public static Boolean RegisterVeterinary(String nome, UInt32 idade, String morada, String especialidade, String email, Double contacto, String password)
{
String SaltKey = SEM.GetSerialKeyAlphaNumaric(8);
db = new SQLDatabaseManager();
Dictionary <String, String> InsertData = new Dictionary <String, String>()
{
{ "NOME", nome },
{ "PASSWORD", SEM.Encrypt(password, SaltKey) },
{ "EMAIL", email },
{ "CONTACTO", Convert.ToString(contacto) },
{ "MORADA", morada },
{ "SEXO", "M" },
{ "HASH", SaltKey },
{ "ESPECIALIDADE", especialidade },
{ "IDADE", Convert.ToString(idade) }
};
if (db.Insert("dbo.VETERINARIO", InsertData))
{
String query = String.Format("SELECT IDVETERINARIO FROM dbo.VETERINARIO WHERE NOME='{0}' AND HASH='{1}' AND EMAIL='{2}'",
nome, SaltKey, email);
DataTable temp;
temp = db.GetDataTable(query);
String LastInsertID = null;
foreach (DataRow r in temp.Rows)
{
LastInsertID = r["IDVETERINARIO"].ToString();
break;
}
InsertData = new Dictionary <String, String>()
{
{ "IDUSER", LastInsertID },
{ "IDPERMISSAO", "2" },
{ "EMAIL", email }
};
if (db.Insert("dbo.ACESSOS", InsertData))
{
return(true);
}
else
{
return(false);
}
}
else
{
return(false);
}
}
public static Boolean Register(DropDownList DropDownTipo, Literal ErrorMessage, params String[] Parameter)
{
if (Parameter.Length != 8)
{
ErrorMessage.Text = "";
return(false);
}
if (DropDownTipo.SelectedValue == "-1")
{
ErrorMessage.Text = "Escolha o tipo de cliente.";
return(false);
}
if (DropDownTipo.SelectedValue == "1")
{
if (Parameter[6].Length != 8)
{
ErrorMessage.Text = "Cartão de Cidadão inválido";
return(false);
}
if (AccountExists(Parameter[2], Parameter[6], "-1"))
{
ErrorMessage.Text = "Conta já existente";
return(false);
}
}
else if (DropDownTipo.SelectedValue == "2")
{
if (Parameter[7].Length != 9)
{
ErrorMessage.Text = "Contribuinte inválido";
return(false);
}
if (AccountExists(Parameter[2], "-1", Parameter[7]))
{
ErrorMessage.Text = "Conta já existente";
return(false);
}
}
if (Parameter[3].Length < 6 || Parameter[3].Length > 15)
{
ErrorMessage.Text = "Contacto inválido";
return(false);
}
String SaltKey = SEM.GetSerialKeyAlphaNumaric(8);
String ActivationCode = SEM.GetSerialKeyAlphaNumaric(16);
db = new SQLDatabaseManager();
Dictionary <String, String> InsertData = new Dictionary <String, String>()
{
{ "NOME", Parameter[0] },
{ "PASSWORD", SEM.Encrypt(Parameter[1], SaltKey) },
{ "EMAIL", Parameter[2] },
{ "CONTACTO", Parameter[3] },
{ "MORADA", Parameter[4] },
{ "SEXO", Parameter[5] },
{ "TIPO", DropDownTipo.SelectedValue.ToString() },
{ "HASH", SaltKey },
{ "CODIGO", ActivationCode },
{ "ESTADO", "0" },
{ "BI", Parameter[6] },
{ "CONTRIBUINTE", Parameter[7] }
};
if (db.Insert("dbo.CLIENTE", InsertData))
{
String query = String.Format("SELECT IDCLIENTE FROM dbo.CLIENTE WHERE NOME='{0}' AND HASH='{1}' AND EMAIL='{2}'",
Parameter[0], SaltKey, Parameter[2]);
DataTable temp;
temp = db.GetDataTable(query);
String LastInsertID = null;
foreach (DataRow r in temp.Rows)
{
LastInsertID = r["IDCLIENTE"].ToString();
break;
}
InsertData = new Dictionary <String, String>()
{
{ "IDUSER", LastInsertID },
{ "IDPERMISSAO", "1" },
{ "EMAIL", Parameter[2] }
};
db.Insert("dbo.ACESSOS", InsertData);
if (Mailer.SendMail(Mailer.CreateMail(Parameter[2], ActivationCode)))
{
ErrorMessage.Text = "Conta criada com sucesso!";
}
else
{
ErrorMessage.Text = "Erro ao enviar email!";
}
}
else
{
ErrorMessage.Text = "Erro ao criar conta!";
return(false);
}
return(true);
}
public static UInt32 Login(String Email, String Password, HttpResponse Resp)
{
db = new SQLDatabaseManager();
String query = "SELECT * FROM dbo.ACESSOS WHERE EMAIL='" + Email + "'";
DataTable temp;
UInt32 accesslevel = 50;
temp = db.GetDataTable(query);
if (temp.Rows.Count == 0)
{
return(0);
}
foreach (DataRow r in temp.Rows)
{
accesslevel = Convert.ToUInt32(r["IDPERMISSAO"].ToString());
break;
}
switch (accesslevel)
{
case 1: //Cliente
String SaltKey = null;
query = "SELECT HASH FROM dbo.CLIENTE WHERE EMAIL='" + Email + "'";
temp = db.GetDataTable(query);
foreach (DataRow r in temp.Rows)
{
SaltKey = r["HASH"].ToString();
break;
}
query = "SELECT * FROM dbo.CLIENTE WHERE EMAIL='" + Email + "' AND PASSWORD='******' AND ESTADO <> -1";
temp = db.GetDataTable(query);
if (temp.Rows.Count == 0)
{
return(0);
}
foreach (DataRow r in temp.Rows)
{
if (r["ESTADO"].ToString() == "0")
{
Resp.Redirect("~/Account/Activate?Email=" + Email);
return(0);
}
}
return(1);
case 2: //Veterinario
SaltKey = null;
query = "SELECT HASH FROM dbo.VETERINARIO WHERE EMAIL='" + Email + "'";
temp = db.GetDataTable(query);
foreach (DataRow r in temp.Rows)
{
SaltKey = r["HASH"].ToString();
break;
}
query = "SELECT * FROM dbo.VETERINARIO WHERE EMAIL='" + Email + "' AND PASSWORD='******'";
temp = db.GetDataTable(query);
if (temp.Rows.Count == 0)
{
return(0);
}
return(2);
case 3: //Admin
SaltKey = null;
query = "SELECT HASH FROM dbo.ADMIN WHERE EMAIL='" + Email + "'";
temp = db.GetDataTable(query);
foreach (DataRow r in temp.Rows)
{
SaltKey = r["HASH"].ToString();
break;
}
query = "SELECT * FROM dbo.ADMIN WHERE EMAIL='" + Email + "' AND PASSWORD='******'";
temp = db.GetDataTable(query);
if (temp.Rows.Count == 0)
{
return(0);
}
return(3);
default: //Desconhecido
return(0);
}
}
