp = null;
string src = "07070";
if (TransState.GetType() == typeof(EnterUserId) || TransState.GetType() == typeof(EnterPassword))
{
if (Auth.GetEmpoyeeClassByBarcode(src, out emp) == 1)
{
// set the ui button fo successful user login
int x = LoginCheckBarcode(src, out emp);
// loadTask(auth);
// Direct to login menu
Param.Operation = Constant.LOGIN;
ChangeState(typeof(TaskSelected));
return 1;
}
else
{
return 0;
}
}
You need to have some extra validation other than just deleting the password otherwise anyone could just reset and delete the password and proceed to log in.
That being said, to change the password you would need to query your database which I assume is sql server since you list Winforms.
UPDATE table
SET password = value
WHERE userID = value
;
Related
I am developing a login application which save username and password using Shared Preferences in Xamarin Android (C#). Firstly, I get the username and password value from web service and then I check the value. If in my local db (sqlite) doesn't have the value so, I update the data with the newest one from web service. After that, I store the user ID by using my custom sqlite function to get the user ID with username and password.
So far, I can parse the Json Object from my web service and assign them into variables. But, I found something strange that, my parsed json object item can't be saved in my shared preferences. I've been 3 days searching and researching from internet but, I didn't find anything. I almost give up, guys. Would you like to help me? I would appreciate the helps.
Here what I did to my app.
I made utilities folder which save my essentials class. I made LoginSession class which save property of user now.
in my main activity
private void MyBtnLogin(object aSender, System.EventArgs e)
{
try
{
System.Net.Http.HttpClient client= new System.Net.Http.HttpClient();
System.Threading.Tasks.Task.Run(async () =>
{
string response = await _httpClient.GetStringAsync($"http://yourjson.com/{fix_email_value}");
JObject parsedObject = JObject.Parse(response);
int userID = parsedObject .Value<int>("ID");
string userEmail = _parsedResponseObject.Value<string>("Email");
string userPassword = _parsedResponseObject.Value<string>("Password");
List<User> lists= User.GetUserList(userID);
User updatedvalue= (from a in lists where a.Email == userEmail && a.Password == userPassword select a).FirstOrDefault();
if (updatedvalue== null)
{
updatedvalue= new User();
updatedvalue.ID = userID;
updatedvalue.Email = userEmail;
updatedvalue.Password = userPassword;
updatedvalue.StoreOrChange();
RunOnUiThread(() =>
{
SharedPref.UserIDNow= userID;
LoginSession.UserNow= User.GetID(userID);
});
} }
});
StartActivity(typeof(NextPage));
Finish();
}
and I retrieve the value in the next activity using SharedPref.UserIDNow to retrieve the user ID. I put the SharedPref.UserIDNow inside my static function to get current User ID
What am i missing? Everytime when I launch and login, after login the app closed like log out! and the value returns -22. Btw, -22 is a default value of my shared preference. I think it must be the ID of the User. Please help me :(
I test with your code , it works with no problem .
Some suggestions to troubleshoot .
Debug your code (add breakpoint) to check if SharedPref.UserIDNow= userID; has been executed , and also remove RunOnUiThread method ,you don't need to wrap code into it unless UI elements gets changed .
Use default SharedPreferences ,change preference as
private static ISharedPreferences preference = PreferenceManager.GetDefaultSharedPreferences(Application.Context);
Use Commit instead of Apply method on ISharedPreferencesEditor,Apply is asynchronous method which means if you read value too early ,you would get default value at that time .
