[Solved] STEP 1: Business Layer Functionality

$25

File Name: STEP_1:_Business_Layer_Functionality.zip
File Size: 339.12 KB

SKU: [Solved] STEP 1: Business Layer Functionality… Category: Tag:
5/5 - (1 vote)

STEP 1: Business Layer Functionality

1. Open Microsoft Visual Studio.NET.

2. Click the ASP.NET website named PayrollSystem to open it.

3. Create a new class called clsBusinessLayer.

4. Add the following code in the clsBusinessLayer class:

// **** Add the following at the top of the class file,

// Add your comments here

using System.Net.Mail;

//**** Add the following code inside the body of public class clsBusinessLayer ****

public static bool SendEmail(string Sender, string Recipient, string bcc, string cc,

string Subject, string Body)

{

try {

// Add your comments here

MailMessage MyMailMessage = new MailMessage();

// Add your comments here

MyMailMessage.From = new MailAddress(Sender);

// Add your comments here

MyMailMessage.To.Add(new MailAddress(Recipient));

// Add your comments here

if (bcc != null && bcc != string.Empty) {

// Add your comments here

MyMailMessage.Bcc.Add(new MailAddress(bcc));

}

// Add your comments here

if (cc != null && cc != string.Empty) {

// Add your comments here

MyMailMessage.CC.Add(new MailAddress(cc));

}

// Add your comments here

MyMailMessage.Subject = Subject;

// Add your comments here

MyMailMessage.Body = Body;

// Add your comments here

MyMailMessage.IsBodyHtml = true;

// Add your comments here

MyMailMessage.Priority = MailPriority.Normal;

// Add your comments here

SmtpClient MySmtpClient = new SmtpClient(localhost);

//SMTP Port = 25;

//Generic IP host = 127.0.0.1;

// Add your comments here

MySmtpClient.Send(MyMailMessage);

// Add your comments here

return true;

} catch (Exception ex) {

// Add your comments here

return false;

}

}

Listen

STEP 2: Integration

5. Open the frmLogin Web form code behind the file and add the following code to the body of the if (dsUserLogin.tblUserLogin.Count < 1) statement, just above the return statement:

// Add your comments here

// Add your comments here

if (clsBusinessLayer.SendEmail(,

, , , Login Incorrect,

The login failed for UserName: + Login1.UserName +

Password: + Login1.Password))

{

Login1.FailureText = Login1.FailureText +

Your incorrect login information was sent to [email protected];

}

NOTE: Change the and to your e-mail and someone elses e-mail for testing.

6. Optional: Perform this step only if you are doing this lab using Visual Studio installed on your own computer and you have administrative rights on your computer. If you are doing this lab using the iLab (Citrix) server, or if you do not have access to IIS, skip to Step 8.

7. In previous versions of Windows, the SMTP server was built into IIS. Now we will need to get a separate one. On the Microsoft Codeplex site is an SMTP server called smtp4dev, specifically designed for development environments. Pages 652653 in the text discuss how to download and use smtp4dev. The site is http://smtp4dev.codeplex.com. Click on Downloads. Another example is Papercut, downloadable at: http://papercut.codeplex.com/ You can use either smtp server.

Test the e-mail by logging in as someone other than Mickey or Minnie. You should receive an email to the SMTP client.

8. We have a security hole in our Web application. If you start the Web application by going to the login page, you can bypass the login page by simply typing the name of a form in the URL (try it). There is some limited protection because of the check that we are doing for the user role, but it still allows a user to get to pages that we dont want them to get to unless the role is set properly. Add a security check in the Page_Load of each sensitive page (Manage Users, Add New Employee, View User Activity, Edit Employees), check for the Session role item with a value of A, and, if the user is accessing these pages without the proper permissions, redirect back to the frmLogin.aspx page. For example:

if (Session[SecurityLevel] != A)

{

Response.Redirect(frmLogin.aspx);

}

9. This still leaves the possibility of a person bypassing the login page. We will fix that by using forms authentication. Add the following to the web.config file before the </system.web> tag.

