Ejemplo n.º 1
0
        /// <summary>
        /// Resets the password,creates a string with the length of 8, encodes the new password and writes back into database.
        /// </summary>
        /// <param name="userId">User that password will be resetted.</param>
        /// <returns>string value which contains the new password.</returns>
        public static string ResetPassword(string userId)
        {
            int             result      = 0;
            string          newPassword = CreateRandomString(8);
            string          sql         = "select Salt from user where UserId='" + userId + "';";
            List <object[]> rows        = RepositoryManager.Repository.DoQuery(sql);

            if (rows.Count == 0)
            {
                return(null);
            }

            string salt = (string)rows[0][0];
            string newHashedPassword = EncryptionManager.EncodePassword(newPassword, salt);

            sql    = "update user set HashedPassword = '******' where UserId = '" + userId + "';";
            result = RepositoryManager.Repository.DoCommand(sql);
            if (result == 1)
            {
                return(newPassword);
            }
            else
            {
                return(null);
            }
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Updates user information over options and userId and alters the database.
        /// </summary>
        /// <param name="update">New value which is wanted to change.</param>
        /// <param name="userId">User that wants to make the change.</param>
        /// <param name="option">The value (Ranged from 1 to 6) to determine which field will be changed.</param>
        /// <returns>Boolean value whether the transaction is happened or not.</returns>
        public static bool UpdateUser(string update, string userId, int option)
        {
            string sql    = "";
            int    result = 0;

            if (option == 1)
            {
                sql    = "update user set Name ='" + update + "' where UserId = '" + userId + "';";
                result = RepositoryManager.Repository.DoCommand(sql);
            }

            else if (option == 2)
            {
                sql = "select Salt from user where UserId='" + userId + "';";
                List <object[]> rows = RepositoryManager.Repository.DoQuery(sql);
                if (rows.Count == 0)
                {
                    return(false);
                }
                string salt           = (string)rows[0][0];
                string hashedPassword = EncryptionManager.EncodePassword(update, salt);
                sql    = "update user set HashedPassword='******' where UserId = '" + userId + "';";
                result = RepositoryManager.Repository.DoCommand(sql);
            }
            else if (option == 3)
            {
                sql    = "update user set Email='" + update + "' where UserId = '" + userId + "';";
                result = RepositoryManager.Repository.DoCommand(sql);
            }

            else if (option == 4)
            {
                sql    = "update user set Gender='" + update + "' where UserId = '" + userId + "';";
                result = RepositoryManager.Repository.DoCommand(sql);
            }
            else if (option == 5)
            {
                sql    = "update user set BirthDate='" + update + "' where UserId = '" + userId + "';";
                result = RepositoryManager.Repository.DoCommand(sql);
            }
            else if (option == 6)
            {
                sql    = "update user set Location='" + update + "' where UserId = '" + userId + "';";
                result = RepositoryManager.Repository.DoCommand(sql);
            }
            if (result == 1)
            {
                return(true);
            }
            else
            {
                return(false);
            }
        }
Ejemplo n.º 3
0
        /*
         * This method adds an admin that's name is admin and password is abc123
         */
        public static void addAdmin()
        {
            string salt  = EncryptionManager.PasswordSalt;
            User   Users = new User
            {
                Id           = 0,
                Name         = "admin",
                EmailAddress = "*****@*****.**",
                Salt         = salt,
                HashPassword = EncryptionManager.EncodePassword("abc123", salt),
                IsAdmin      = 1,
                Status       = 1
            };

            AddUser(Users);
        }
Ejemplo n.º 4
0
        /*
         * Recreate and reinitialize the database.
         * The return value is true iff the initialization succeeds.
         */
        public bool Initialize()
        {
            bool success = true;

            Close();

            try
            {
                SQLiteConnection.CreateFile(databaseFile);
            }
            catch (IOException e)
            {
                success = false;
            }

            bool openResult = Open();

            if (success & openResult)
            {
                string salt           = EncryptionManager.PasswordSalt;
                string HashedPassword = EncryptionManager.EncodePassword("deneme1234", salt);

                string sql = "CREATE TABLE doctor (doctorID VARCHAR(50), doctorName VARCHAR(50), doctorEmail VARCHAR(50)," +
                             "password VARCHAR(50), salt VARCHAR(50), hashedPassword VARCHAR(50)," +
                             "doctorSex VARCHAR(50), isadmin VARCHAR(50), status VARCHAR(50), PRIMARY KEY(doctorID))";
                DoCommand(sql);

                sql = "insert into doctor(doctorID, doctorName, doctorEmail, password," +
                      "salt, hashedPassword, doctorSex, isadmin, status) values "
                      + "('1234567', 'Deniz Merve Gunduz', '*****@*****.**', 'pass', '" + salt + "', '" + HashedPassword + "', 'female', '1', '1')";
                DoCommand(sql);

