From db16c927cbbc07c3a2e402e468756bf916b0274c Mon Sep 17 00:00:00 2001 From: alexY2004 Date: Thu, 14 May 2015 12:18:53 +0300 Subject: [PATCH] Do not return password form Enterprise Service Methods --- .../Users/UserInfo.cs | 58 ++++++++++++++++--- .../UsersProxy.cs | 20 ++++--- .../Common/ServiceUsernameTokenManager.cs | 2 +- .../ContractSystem/ContractController.cs | 2 +- .../Provisioning/DomainNameController.cs | 4 +- .../Ecommerce/TriggerSystem/CommonTrigger.cs | 4 +- .../Packages/PackageController.cs | 6 +- .../StatisticsServerController.cs | 6 +- .../Users/UserController.cs | 32 +++++----- .../Wizards/UserCreationWizard.cs | 4 +- .../esUsers.asmx.cs | 14 +++-- .../Code/PortalUtils.cs | 26 +++++++-- .../WebsitePanel/Code/Helpers/UsersHelper.cs | 4 +- .../WebsitePanel/PeersEditPeer.ascx.cs | 4 +- .../UserCreateUserAccount.ascx.cs | 4 +- 15 files changed, 129 insertions(+), 61 deletions(-) diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Base/Users/UserInfo.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Base/Users/UserInfo.cs index 259d0c53..1850c5bf 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Base/Users/UserInfo.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Base/Users/UserInfo.cs @@ -51,7 +51,7 @@ namespace WebsitePanel.EnterpriseServer private bool isDemo; private string comments; private string username; - private string password; +// private string password; private string firstName; private string lastName; private string email; @@ -78,6 +78,39 @@ namespace WebsitePanel.EnterpriseServer { } + public UserInfo(UserInfo src) + { + userId = src.userId; + ownerId = src.ownerId; + roleId = src.roleId; + statusId = src.statusId; + loginStatusId = src.loginStatusId; + failedLogins = src.failedLogins; + created = src.created; + changed = src.changed; + isPeer = src.isPeer; + isDemo = src.isDemo; + comments = src.comments; + username = src.username; + firstName = src.firstName; + lastName = src.lastName; + email = src.email; + secondaryEmail = src.secondaryEmail; + address = src.address; + city = src.city; + country = src.country; + state = src.state; + zip = src.zip; + primaryPhone = src.primaryPhone; + secondaryPhone = src.secondaryPhone; + fax = src.fax; + instantMessenger = src.instantMessenger; + htmlMail = src.htmlMail; + companyName = src.companyName; + ecommerceEnabled = src.ecommerceEnabled; + subscriberNumber = src.subscriberNumber; + } + /// /// User role ID: /// Administrator = 1, @@ -200,11 +233,11 @@ namespace WebsitePanel.EnterpriseServer set { this.username = value; } } - public string Password - { - get { return this.password; } - set { this.password = value; } - } +// public string Password +// { +// get { return this.password; } +// set { this.password = value; } +// } public string FirstName { @@ -347,7 +380,18 @@ namespace WebsitePanel.EnterpriseServer { public ushort VLanID { get; set; } public string Comment { get; set; } - } + }; + + public class UserInfoInternal : UserInfo + { + private string password; + + public string Password + { + get { return this.password; } + set { this.password = value; } + } + }; } diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Client/UsersProxy.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Client/UsersProxy.cs index d19bafce..0b3fc9dd 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Client/UsersProxy.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Client/UsersProxy.cs @@ -840,20 +840,23 @@ namespace WebsitePanel.EnterpriseServer /// [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/enterpriseserver/AddUser", RequestNamespace = "http://smbsaas/websitepanel/enterpriseserver", ResponseNamespace = "http://smbsaas/websitepanel/enterpriseserver", Use = System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle = System.Web.Services.Protocols.SoapParameterStyle.Wrapped)] - public int AddUser(UserInfo user, bool sendLetter) + public int AddUser(UserInfo user, bool sendLetter, string password) { object[] results = this.Invoke("AddUser", new object[] { user, - sendLetter}); + sendLetter, + password + }); return ((int)(results[0])); } /// - public System.IAsyncResult BeginAddUser(UserInfo user, bool sendLetter, System.AsyncCallback callback, object asyncState) + public System.IAsyncResult BeginAddUser(UserInfo user, bool sendLetter, string password, System.AsyncCallback callback, object asyncState) { return this.BeginInvoke("AddUser", new object[] { user, - sendLetter}, callback, asyncState); + sendLetter, + password}, callback, asyncState); } /// @@ -864,13 +867,13 @@ namespace