<authentication mode=Forms>

<forms loginUrl=frmLogin.aspx />

</authentication>

<authorization >

<deny users=? />

</authorization>

10. This will redirect users to the login page if they have not yet gone through it for login. This process will use a cookie when the user successfully logs in, a cookie is set that allows the user to go to other pages. If that cookie is not set, then the user is redirected to the login page if they try to go to any other page. Add the cookie code by adding this code in the frmLogin.aspx C# code after each place that you have e.Authenticated = true:

FormsAuthentication.RedirectFromLoginPage(Login1.UserName, false);

If you receive an error when you enter this in the code, right click on the line and choose Resolve->Using System.Web.Security

11. Hints:

Make sure you reestablish your database connection if you copied the files from a previous lab. Also, make sure to update the web.config file with the database connection string.

Update any DataSource controls that you added with the new payroll database location.

When you manually try to go to a second page by skipping the login page, a cookie is set specifying the name of the page you were attempting to visit. Once you log in successfully, ASP.Net will automatically attempt to navigate back to that page. You can reset the cookie so that the next page is frmMain, as expected, by typing that page in the URL for the browser before logging in.

Submit Final Lab (includes all previous lab assignments).

STEP 3: Test And Submit

12. Run your project. When you try to log in, enter a username that is not Mickey or Minnie (i.e., a username that is not found in tblUserLogin). An e-mail should be sent to the e-mail address.

13. Test that frmMain reconfigures properly based on user role. Make sure that the user cannot bypass the login page.

Once you have verified that everything works, save your website, zip up all files, and submit them in the Dropbox.

NOTE: E-mails may be blocked due to firewalls, antivirus software, or even Internet service providers that turned SMTP off because of some known security issues. If the code works (does not produce an error when submitting), you will get full credit for this project even if no e-mail message is actuallySTEP 1: Business Layer Functionality

1. Open Microsoft Visual Studio.NET.

2. Click the ASP.NET website named PayrollSystem to open it.

3. Create a new class called clsBusinessLayer.

4. Add the following code in the clsBusinessLayer class:

// **** Add the following at the top of the class file,

// Add your comments here

using System.Net.Mail;

//**** Add the following code inside the body of public class clsBusinessLayer ****

public static bool SendEmail(string Sender, string Recipient, string bcc, string cc,

string Subject, string Body)

{

try {

// Add your comments here

MailMessage MyMailMessage = new MailMessage();

// Add your comments here

MyMailMessage.From = new MailAddress(Sender);

// Add your comments here

MyMailMessage.To.Add(new MailAddress(Recipient));

// Add your comments here

if (bcc != null && bcc != string.Empty) {

// Add your comments here

MyMailMessage.Bcc.Add(new MailAddress(bcc));

}

// Add your comments here

if (cc != null && cc != string.Empty) {

// Add your comments here

MyMailMessage.CC.Add(new MailAddress(cc));

}

// Add your comments here

MyMailMessage.Subject = Subject;

// Add your comments here

MyMailMessage.Body = Body;

// Add your comments here

MyMailMessage.IsBodyHtml = true;

// Add your comments here

MyMailMessage.Priority = MailPriority.Normal;

// Add your comments here

SmtpClient MySmtpClient = new SmtpClient(localhost);

//SMTP Port = 25;

//Generic IP host = 127.0.0.1;

// Add your comments here

MySmtpClient.Send(MyMailMessage);

// Add your comments here

return true;

} catch (Exception ex) {

// Add your comments here

return false;

}

}

Listen

STEP 2: Integration

5. Open the frmLogin Web form code behind the file and add the following code to the body of the if (dsUserLogin.tblUserLogin.Count < 1) statement, just above the return statement:

// Add your comments here

// Add your comments here

if (clsBusinessLayer.SendEmail(,

, , , Login Incorrect,

The login failed for UserName: + Login1.UserName +

Password: + Login1.Password))

{

Login1.FailureText = Login1.FailureText +

Your incorrect login information was sent to [email protected];

}

NOTE: Change the and to your e-mail and someone elses e-mail for testing.