                string sql1 = "CREATE TABLE patient (patientID VARCHAR(50), doctorID VARCHAR(50), patientName VARCHAR(50), patientEmail VARCHAR(50)," +
                              "patientPhone VARCHAR(50), patientSex VARCHAR(50)," +
                              "patientAge VARCHAR(50), healthProblem VARCHAR(50), PRIMARY KEY(patientID))";
                DoCommand(sql1);

                sql1 = "insert into patient(patientID, doctorID, patientName, patientEmail," +
                       "patientPhone, patientSex, patientAge, healthProblem) values "
                       + "('1234567', '1', 'Deniz', '*****@*****.**', '050666666666', 'female', '22', 'Crazy')";
                DoCommand(sql1);
            }

            return(success);
        }
Ejemplo n.º 5
0
        /*
         * Add a Doctor to the database.
         * Return true iff the add succeeds.
         */
        public static bool AddDoctor(Doctor doctor)
        {
            string salt           = EncryptionManager.PasswordSalt;
            string HashedPassword = EncryptionManager.EncodePassword(doctor.Password, salt);

            string sql = "insert into doctor (DoctorID, DoctorName, DoctorEmail, Password, Salt, HashedPassword, " +
                         "DoctorSex, Isadmin, Status) values ('"
                         + doctor.DoctorID + "', '"
                         + doctor.DoctorName + "', '"
                         + doctor.DoctorEmail + "', '"
                         + doctor.Password + "', '"
                         + salt + "', '"
                         + HashedPassword + "', '"
                         + doctor.DoctorSex + "', '"
                         + doctor.IsAdmin + "', '"
                         + doctor.Status + "')";

            RepositoryManager.Repository.DoCommand(sql);
            return(true);
        }
Ejemplo n.º 6
0
        /// <summary>
        /// Adds user over credential to the database.
        /// </summary>
        /// <param name="cr">New user's information is kept in credential object.</param>
        /// <returns>Boolean value whether the transaction is happened or not.</returns>
        public static bool AddUser(Credential cr)
        {
            string salt           = User.CreateSalt();
            string hashedPassword = EncryptionManager.EncodePassword(cr.Password, salt);
            string sql            = "insert into user (UserId, Name,Salt, HashedPassword,Email,IsAdmin,Status,Gender,BirthDate,Location) values ('"
                                    + cr.UserId + "', '"
                                    + cr.Name + "', '"
                                    + salt + "', '"
                                    + hashedPassword + "', '"
                                    + cr.Email + "',"
                                    + "0" + ", '"
                                    + "A" + "','"
                                    + cr.gender + "', '"
                                    + cr.BirthDate + "', '"
                                    + cr.Location + "'); ";

            RepositoryManager.Repository.DoCommand(sql);
            PrintAllUsers();
            return(true);
        }
Ejemplo n.º 7
0
        /*
         * Recreate and reinitialize the database.
         * The return value is true iff the initialization succeeds.
         */
        public bool Initialize()
        {
            bool openResult;

            if (File.Exists(databaseFile) && new FileInfo(databaseFile).Length > 10)
            {
                openResult = Open();
                return(openResult);
            }

            bool success = true;

            Close();

            try
            {
                SQLiteConnection.CreateFile(databaseFile);
            }
            catch (IOException e)
            {
                success = false;
            }

            openResult = Open();
            if (success & openResult)
            {
                string salt;
                string sql = "CREATE TABLE user (UserId VARCHAR(50), Name VARCHAR(50),Salt VARCHAR(50), HashedPassword VARCHAR(50),Email VARCHAR(50),IsAdmin BIT,Status VARCHAR(1),Gender VARCHAR(6),BirthDate VARCHAR(10), Location VARCHAR(30), PRIMARY KEY(UserId));";
                DoCommand(sql);
                sql = "CREATE TABLE car (carId INTEGER, Brand VARCHAR(50), Model VARCHAR(50),Owner VARCHAR(50),YearOfProduction INTEGER,KM INT,Url VARCHAR(200),TransmissionType VARCHAR(15), Fuel VARCHAR(15),TopSpeed INT, Acceleration Float,UrbanConsumption Float, WheelDrive VARCHAR(20), PRIMARY KEY(carId),FOREIGN KEY (Owner) references user(UserId));";
                DoCommand(sql);
                sql = "CREATE TABLE comment (CommentId INTEGER, carId INTEGER,UserId VARCHAR(50), Text VARCHAR(300),FOREIGN KEY (carId) references car(carId),PRIMARY KEY(CommentId),FOREIGN KEY (UserId) references user(UserId));";
                DoCommand(sql);
                sql = "CREATE TABLE favourites (UserId VARCHAR(12), carId INTEGER,FOREIGN KEY (carId) references car(carId),FOREIGN KEY (UserId) references user(UserId));";
                DoCommand(sql);