I have a Web Forms application that does not have a login page. Technically a user can access any page directly. However, I need to be able to identify who the logged-in user is on each page. I don't want to add code to each page. I would rather set a unique session variable at the start of the session. For this I added into my Global.asax.cs the following:
protected void Session_Start(object sender, EventArgs e)
{
if (Session["LoggedInUser"] == null)
{
string networkId = HttpContext.Current.User.Identity.Name;
using (UnitOfWork unit = new UnitOfWork())
{
if (networkId.IndexOf("HLM\\") > -1) { networkId = networkId.Substring(4, networkId.Length - 4); }
loggedInUser = unit.PersonRepository.GetByNetworkID(networkId);
Session["LoggedInUser"] = loggedInUser;
}
}
else
{
loggedInUser = (Person)Session["LoggedInUser"];
}
}
I now see that it sets the loggedInUser to whatever user last created a session. Meaning, if Mike goes to the site he will see data that represents him as the loggedInUser. However, if Kate goes to the site after him, Mike will now see Kate's data. Basically, the last one in overwrites everyone's settings and Session_Start is overwriting the value for loggedInUser for all active Sessions.
Based on this link: https://books.google.com/books?id=nQkyi4i0te0C&pg=PA202&lpg=PA202&dq=C%23+set+unique+session+variable+in+global.asax&source=bl&ots=GV9nlEUzE5&sig=E4TT3NDbjp1GwEehgU3pLXKdvr0&hl=en&sa=X&ved=0ahUKEwiU9f322tvSAhVF7yYKHYaXCtwQ6AEITzAI#v=onepage&q=C%23%20set%20unique%20session%20variable%20in%20global.asax&f=false
It reads that I should be able to set unique session variables for each new session but my results don't show that.
Am I misunderstanding how this works? I need to set a unique session value at the beginning of each session for each user.
I found the issue. The Session_Start is doing what is supposed to at a unique session level. The way I was referencing the session value was all wrong. Instead of accessing the session value I was actually doing:
Person loggedInUser = Global.loggedInUser;
Which makes sense that it was returning the latest user to start a session.
I am working on a password change method, this view is enforced by one of many conditions. The first condition is if the LastLoggedin field in the database is null. I have this field set to null in my test database to force the password change events.
I have coded a method to change the password after performing some tests, but I cannot get past the first test because the controller method that the click event calls returns the user back to the log on method, which in turns checks the LastLoggedin field in the database which is still null because I have not yet logged in. I tried to change that value from within my change password method using the following code:
public bool SavePassword(UserModel user, PasswordRecoveryModel password)
{
try
{
string newPass = password.PasswordNew;
string newHash = PasswordManager.EncryptPassword(newPass);
User domainObject = UnitOfWork.UserRepository.GetItem(user.EntityId);
bool hasUsedPassword = UnitOfWork.UserRepository.HasHadPassword(domainObject, newHash, DateTime.Now.AddMonths(-6));
if (hasUsedPassword.Equals(true))
{
return true;
}
User lastLogged = UnitOfWork.UserRepository.GetItem(user.EntityId);
lastLogged.LastLoggedIn = DateTime.Now;
lastLogged.VerifiedOn = DateTime.Now;
UnitOfWork.UserRepository.Update(lastLogged);
lastLogged.VerifiedOn.Equals(DateTime.Now);
lastLogged.LastLoggedIn.Equals(DateTime.Now);
user.Password = newHash;
user = SaveModel(UnitOfWork.UserRepository,
user,
Mapper.User.ModelToDomain,
Mapper.User.DomainToUserModel);
CommitTransaction();
return false;
}
catch (Exception ex)
{
OnServiceException(ex);
throw;
}
}
But I am still not getting anything other than the new password saved in the database, I am verifying this by running a query on my username. How do I update this field so I can get by this test on password change, and is it even acceptable to do this? In our old product it was done in a very complex manner creating a temporary user object ant using that to get past the test and on to the next test. I am trying to simplify the process.
I am new to MVC and programming in general any help would be appreciated.
EDIT found my problem, as usual over thinking the issue, here is the updated code:
if (hasUsedPassword.Equals(true))
{
return false;
}
user.LastLoggedIn = DateTime.Now.ToString();
user.Password = newHash;
user = SaveModel(UnitOfWork.UserRepository,
user,
Mapper.User.ModelToDomain,
Mapper.User.DomainToUserModel);
CommitTransaction();
return true;
Our currently logged in user info is inside the PBM project while our search class is inside web.
so we can not access utiltiy class from web
we will be need of to write loggedin user info in temporary storage of silverlight-
This comes into play when I want to display only those records that the user has entered.
