-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrecovery.vb
165 lines (139 loc) · 6.88 KB
/
recovery.vb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
Imports System.Data.SqlClient
Imports System.Security.Cryptography
Imports System.Text
Imports System.Windows.Forms
Imports System.Configuration
Imports System.Drawing
Public Class recovery
Private mouseX As Integer
Private mouseY As Integer
Private isDragging As Boolean = False
Private generatedOtp As String = String.Empty
Private userEmail As String = String.Empty
' Enable form dragging
Private Sub recovery_MouseDown(sender As Object, e As MouseEventArgs) Handles Me.MouseDown
If e.Button = MouseButtons.Left Then
isDragging = True
mouseX = e.X
mouseY = e.Y
End If
End Sub
Private Sub recovery_MouseMove(sender As Object, e As MouseEventArgs) Handles Me.MouseMove
If isDragging Then
Me.Location = New Point(Me.Location.X + e.X - mouseX, Me.Location.Y + e.Y - mouseY)
End If
End Sub
Private Sub recovery_MouseUp(sender As Object, e As MouseEventArgs) Handles Me.MouseUp
isDragging = False
End Sub
' Handle email placeholder behavior
Private Sub addVemail_Enter(sender As Object, e As EventArgs) Handles addVemail.Enter
If addVemail.Text = "Enter your email" Then
addVemail.Text = ""
addVemail.ForeColor = Color.White
End If
End Sub
Private Sub addVemail_Leave(sender As Object, e As EventArgs) Handles addVemail.Leave
If String.IsNullOrWhiteSpace(addVemail.Text) Then
addVemail.Text = "Enter your email"
addVemail.ForeColor = Color.Gray
End If
End Sub
Private Sub recovery_Load(sender As Object, e As EventArgs) Handles MyBase.Load
addVemail.Text = "Enter your email"
addVemail.ForeColor = Color.Gray
End Sub
' Generate OTP and reset password logic
Private Sub getCode_Click(sender As Object, e As EventArgs) Handles getCode.Click
userEmail = addVemail.Text.Trim()
If String.IsNullOrWhiteSpace(userEmail) OrElse userEmail = "Enter your email" Then
MessageBox.Show("Please enter a valid email.", "Input Error", MessageBoxButtons.OK, MessageBoxIcon.Warning)
Return
End If
' Step 1: Verify the email exists in the database
Dim connectionString As String = ConfigurationManager.ConnectionStrings("nobleAuction.My.MySettings.NAconnect").ConnectionString
Dim query As String = "SELECT COUNT(1) FROM Users WHERE Email = @Email"
Using conn As New SqlConnection(connectionString)
Using cmd As New SqlCommand(query, conn)
cmd.Parameters.AddWithValue("@Email", userEmail)
Try
conn.Open()
Dim emailExists As Integer = Convert.ToInt32(cmd.ExecuteScalar())
If emailExists = 1 Then
' Step 2: Generate OTP
generatedOtp = GenerateOTP()
' Copy OTP to clipboard
Clipboard.SetText(generatedOtp)
' Step 3: Show balloon notification with OTP information
Dim notifyIcon As New NotifyIcon()
notifyIcon.Icon = SystemIcons.Information
notifyIcon.Visible = True
notifyIcon.BalloonTipTitle = "OTP Copied"
notifyIcon.BalloonTipText = "Your OTP has been copied to the clipboard."
notifyIcon.ShowBalloonTip(3000)
' Step 4: Prompt user to enter OTP
Dim enteredOtp As String = InputBox("Enter the OTP sent to your email:", "Verify OTP")
If enteredOtp = generatedOtp Then
' Step 5: Prompt for new password
Dim newPassword As String = InputBox("Enter your new password:", "Reset Password")
If Not String.IsNullOrWhiteSpace(newPassword) Then
' Step 6: Hash the new password and update the database
Dim hashedPassword As String = HashPassword(newPassword)
ResetPassword(hashedPassword)
MessageBox.Show("Password reset successfully.", "Success", MessageBoxButtons.OK, MessageBoxIcon.Information)
Else
MessageBox.Show("Password cannot be empty.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If
Else
MessageBox.Show("Incorrect OTP entered.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If
Else
MessageBox.Show("Email not found.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If
Catch ex As Exception
MessageBox.Show("An error occurred: " & ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
End Using
End Using
End Sub
' Function to generate a 6-digit OTP
Private Function GenerateOTP() As String
Dim random As New Random()
Return random.Next(100000, 999999).ToString()
End Function
' Function to hash the password using SHA-256
Private Function HashPassword(password As String) As String
Using sha256 As SHA256 = SHA256.Create()
Dim bytes As Byte() = sha256.ComputeHash(Encoding.UTF8.GetBytes(password))
Dim builder As New StringBuilder()
For Each b As Byte In bytes
builder.Append(b.ToString("x2"))
Next
Return builder.ToString()
End Using
End Function
' Function to reset the password in the database
Private Sub ResetPassword(hashedPassword As String)
Dim connectionString As String = ConfigurationManager.ConnectionStrings("nobleAuction.My.MySettings.NAconnect").ConnectionString
Dim query As String = "UPDATE Users SET PasswordHash = @PasswordHash WHERE Email = @Email"
Using conn As New SqlConnection(connectionString)
Using cmd As New SqlCommand(query, conn)
cmd.Parameters.AddWithValue("@PasswordHash", hashedPassword)
cmd.Parameters.AddWithValue("@Email", userEmail)
Try
conn.Open()
cmd.ExecuteNonQuery()
Catch ex As Exception
MessageBox.Show("An error occurred: " & ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
End Using
End Using
End Sub
Private Sub exitLogin_Click(sender As Object, e As EventArgs) Handles exitLogin.Click
Application.Exit()
End Sub
Private Sub Back_Click(sender As Object, e As EventArgs) Handles Back.Click
Login.Show()
Me.Hide()
End Sub
End Class