public Usuari GetUser(string user, string pass)
{
String sql = "select * from users where username='******' and pass='******'";
Usuari p = null;
MySqlCommand cmd = new MySqlCommand(sql, connection);
MySqlDataReader sdr = cmd.ExecuteReader();
p = new Usuari();
if (sdr.Read())
{
p.id = sdr[0].ToString();
p.email = sdr[1].ToString();
p.nick = sdr[2].ToString();
p.pass = sdr[3].ToString();
p.hash = sdr[4].ToString();
p.rol = sdr[5].ToString();
sdr.Close();
return(p);
}
else
{
p.id = null;
sdr.Close();
return(p);
}
}
public bool NewUser(Usuari p)
{
string sql = "INSERT INTO users( username, pass, hash, nickname) VALUES ('" + p.email + "','" + p.pass + "','" + p.hash + "','" + p.nick + "');";
MySqlCommand cmd = new MySqlCommand(sql)
{
Connection = connection
};
cmd.ExecuteNonQuery();
return(true);
}
protected void Button1_Click(object sender, EventArgs e)
{
Usuari userAux = (Usuari)Session["user"];
userAux.nick = nickname.Text;
if (verifyCode.Text == userAux.hash)
{
if (bd.NewUser(userAux))
{
Session["user"] = userAux;
Response.Redirect("user.aspx");
}
}
else
{
Label4.Text = "Codigo de verificacion erroneo";
}
}
protected void Button1_Click(object sender, EventArgs e)
{
string pass = bd.Encrypt(password.Text);
string uid = email.Text;
Usuari user = bd.GetUser(uid, pass);
if (user.id != null)
{
if (user.rol == "1")
{
Session["admin"] = true;
Response.Redirect("admin.aspx");
}
else if (user.rol == "0")
{
Session["user"] = user;
Response.Redirect("user.aspx");
}
}
else
{
Usuari userAux = new Usuari
{
email = uid,
pass = pass.ToString(),
};
string hash = bd.Encrypt(email.Text);
userAux.hash = hash;
Label4.Text = "Usuario no creado, hemos enviado un mail a la direccion que has especificado para la creacion del Usuario.";
try {
SEND_mail(email.Text, userAux.hash);
Session["user"] = userAux;
Response.Redirect("verify.aspx");
} catch (Exception ex)
{
Label4.Text = "Formato de mail erroneo";
}
}
}
protected void newComent_Click(object sender, EventArgs e)
{
Coment c = new Coment();
c.comentarioTexto = comment.InnerText;
if (Uploader.HasFile)
{
try
{
if (Uploader.PostedFile.ContentType == "image/jpeg" || Uploader.PostedFile.ContentType == "image/png" || Uploader.PostedFile.ContentType == "image/jpg")
{
if (Uploader.PostedFile.ContentLength < 102400000)
{
string filename = Uploader.FileName;
Uploader.SaveAs(MapPath("~/img/") + filename);
c.imgPath = filename;
labelError.Text = "Upload status: File uploaded!";
}
}
else
{
labelError.Text = "Upload status: Only Images are accepted!";
System.IO.StreamWriter fp;
try
{
fp = System.IO.File.AppendText(Server.MapPath("~/img/") + "log.txt");
fp.WriteLine("File is not an image");
labelError.Text = "File Succesfully created!";
fp.Close();
}
catch (Exception ex)
{
labelError.Text = "File Creation failed. Reason is as follows" + ex.ToString();
}
}
}
catch (Exception ex)
{
labelError.Text = "Upload status: The file could not be uploaded. The following error occured: " + ex.Message;
}
}
else
{
c.imgPath = null;
}
Ruta ruta = (Ruta)Session["ruta"];
c.idRuta = ruta.id;
Usuari user = (Usuari)Session["user"];
c.userID = int.Parse(user.id);
if (Page.IsPostBack)
{
bd.NewComent(c);
}
bd.NewRating(ruta.id, int.Parse(user.id), int.Parse(rating.Text));
Response.Redirect(Request.Url.AbsoluteUri);
}