WebsitePanel.EnterpriseServer } /// - public void AddUserAsync(UserInfo user, bool sendLetter) + public void AddUserAsync(UserInfo user, bool sendLetter, string password) { - this.AddUserAsync(user, sendLetter, null); + this.AddUserAsync(user, sendLetter, password, null); } /// - public void AddUserAsync(UserInfo user, bool sendLetter, object userState) + public void AddUserAsync(UserInfo user, bool sendLetter, string password, object userState) { if ((this.AddUserOperationCompleted == null)) { @@ -878,7 +881,8 @@ namespace WebsitePanel.EnterpriseServer } this.InvokeAsync("AddUser", new object[] { user, - sendLetter}, this.AddUserOperationCompleted, userState); + sendLetter, + password}, this.AddUserOperationCompleted, userState); } private void OnAddUserOperationCompleted(object arg) diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Common/ServiceUsernameTokenManager.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Common/ServiceUsernameTokenManager.cs index eb81f69f..1902f125 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Common/ServiceUsernameTokenManager.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Common/ServiceUsernameTokenManager.cs @@ -69,7 +69,7 @@ namespace WebsitePanel.EnterpriseServer protected override string AuthenticateToken(UsernameToken token) { // try to load user account - UserInfo user = UserController.GetUserInternally(token.Username); + UserInfoInternal user = UserController.GetUserInternally(token.Username); if (user == null) return null; diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/ContractSystem/ContractController.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/ContractSystem/ContractController.cs index aac2727c..0d870c89 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/ContractSystem/ContractController.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/ContractSystem/ContractController.cs @@ -182,7 +182,7 @@ namespace WebsitePanel.Ecommerce.EnterpriseServer.ContractSystem // if (customerId > -1) { - ES.UserInfo userInfo = (internally) ? ES.UserController.GetUserInternally(customerId) : + ES.UserInfoInternal userInfo = (internally) ? ES.UserController.GetUserInternally(customerId) : ES.UserController.GetUser(customerId); // if (internally) diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/Provisioning/DomainNameController.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/Provisioning/DomainNameController.cs index a4140b9e..c50b4aba 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/Provisioning/DomainNameController.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/Provisioning/DomainNameController.cs @@ -520,12 +520,12 @@ namespace WebsitePanel.Ecommerce.EnterpriseServer return settings; } - private CommandParams PrepeareAccountParams(UserInfo userInfo) + private CommandParams PrepeareAccountParams(UserInfo userInfo, string password) { CommandParams args = new CommandParams(); args[CommandParams.USERNAME] = userInfo.Username; - args[CommandParams.PASSWORD] = userInfo.Password; + args[CommandParams.PASSWORD] = password; args[CommandParams.FIRST_NAME] = userInfo.FirstName; args[CommandParams.LAST_NAME] = userInfo.LastName; args[CommandParams.EMAIL] = userInfo.Email; diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/TriggerSystem/CommonTrigger.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/TriggerSystem/CommonTrigger.cs index e749e42c..b4906d20 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/TriggerSystem/CommonTrigger.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Ecommerce/TriggerSystem/CommonTrigger.cs @@ -113,7 +113,7 @@ namespace WebsitePanel.Ecommerce.EnterpriseServer // create user account ES.UserInfo userInfo = new ES.UserInfo(); userInfo.Username = account[ContractAccount.USERNAME]; - userInfo.Password = account[ContractAccount.PASSWORD]; +// userInfo.Password = account[ContractAccount.PASSWORD]; userInfo.Email = account[ContractAccount.EMAIL]; userInfo.FirstName = account[ContractAccount.FIRST_NAME]; userInfo.LastName = account[ContractAccount.LAST_NAME]; @@ -133,7 +133,7 @@ namespace WebsitePanel.Ecommerce.EnterpriseServer userInfo.OwnerId = contract.ResellerId; userInfo.Created = DateTime.Now; // create account - int resultCode = ES.UserController.AddUser(userInfo, true); + int resultCode = ES.UserController.AddUser(userInfo, true, account[ContractAccount.PASSWORD]); // if (resultCode > 0) { diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Packages/PackageController.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Packages/PackageController.cs index ba78d84c..56aab96f 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Packages/PackageController.