public static bool IsUsernameValid(string username, string password)
{
if (dbCon.State == ConnectionState.Closed)
{
dbCon.Open();
}
string encryptedPassword = RijndaelEncryptDecrypt.Encrypt(password, encDecKey);
string sqlCommand = String.Format(@"SELECT UserName, Password FROM Users
WHERE UserName = '******' AND Password = '******'", username, encryptedPassword);
SqlCeCommand command = new SqlCeCommand(sqlCommand, dbCon);
SqlCeDataReader reader = command.ExecuteReader();
using (reader)
{
bool isValid = false;
if (reader.Read())
{
// case sensitive
string dbUsername = (string)reader["UserName"];
if (dbUsername == username)
{
isValid = true;
}
}
dbCon.Close();
return(isValid);
}
}
internal static string GetPasswordByEmail(string email)
{
if (dbCon.State == ConnectionState.Closed)
{
dbCon.Open();
}
SqlCeCommand cmd = new SqlCeCommand();
cmd.Connection = dbCon;
cmd.CommandText = String.Format(
@"SELECT Email, Password FROM Users WHERE Email='{0}'", email);
SqlCeDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
string encryptedPassword = (string)reader["Password"];
string decryptedPassword = RijndaelEncryptDecrypt.Decrypt(encryptedPassword, encDecKey);
return(decryptedPassword);
}
else
{
throw new ArgumentException("This email doesn't exist in database.");
}
}
internal static void ChangeUserData(string username, string newUserName, string newPassword, string newEmail, string newName)
{
if (dbCon.State == ConnectionState.Closed)
{
dbCon.Open();
}
SqlCeCommand cmd = new SqlCeCommand();
cmd.Connection = dbCon;
string encryptedPassword = RijndaelEncryptDecrypt.Encrypt(newPassword, encDecKey);
//cmd.CommandText = String.Format(
// @"ALTER TABLE History NOCHECK CONSTRAINT UserName");
//cmd.ExecuteNonQuery();
//cmd.CommandText = String.Format(
// @"UPDATE History SET UserName = '******' WHERE UserName = '******'",newUserName,username);
//cmd.ExecuteNonQuery();
cmd.CommandText = String.Format(
@"UPDATE Users SET UserName='******', Password='******', Name='{2}', Email='{3}' Where UserName='******'",
newUserName, encryptedPassword, newName, newEmail, username);
cmd.ExecuteNonQuery();
//cmd.CommandText = String.Format(
// @"ALTER TABLE History CHECK CONSTRAINT UserName");
cmd.ExecuteNonQuery();
dbCon.Close();
}
internal static void RegisterUser(string username, string password, string email, string name)
{
if (dbCon.State == ConnectionState.Closed)
{
dbCon.Open();
}
string encryptedPassword = RijndaelEncryptDecrypt.Encrypt(password, encDecKey);
string cmdString = String.Format(@"INSERT INTO Users(Username, Password, Type, Name, Email)
VALUES ('{0}','{1}','{2}','{3}','{4}')",
username, encryptedPassword, UserType.User.ToString(), name, email);
SqlCeCommand cmd = new SqlCeCommand(cmdString, dbCon);
cmd.ExecuteNonQuery();
dbCon.Close();
}
private void ButtonUpdateInformationClick(object sender, EventArgs e)
{
string name = textBoxName.Text;
string newUsername = textBoxUsername.Text;
string newPass = textBoxPassword.Text;
string repeatedPass = textBoxRepeatPassword.Text;
string email = textBoxEmail.Text;
string encDecKey = "calorimeterPS";
string oldPass = RijndaelEncryptDecrypt.Encrypt(textBoxOldPassword.Text, encDecKey);
if (string.IsNullOrWhiteSpace(name))
{
MessageBox.Show("Enter valid name.");
return;
}
if (string.IsNullOrWhiteSpace(newUsername))
{
MessageBox.Show("Enter valid username.");
return;
}
if (repeatedPass != newPass)
{
MessageBox.Show("Passwords didn't match.");
return;
}
if (!IsValidEmail(email))
{
MessageBox.Show("Enter valid email.");
return;
}
if (oldPass != this.user.Password)
{
MessageBox.Show("Incorrect password.");
return;
}
if (newUsername != user.Nickname && !DBManager.IsUernameFree(newUsername))
{
MessageBox.Show("Username is already taken.");
return;
}
if (email != user.Email && !DBManager.IsEmailFree(email))
{
MessageBox.Show("Email is already taken.");
return;
}
if (newPass == string.Empty)
{
newPass = RijndaelEncryptDecrypt.Decrypt(oldPass, encDecKey);
}
try
{
DBManager.ChangeUserData(this.user.Nickname, newUsername, newPass, email, name);
this.NewUsername = newUsername;
this.DialogResult = DialogResult.OK;
this.Close();
}
catch (Exception ex)
{
MessageBox.Show("Can't update data. " + ex.Message);
}
}
