public void updateUser(HttpContext myHttpContext, int id)
{
context = myHttpContext;
Console.WriteLine("\n\n\nid: " + id);
Console.WriteLine("\n\n\nUsername: "******"\n\n\nRole: " + role);
Console.WriteLine("\n\n\nPassword: "******"" || password == null)
{
//update everything but password
dbCommand = new MySqlCommand("Update login SET username=?username, role=?role WHERE id=?id", dbConnection);
}
else
{
//update password
WebLogin webLogin = new WebLogin(connectionString, context);
string salt = webLogin.getMySalt();
string hash = webLogin.changePassword(password, salt);
dbCommand = new MySqlCommand("Update login SET username=?username, role=?role, password=?password, salt=?salt WHERE id=?id", dbConnection);
dbCommand.Parameters.AddWithValue("?password", hash);
dbCommand.Parameters.AddWithValue("?salt", salt);
}
dbCommand.Parameters.AddWithValue("?id", id);
dbCommand.Parameters.AddWithValue("?username", username);
dbCommand.Parameters.AddWithValue("?role", role);
dbCommand.ExecuteNonQuery();
dbCommand.Parameters.Clear();
} finally {
dbConnection.Close();
}
}
public void addUser(HttpContext myHttpContext)
{
context = myHttpContext;
WebLogin webLogin = new WebLogin(connectionString, context);
webLogin.password = password;
string salt = webLogin.getMySalt();
string hash = webLogin.addUser(salt);
try {
dbConnection = new MySqlConnection(connectionString);
dbConnection.Open();
dbCommand = new MySqlCommand("INSERT INTO login (username,role,password,salt) VALUES (?username,?role,?password,?salt)", dbConnection);
dbCommand.Parameters.AddWithValue("?password", hash);
dbCommand.Parameters.AddWithValue("?salt", salt);
dbCommand.Parameters.AddWithValue("?username", username);
dbCommand.Parameters.AddWithValue("?role", role);
dbCommand.ExecuteNonQuery();
dbCommand.Parameters.Clear();
} finally {
dbConnection.Close();
}
}