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Packages/PackageController.cs @@ -422,7 +422,7 @@ namespace WebsitePanel.EnterpriseServer return result; // load user info - UserInfo user = UserController.GetUser(userId); + UserInfoInternal user = UserController.GetUser(userId); if (createFtpAccount) { @@ -2086,7 +2086,7 @@ namespace WebsitePanel.EnterpriseServer items["user"] = user; // get reseller details - UserInfo reseller = UserController.GetUser(user.OwnerId); + UserInfoInternal reseller = UserController.GetUser(user.OwnerId); if (reseller != null) { reseller.Password = ""; @@ -2123,7 +2123,7 @@ namespace WebsitePanel.EnterpriseServer items["user"] = user; // get reseller details - UserInfo reseller = UserController.GetUser(user.OwnerId); + UserInfoInternal reseller = UserController.GetUser(user.OwnerId); if (reseller != null) { reseller.Password = ""; diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/StatisticsServers/StatisticsServerController.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/StatisticsServers/StatisticsServerController.cs index b28248a6..7c05d896 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/StatisticsServers/StatisticsServerController.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/StatisticsServers/StatisticsServerController.cs @@ -112,10 +112,12 @@ namespace WebsitePanel.EnterpriseServer UserInfo user = PackageController.GetPackageOwner(item.PackageId); if (user != null) { + UserInfoInternal userInternal = UserController.GetUserInternally(user.UserId); + site.StatisticsUrl = Utils.ReplaceStringVariable(site.StatisticsUrl, "username", - HttpUtility.UrlEncode(user.Username)); + HttpUtility.UrlEncode(userInternal.Username)); site.StatisticsUrl = Utils.ReplaceStringVariable(site.StatisticsUrl, "password", - HttpUtility.UrlEncode(user.Password)); + HttpUtility.UrlEncode(userInternal.Password)); } } diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Users/UserController.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Users/UserController.cs index de9d56c3..fabe98bc 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Users/UserController.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Users/UserController.cs @@ -58,7 +58,7 @@ namespace WebsitePanel.EnterpriseServer try { // try to get user from database - UserInfo user = GetUserInternally(username); + UserInfoInternal user = GetUserInternally(username); // check if the user exists if (user == null) @@ -99,7 +99,7 @@ namespace WebsitePanel.EnterpriseServer // compare user passwords - if (user.Password != password) + if (CryptoUtils.SHA1(user.Password) != password) { if (lockOut >= 0) DataProvider.UpdateUserFailedLoginAttempt(user.UserId, lockOut, false); @@ -145,7 +145,7 @@ namespace WebsitePanel.EnterpriseServer try { // try to get user from database - UserInfo user = GetUserInternally(username); + UserInfoInternal user = GetUserInternally(username); // check if the user exists if (user == null) @@ -155,8 +155,8 @@ namespace WebsitePanel.EnterpriseServer } // compare user passwords - if (user.Password == password) - return user; + if (CryptoUtils.SHA1(user.Password) == password) + return new UserInfo(user); return null; } @@ -239,7 +239,7 @@ namespace WebsitePanel.EnterpriseServer items["Email"] = true; // get reseller details - UserInfo reseller = UserController.GetUser(user.OwnerId); + UserInfoInternal reseller = UserController.GetUser(user.OwnerId); if (reseller != null) { reseller.Password = ""; @@ -264,10 +264,10 @@ namespace WebsitePanel.EnterpriseServer } } - internal static UserInfo GetUserInternally(int userId) + internal static UserInfoInternal GetUserInternally(int userId) { // try to get user from database - UserInfo user = ObjectUtils.FillObjectFromDataReader( + UserInfoInternal user = ObjectUtils.FillObjectFromDataReader( DataProvider.GetUserByIdInternally(userId)); if (user != null) @@ -275,10 +275,10 @@ namespace WebsitePanel.EnterpriseServer return user; } - internal static UserInfo GetUserInternally(string username) + internal static UserInfoInternal GetUserInternally(string username) { // try to get user from database - UserInfo user = ObjectUtils.FillObjectFromDataReader( + UserInfoInternal user = ObjectUtils.FillObjectFromDataReader( DataProvider.GetUserByUsernameInternally(username)); if (user != null) @@ -288,10 +288,10 @@ namespace WebsitePanel.EnterpriseServer return user; } - public static UserInfo GetUser(int userId) + public static UserInfoInternal GetUser(int