Here in this code I can do that with a search as well:
// search by user logged in has to be done - userid 1 hard coded
pSearchQuery = pSearchQuery.Where(item => item.AddedBy == 1);
How do I go about setting up this storage area in Silverlight? Note security is not a major concern in this app.
Here is code how I display patients. the user can do a search by first or last name or gender. here I would add filter to ensure that user sees only his/her patients.
namespace PBM.Web.Classes
{
public class Search
{
public static IQueryable GetSearchQueryPatient(IQueryable pSearchQuery, Patient pPatient)
{
if (!string.IsNullOrEmpty(pPatient.FirstName))
{
pSearchQuery = pSearchQuery.Where(item => item.FirstName.Contains(pPatient.FirstName)) ;
}
if (!string.IsNullOrEmpty(pPatient.LastName))
{
pSearchQuery = pSearchQuery.Where(item => item.LastName.Contains(pPatient.LastName));
}
if (pPatient.Gender.HasValue && pPatient.Gender.Value > 0)
{
pSearchQuery = pSearchQuery.Where(item => item.Gender.Value == pPatient.Gender.Value);
}
// search by user logged in has to be done - need to write user loggedin to a silverlight storage area and compare here to Addedby which is what we call the user owner of the patient record. current set to 1.
pSearchQuery = pSearchQuery.Where(item => item.AddedBy == 1);
pSearchQuery = pSearchQuery.OrderBy(item => item.FirstName).ThenBy(item => item.LastName);
return pSearchQuery;
You could store your user id in the session... this should be accessable from booth worlds... or should take a look at the html bridge for silverlight.
http://www.silverlight.net/learn/overview/working-with-javascript/html-bridge-(silverlight-quickstart)
Or google for some Javascript/Silverlight Interop...
Don't know if I understand you correct, if not please provide some additional information or add code example...
i have an asp.net webform where the user can enter data and submit into a database table on sql-server-2008
the user picks the primary key of the record he wants to edit by going to the URL http://someurl/default.aspx?primarykey=123
based on the primary key the webform is succesfully filled out
the user can make changes to any data and resubmit it to be updated in the database for that specific PK
here is how i grab data from the userform:
public LOMDLL.Main_Lom_Form PopulateMainForm()
{
//populate class
LOMDLL.Main_Lom_Form TheForm = new LOMDLL.Main_Lom_Form();
try
{
TheForm.received_date = received_dateTextbox.Text.ToDateTime();
TheForm.site_of_occurrence = site_of_occurrenceTextBox.Text.ToUpper();
TheForm.occurrence_date = occurrence_dateTextBox.Text.ToDateTime();
TheForm.report_by = report_byTextBox.Text;
if (RadioButtonList1.SelectedValue != "Other:")
TheForm.identified_by = RadioButtonList1.SelectedValue;
else
TheForm.identified_by = "Other: " + otherTextBox.Text;
TheForm.practice_code = txtPracticeCode.Text.ToUpper();
TheForm.comments = txtComments.Text;
TheForm.report_date = report_dateTextBox.Text.ToDateTime();
//TheForm.windows_user = WindowsIdentity.GetCurrent().Name;
TheForm.windows_user = HttpContext.Current.User.Identity.Name.ToString();
TheForm.computer_name = System.Environment.MachineName;
TheForm.time_stamp = DateTime.Now;
}
catch (Exception e)
{
}
return TheForm;
}
it is returning OLD data. it returns what was in the fields BEFORE the user updated the data in the textboxes.
another words when i debug, and i look at the values that are being stored in the textboxes they DO NOT reflect the changes made by the user. the values are the same as they are currently in the database before the update!
what am i doing wrong?
is there some kind of disconnect between client and server?
I would check your bindings when you load the page. Chances are you are re-binding your page from your database before you try to read the changed values.
Check your Page_Load and make sure you are only binding your page with database information when !Page.IsPostBack and not every time you load your page.