6. Optional: Perform this step only if you are doing this lab using Visual Studio installed on your own computer and you have administrative rights on your computer. If you are doing this lab using the iLab (Citrix) server, or if you do not have access to IIS, skip to Step 8.

7. In previous versions of Windows, the SMTP server was built into IIS. Now we will need to get a separate one. On the Microsoft Codeplex site is an SMTP server called smtp4dev, specifically designed for development environments. Pages 652653 in the text discuss how to download and use smtp4dev. The site is http://smtp4dev.codeplex.com. Click on Downloads. Another example is Papercut, downloadable at: http://papercut.codeplex.com/ You can use either smtp server.

Test the e-mail by logging in as someone other than Mickey or Minnie. You should receive an email to the SMTP client.

8. We have a security hole in our Web application. If you start the Web application by going to the login page, you can bypass the login page by simply typing the name of a form in the URL (try it). There is some limited protection because of the check that we are doing for the user role, but it still allows a user to get to pages that we dont want them to get to unless the role is set properly. Add a security check in the Page_Load of each sensitive page (Manage Users, Add New Employee, View User Activity, Edit Employees), check for the Session role item with a value of A, and, if the user is accessing these pages without the proper permissions, redirect back to the frmLogin.aspx page. For example:

if (Session[SecurityLevel] != A)

{

Response.Redirect(frmLogin.aspx);

}

9. This still leaves the possibility of a person bypassing the login page. We will fix that by using forms authentication. Add the following to the web.config file before the </system.web> tag.

<authentication mode=Forms>

<forms loginUrl=frmLogin.aspx />

</authentication>

<authorization >

<deny users=? />

</authorization>

10. This will redirect users to the login page if they have not yet gone through it for login. This process will use a cookie when the user successfully logs in, a cookie is set that allows the user to go to other pages. If that cookie is not set, then the user is redirected to the login page if they try to go to any other page. Add the cookie code by adding this code in the frmLogin.aspx C# code after each place that you have e.Authenticated = true:

FormsAuthentication.RedirectFromLoginPage(Login1.UserName, false);

If you receive an error when you enter this in the code, right click on the line and choose Resolve->Using System.Web.Security

11. Hints:

Make sure you reestablish your database connection if you copied the files from a previous lab. Also, make sure to update the web.config file with the database connection string.

Update any DataSource controls that you added with the new payroll database location.

When you manually try to go to a second page by skipping the login page, a cookie is set specifying the name of the page you were attempting to visit. Once you log in successfully, ASP.Net will automatically attempt to navigate back to that page. You can reset the cookie so that the next page is frmMain, as expected, by typing that page in the URL for the browser before logging in.

Submit Final Lab (includes all previous lab assignments).

STEP 3: Test And Submit

12. Run your project. When you try to log in, enter a username that is not Mickey or Minnie (i.e., a username that is not found in tblUserLogin). An e-mail should be sent to the e-mail address.

13. Test that frmMain reconfigures properly based on user role. Make sure that the user cannot bypass the login page.

Once you have verified that everything works, save your website, zip up all files, and submit them in the Dropbox.

NOTE: E-mails may be blocked due to firewalls, antivirus software, or even Internet service providers that turned SMTP off because of some known security issues. If the code works (does not produce an error when submitting), you will get full credit for this project even if no e-mail message is actually transmitted. Consult with your instructor before submitting if an error occurs or if no e-mail is generated. It is expected that no e-mail will be sent if you are using the DeVry iLab (Citrix) server for this lab or if you were not able to download and install smtp4dev.

NOTE: Make sure that you include comments in the code provided where specified (where the // Add your comments here is mentioned), including code you wrote, or else a 5-point deduction per item (form, class, function) will be made.

transmitted. Consult with your instructor before submitting if an error occurs or if no e-mail is generated. It is expected that no e-mail will be sent if you are using the DeVry iLab (Citrix) server for this lab or if you were not able to download and install smtp4dev.

NOTE: Make sure that you include comments in the code provided where specified (where the // Add your comments here is mentioned), including code you wrote, or else a 5-point deduction per item (form, class, function) will be made.

Reviews

There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

Shopping Cart
[Solved] STEP 1: Business Layer Functionality
$25