Beispiel #1
0
        private void editButton(object sender, EventArgs e)
        {
            passhasher ph       = new passhasher();
            string     sqlquery = "";
            string     rname    = nameTextBox.Text;
            string     uname    = UsernameTextBox.Text;
            string     pwd      = PasswordTextBox.Text;

            pwd = ph.GetSHA512Hash(pwd);

            if (PasswordTextBox.Text != "")
            {
                if (PasswordTextBox.Text != PasswordTextBox2.Text)
                {
                    errPwd.SetError(PasswordTextBox2, "Passwords do not match");
                    return;
                }

                sqlquery = "UPDATE nts_users SET username = '******', password = '******', realname = '" + rname + "' WHERE userkey = " + ukey + ";";
            }
            else
            {
                sqlquery = "UPDATE nts_users SET username = '******', realname = '" + rname + "' WHERE userkey = " + ukey + ";";
            }
            //sqlquery = "UPDATE nts_users SET realname = 'Crack Bandit' WHERE userkey=2;";
            //MessageBox.Show(sqlquery);
            SQLiteDataReader reader;

            sqlConn.Open();
            sqlDoCmd.CommandText = sqlquery;
            reader = sqlDoCmd.ExecuteReader();
            reader.Close();
            sqlConn.Close();
            if (reader.RecordsAffected > 0)
            {
                MessageBox.Show("User info successfully changed!");
            }


            nameTextBox.Text         = "";
            UsernameTextBox.Text     = "";
            PasswordTextBox.Text     = "";
            PasswordTextBox2.Text    = "";
            nameLabel.Visible        = false;
            nameTextBox.Visible      = false;
            UsernameLabel.Visible    = false;
            UsernameTextBox.Visible  = false;
            PasswordLabel.Visible    = false;
            PasswordTextBox.Visible  = false;
            PasswordLabel2.Visible   = false;
            PasswordTextBox2.Visible = false;
            EditButton.Visible       = false;
        }
Beispiel #2
0
        private void CreateButton_Click(object sender, EventArgs e)
        {
            passhasher       ph      = new passhasher();
            string           phash   = ph.GetSHA512Hash(PasswordTextBox.Text);
            string           command = "select * from nts_users where `username` = '" + UsernameTextBox.Text + "';";
            SQLiteDataReader reader;

            errorChecker.Clear();

            if (PasswordTextBox.Text != PasswordTextBox2.Text)
            {
                errorChecker.SetError(PasswordTextBox2, "Passwords do not match.");
                return;
            }

            sqlConn.Open();
            sqlDoCreate.CommandText = command;
            reader = sqlDoCreate.ExecuteReader();

            if (reader.HasRows)
            {
                errorChecker.SetError(UsernameTextBox, "Username already exists in the database.");
                reader.Close();
                sqlConn.Close();
                return;
            }

            reader.Close();

            command = "insert into nts_users (`username`,`password`,`realname`,`lastlogin`) values ( '" + UsernameTextBox.Text + "', '" + phash + "', '" + nameTextBox.Text + "', " + DateTime.Now.ToString("yyyyMMddHHmmss") + ");";
            if (Admin.Checked == true)
            {
                command += "insert into nts_admins(`userkey`) values (last_insert_rowid());";
            }

            sqlDoCreate.CommandText = command;
            reader = sqlDoCreate.ExecuteReader();

            if (reader.RecordsAffected > 0)
            {
                MessageBox.Show("User created successfully!");
            }

            reader.Close();
            sqlConn.Close();
            this.Close();
        }
Beispiel #3
0
        private void LoginButton_Click(object sender, EventArgs e)
        {
            SQLiteDataReader sqldr;
            passhasher       ph = new passhasher();
            Form             w  = null;

            sqlConn.Open();
            errLogin.Clear();

            string phash = ph.GetSHA512Hash(PasswordTextBox.Text);

            string sqlstmt = "SELECT nts_users.username, nts_users.password, nts_users.realname, nts_users.lastlogin, nts_users.userkey, nts_admins.userkey AS admin FROM nts_users LEFT OUTER JOIN nts_admins ON nts_users.userkey = nts_admins.userkey where nts_users.username = '******' and nts_users.password = '******'";

            sqlDoLogin.CommandText = sqlstmt.Replace("USERNAME_PARSE", UsernameTextBox.Text.ToLower()).Replace("PASSWORD_HASH", phash);

            sqldr = sqlDoLogin.ExecuteReader();

            //MessageBox.Show(sqlDoLogin.CommandText);
            if (!sqldr.HasRows)
            {
                PasswordTextBox.Text = "";
                errLogin.SetError(PasswordTextBox, "Sorry, but we couldn't find your username or password.");
                sqldr.Close();
                sqlConn.Close();
                return;
            }
            sqldr.Read();
            if (sqldr.IsDBNull(sqldr.GetOrdinal("admin")))
            {
                w = new WelcomePage();
            }
            else
            {
                w = new WelcomeAdmin();
            }
            Properties.Settings.Default.userkey = Convert.ToInt32(sqldr["userkey"]);
            //on successful login
            sqldr.Close();
            sqlConn.Close();
            this.Hide();
            w.ShowDialog();
            this.Close();
        }