userId) { // try to get user from database - UserInfo user = ObjectUtils.FillObjectFromDataReader( + UserInfoInternal user = ObjectUtils.FillObjectFromDataReader( DataProvider.GetUserById(SecurityContext.User.UserId, userId)); if (user != null) @@ -299,10 +299,10 @@ namespace WebsitePanel.EnterpriseServer return user; } - public static UserInfo GetUser(string username) + public static UserInfoInternal GetUser(string username) { // try to get user from database - UserInfo user = ObjectUtils.FillObjectFromDataReader( + UserInfoInternal user = ObjectUtils.FillObjectFromDataReader( DataProvider.GetUserByUsername(SecurityContext.User.UserId, username)); if (user != null) @@ -381,7 +381,7 @@ namespace WebsitePanel.EnterpriseServer return DataProvider.GetUsers(SecurityContext.User.UserId, ownerId, recursive); } - public static int AddUser(UserInfo user, bool sendLetter) + public static int AddUser(UserInfo user, bool sendLetter, string password) { // check account int accountCheck = SecurityContext.CheckAccount(DemandAccount.NotDemo); @@ -424,7 +424,7 @@ namespace WebsitePanel.EnterpriseServer user.IsPeer, user.Comments, user.Username.Trim(), - CryptoUtils.Encrypt(user.Password), + CryptoUtils.Encrypt(password), user.FirstName, user.LastName, user.Email, diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Wizards/UserCreationWizard.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Wizards/UserCreationWizard.cs index e343fccd..d283dfbf 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Wizards/UserCreationWizard.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/Wizards/UserCreationWizard.cs @@ -119,11 +119,11 @@ namespace WebsitePanel.EnterpriseServer user.Email = email; user.SecondaryEmail = secondaryEmail; user.Username = username; - user.Password = password; +// user.Password = password; user.HtmlMail = htmlMail; // add a new user - createdUserId = UserController.AddUser(user, false); + createdUserId = UserController.AddUser(user, false, password); if (createdUserId < 0) { // exit diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer/esUsers.asmx.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer/esUsers.asmx.cs index 64ccb43d..eea1c318 100644 --- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer/esUsers.asmx.cs +++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer/esUsers.asmx.cs @@ -57,13 +57,15 @@ namespace WebsitePanel.EnterpriseServer [WebMethod] public UserInfo GetUserById(int userId) { - return UserController.GetUser(userId); + UserInfoInternal uinfo = UserController.GetUser(userId); + return (uinfo != null) ? new UserInfo(uinfo) : null; } [WebMethod] public UserInfo GetUserByUsername(string username) { - return UserController.GetUser(username); + UserInfoInternal uinfo = UserController.GetUser(username); + return (uinfo != null) ? new UserInfo(uinfo) : null; } [WebMethod] @@ -136,9 +138,9 @@ namespace WebsitePanel.EnterpriseServer } [WebMethod] - public int AddUser(UserInfo user, bool sendLetter) + public int AddUser(UserInfo user, bool sendLetter, string password) { - return UserController.AddUser(user, sendLetter); + return UserController.AddUser(user, sendLetter, password); } [WebMethod] @@ -175,7 +177,7 @@ namespace WebsitePanel.EnterpriseServer user.IsPeer = isPeer; user.IsDemo = isDemo; user.Username = username; - user.Password = password; +// user.Password = password; user.FirstName = firstName; user.LastName = lastName; user.Email = email; @@ -192,7 +194,7 @@ namespace WebsitePanel.EnterpriseServer user.HtmlMail = htmlMail; user.CompanyName = companyName; user.EcommerceEnabled = ecommerceEnabled; - return UserController.AddUser(user, sendLetter); + return UserController.AddUser(user, sendLetter, password); } [WebMethod] diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/Code/PortalUtils.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/Code/PortalUtils.cs index b4793320..d3c706c0 100644 --- a/WebsitePanel/Sources/WebsitePanel.WebPortal/Code/PortalUtils.cs +++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/Code/PortalUtils.cs @@ -43,6 +43,7 @@ using System.Web.Security; using System.Web.UI.WebControls; using System.Net; using System.Net.Mail; +using System.Security.Cryptography; using Microsoft.Web.Services3; using WebsitePanel.EnterpriseServer; @@ -336,15 +337,30 @@ namespace WebsitePanel.Portal return DefaultPage.GetLocalizedPageName(pageId); } + public static string SHA1(string plainText) + { + // Convert plain text into a byte array. + byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText); + + HashAlgorithm hash = new SHA1Managed(); ; + + // Compute hash value of our plain text with appended salt. + byte[] hashBytes = hash.ComputeHash(plainTextBytes); + + // Return the result. + return Convert.ToBase64String(hashBytes); + } public static int AuthenticateUser(string username, string password, string ipAddress, bool rememberLogin, string preferredLocale, string theme) { esAuthentication authService = new esAuthentication(); ConfigureEnterpriseServerProxy(authService, false); + string passwordSH = SHA1(password); + try { - int authResult = authService.AuthenticateUser(username, password, ipAddress); + int authResult = authService.AuthenticateUser(username, passwordSH, ipAddress); if (authResult < 0) { @@ -352,13 +368,13 @@ namespace WebsitePanel.Portal } else { - UserInfo user = authService.GetUserByUsernamePassword(username, password, ipAddress); + UserInfo user = authService.GetUserByUsernamePassword(username, passwordSH, ipAddress); if (user != null) { if (IsRoleAllowedToLogin(user.Role)) { // issue authentication ticket - FormsAuthenticationTicket ticket = CreateAuthTicket(user.Username, user.Password, user.Role, rememberLogin); + FormsAuthenticationTicket ticket = CreateAuthTicket(user.Username, password, user.Role, rememberLogin); SetAuthTicket(ticket, rememberLogin); CompleteUserLogin(username, rememberLogin, preferredLocale, theme); @@ -513,7 +529,7 @@ namespace WebsitePanel.Portal } } - public static int AddUserAccount(List log, UserInfo user, bool sendLetter) + public static int AddUserAccount(List log, UserInfo user, bool sendLetter, string password) { esUsers usersService = new esUsers(); ConfigureEnterpriseServerProxy(usersService, true); @@ -521,7 +537,7 @@ namespace WebsitePanel.Portal try { // add user to WebsitePanel server - return usersService.AddUser(user, sendLetter); + return usersService.AddUser(user, sendLetter, password); } catch (Exception ex) { diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/Code/Helpers/UsersHelper.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/Code/Helpers/UsersHelper.cs index 9c97f47c..d6b12bb6 100644 --- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/Code/Helpers/UsersHelper.cs +++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/Code/Helpers/UsersHelper.cs @@ -210,10 +210,10 @@ namespace WebsitePanel.Portal return dsUsers; } - public static int AddUser(List log, int portalId, UserInfo user, bool sendLetter) + public static int AddUser(List log, int portalId, UserInfo user, bool sendLetter, string password) { // add user to WebsitePanel server - return ES.Services.Users.AddUser(user, sendLetter); + return ES.Services.Users.AddUser(user, sendLetter, password); } public static void AddUserVLan(int userId, UserVlan vLan) diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs index 5f8a110c..e5359606 100644 --- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs +++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs @@ -195,7 +195,7 @@ namespace WebsitePanel.Portal user.SecondaryEmail = txtSecondaryEmail.Text; user.HtmlMail = ddlMailFormat.SelectedIndex == 1; user.Username = txtUsername.Text; - user.Password = userPassword.Password; +// user.Password = userPassword.Password; user.IsDemo = chkDemo.Checked; user.LoginStatusId = loginStatus.SelectedIndex; @@ -220,7 +220,7 @@ namespace WebsitePanel.Portal try { //int userId = UsersHelper.AddUser(log, PortalId, user); - int userId = PortalUtils.AddUserAccount(log, user, false); + int userId = PortalUtils.AddUserAccount(log, user, false, userPassword.Password); if (userId < 0) { diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateUserAccount.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateUserAccount.ascx.cs index 4c67a45c..bf2fa0af 100644 --- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateUserAccount.ascx.cs +++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateUserAccount.ascx.cs @@ -103,7 +103,7 @@ namespace WebsitePanel.Portal user.SecondaryEmail = txtSecondaryEmail.Text; user.HtmlMail = ddlMailFormat.SelectedIndex == 1; user.Username = txtUsername.Text.Trim(); - user.Password = userPassword.Password; +// user.Password = userPassword.Password; // contact info user.CompanyName = contact.CompanyName; @@ -123,7 +123,7 @@ namespace WebsitePanel.Portal try { //int userId = UsersHelper.AddUser(log, PortalId, user); - int userId = PortalUtils.AddUserAccount(log, user, chkAccountLetter.Checked); + int userId = PortalUtils.AddUserAccount(log, user, chkAccountLetter.Checked, userPassword.Password); if (userId == BusinessErrorCodes.ERROR_INVALID_USER_NAME) {