public HttpResponseMessage Post_login([FromBody] Token token, string username, string pass)
{
string json = "";
var res = Request.CreateResponse(HttpStatusCode.OK);
User_token c_user = new User_token();
MySqlConnection conn = new MySqlConnection(ConnnectData.connectionString);
string sql = "";
sql = " SELECT id,level,urlavatar,count_video from t_user t0" +
" where name='" + username + "' and pass='******'";
MySqlCommand cmd = new MySqlCommand(sql, conn);
MySqlDataAdapter adap = new MySqlDataAdapter(cmd);
DataSet ds = new DataSet();
adap.Fill(ds);
if (ds.Tables[0].Rows.Count == 1)
{
User us = new User();
us.id = Convert.ToInt32(ds.Tables[0].Rows[0]["id"].ToString());
us.level = Convert.ToInt32(ds.Tables[0].Rows[0]["level"].ToString());
us.urlavatar = ds.Tables[0].Rows[0]["urlavatar"].ToString();
us.count_video = Convert.ToInt32(ds.Tables[0].Rows[0]["count_video"].ToString());
c_user.user = us;
long re = UsingFunction.creat_token(c_user.user.id, token);
if (re == -1)
{
res = Request.CreateResponse(HttpStatusCode.BadRequest);
c_user.status = -1;
c_user.content = "BadRequest";
}
else
{
c_user.token = re;
c_user.status = 0;
c_user.content = "";
json = JsonConvert.SerializeObject(c_user);
res.Content = new StringContent(json.ToString(), Encoding.UTF8, "application/json");
}
return(res);
}
else
{
c_user.status = 1;
c_user.content = "Tài khoản hoặc mật khẩu không đúng";
json = JsonConvert.SerializeObject(c_user);
res.Content = new StringContent(json.ToString(), Encoding.UTF8, "application/json");
}
return(res);
}
public HttpResponseMessage Post_token([FromBody] Token token, int gettoken, int iduser)
{
var res = Request.CreateResponse(HttpStatusCode.OK);
RETURN_TOKEN xx = new RETURN_TOKEN();
if (gettoken == 1)
{
return(res = Request.CreateResponse(HttpStatusCode.BadRequest));
}
MySqlConnection conn = new MySqlConnection(ConnnectData.connectionString);
conn.Open();
bool isgetotken = false;
string sql = "";
MySqlCommand cmd = new MySqlCommand();
if (iduser > 0 && token.id > 0)
{
sql = "select * from t_user_temp where datediff(CURRENT_DATE,createtime)<=7 and id= '" + iduser + "' and token='" + token.id + "'";
cmd = new MySqlCommand(sql, conn);
MySqlDataAdapter adap = new MySqlDataAdapter(cmd);
DataSet ds = new DataSet();
adap.Fill(ds);
if (ds.Tables[0].Rows.Count > 0)
{
xx.token = token.id; xx.t_user = iduser;
return(res = Request.CreateResponse(HttpStatusCode.OK, xx));;
}
;
}
long re = UsingFunction.creat_token(0, token);
if (re == -1)
{
res = Request.CreateResponse(HttpStatusCode.BadRequest);
}
else
{
while (!isgetotken)
{
try
{
sql = "";
sql = " SELECT AUTO_INCREMENT as id FROM information_schema.TABLES WHERE TABLE_SCHEMA = 'xemphim' AND TABLE_NAME = 't_user_temp'";
cmd = new MySqlCommand(sql, conn);
MySqlDataAdapter adap = new MySqlDataAdapter(cmd);
DataSet ds = new DataSet();
adap.Fill(ds);
long id = Convert.ToInt32(ds.Tables[0].Rows[0]["id"].ToString());
string name_te = UsingFunction.randomname();
string url_te = UsingFunction.random_urlavatar();
sql = " insert into t_user_temp(id,name,createtime,urlavatar,token) values(" + id + ",'" + name_te + "',NOW(),'" + url_te + "'," + re + ")";
cmd = new MySqlCommand(sql, conn);
int i = cmd.ExecuteNonQuery();
xx.token = re;
xx.t_user = id;
isgetotken = true;
}
catch (MySqlException e)
{
if (e.Number != 1062)
{
isgetotken = true;
}
}
catch (Exception e)
{
isgetotken = true;
}
finally
{
if (conn.State == ConnectionState.Open)
{
conn.Clone();
}
}
}
res = Request.CreateResponse(HttpStatusCode.OK, xx);
}
return(res);
}