                salt = User.CreateSalt();
                sql  = "insert into user (UserId, Name,Salt, HashedPassword,Email,IsAdmin,Status,Gender,BirthDate,Location) values ('"
                       + "crysispeed" + "', '"
                       + "Caglar" + "', '"
                       + salt + "', '"
                       + EncryptionManager.EncodePassword("123456", salt) + "', '"
                       + "*****@*****.**" + "',"
                       + "1" + ", '"
                       + "A" + "','"
                       + "Male" + "', '"
                       + "1995-08-26" + "', '"
                       + "Ankara" + "');";
                DoCommand(sql);
                salt = User.CreateSalt();
                sql  = "insert into user (UserId, Name,Salt, HashedPassword,Email,IsAdmin,Status,Gender,BirthDate,Location) values ('"
                       + "gurko32" + "', '"
                       + "Gurkan" + "', '"
                       + salt + "', '"
                       + EncryptionManager.EncodePassword("123456", salt) + "', '"
                       + "*****@*****.**" + "',"
                       + "1" + ", '"
                       + "A" + "', '"
                       + "Male" + "', '"
                       + "1996-10-16" + "', '"
                       + "Ankara" + "');";
                DoCommand(sql);
                UserPersistence.PrintAllUsers();
            }

            return(success);
        }
Ejemplo n.º 8
0
        public ActionResult UserName(User newUser)
        {
            string newEmail = newUser.EmailAddress;
            string newName  = newUser.Name;

            newUser = (User)Session["user"];
            if (newUser == null)
            {
                return(View("User", "ChangeUser"));
            }
            string salt = EncryptionManager.PasswordSalt;

            if (newEmail != null && newName != null)
            {
                User Users = new User
                {
                    Id           = newUser.Id,
                    Name         = newName,
                    EmailAddress = newEmail,
                    Salt         = salt,
                    HashPassword = EncryptionManager.EncodePassword("abc123", salt),
                    IsAdmin      = 0,
                    Status       = 0
                };
                bool result = UserPersistence.UpdateUser(Users);
                if (result)
                {
                    ViewBag.message = "User Updated";
                }
                else
                {
                    ViewBag.message = "That user could not be Updated";
                }
            }
            else if (newEmail != null && newName == null)
            {
                User Users = new User
                {
                    Id           = newUser.Id,
                    Name         = newUser.Name,
                    EmailAddress = newEmail,
                    Salt         = salt,
                    HashPassword = EncryptionManager.EncodePassword("abc123", salt),
                    IsAdmin      = 0,
                    Status       = 0
                };
                bool result = UserPersistence.UpdateUser(Users);
                if (result)
                {
                    ViewBag.message = "User Updated";
                }
                else
                {
                    ViewBag.message = "That user could not be Updated";
                }
            }
            else
            {
                User Users = new User
                {
                    Id           = newUser.Id,
                    Name         = newName,
                    EmailAddress = newUser.EmailAddress,
                    Salt         = salt,
                    HashPassword = EncryptionManager.EncodePassword("abc123", salt),
                    IsAdmin      = 0,
                    Status       = 0
                };

                bool result = UserPersistence.UpdateUser(Users);
                if (result)
                {
                    ViewBag.message = "User Updated";
                }
                else
                {
                    ViewBag.message = "That user could not be Updated";
                }
            }
            return(View(newUser));
        }
        public ActionResult SignUp(RegisterCredential registerCredential)
        {
            ViewBag.Title = "SignUp";
            // Validate book data from the transaction
            if (registerCredential == null)
            {
                TempData["signupMessage"] = "Error: Invalid Request - please try again";
                return(View(new RegisterCredential()));
            }
            if (registerCredential.Name == null || registerCredential.Name.Length == 0)
            {
                TempData["signupMessage"] = "Error: Name is required";
                return(View(registerCredential));
            }
            if (registerCredential.Email == null || registerCredential.Email.Length == 0 || !registerCredential.Email.Contains("@"))
            {
                TempData["signupMessage"] = "Error: Please type a valid mail";
                return(View(registerCredential));
            }
            if (registerCredential.Password == null)
            {
                TempData["signupMessage"] = "Error: Please type a valid password";
                return(View(registerCredential));
            }

            // Create the user
            String salt = EncryptionManager.PasswordSalt;

            System.Diagnostics.Debug.WriteLine("signup passhash: " + EncryptionManager.EncodePassword(registerCredential.Password, salt));
            System.Diagnostics.Debug.WriteLine("signup salt: " + salt);

            User user = new User
            {
                UserId       = registerCredential.UserId,
                Salt         = salt,
                PasswordHash = EncryptionManager.EncodePassword(registerCredential.Password, salt),
                Name         = registerCredential.Name,
                Email        = registerCredential.Email,
                IsAdmin      = false,
                IsActive     = true,
                RegisterDate = DateTime.Now,
                Age          = registerCredential.Age,
                IsProvider   = registerCredential.IsProvider
            };

            System.Diagnostics.Debug.WriteLine("user passhash: " + user.PasswordHash);
            System.Diagnostics.Debug.WriteLine("user salt: " + user.Salt);
            //Add user

            bool result = UserManager.AddNewUser(user);

            if (result)
            {
                TempData["signupMessage"] = "";
                return(RedirectToAction("Index", "Home"));
            }
            else
            {
                TempData["signupMessage"] = "User name " + registerCredential.UserId + " already exists, try again";
                return(View(registerCredential));
            }
        }