Example #1
0
        public void ChangeThePassword(String newPass)
        {
            dbcon = new Conf.dbs();
            ecr   = new Conf.Crypto();
            con   = new MySqlConnection(dbcon.getConnectionString());
            con.ConnectionString = dbcon.getConnectionString();
            String query = "UPDATE user_account SET user_password = ?user_password ";

            query += "WHERE user_id = ?user_id";
            try
            {
                con.Open();
                MySqlCommand cmd = new MySqlCommand(query, con);
                ecr.Hashed(newPass);
                String hashpass = ecr.retreiveHash();
                cmd.Parameters.AddWithValue("?user_password", hashpass);
                cmd.Parameters.AddWithValue("?user_id", this.catchUserID());
                cmd.ExecuteNonQuery();
                cmd.Dispose();
            }
            finally
            {
                con.Close();
            }
        }
Example #2
0
        public void Add(Int32 user_id, String user_name, String user_password, String first_name, String middle_name, String last_name)
        {
            crypts = new Conf.Crypto();
            con    = new MySqlConnection();
            dbcon  = new Conf.dbs();
            con.ConnectionString = dbcon.getConnectionString();
            String query1 = "INSERT INTO user_account (user_id, user_name, user_password, date_created) VALUES";

            query1 += "(?user_id, ?user_name, ?user_password, ?date_created)";
            String query2 = "INSERT INTO user_information (user_id, first_name, middle_name, last_name) VALUES";

            query2 += "(?user_id, ?first_name, ?middle_name, ?last_name)";
            String query3 = "INSERT INTO user_access_restrictions (user_id) VALUES";

            query3 += "(?user_id)";
            try
            {
                con.Open();
                crypts.Hashed(user_password);
                passcrypt = crypts.retreiveHash();
                MySqlCommand cmd1 = new MySqlCommand(query1, con);
                MySqlCommand cmd2 = new MySqlCommand(query2, con);
                MySqlCommand cmd3 = new MySqlCommand(query3, con);
                cmd1.Parameters.AddWithValue("?user_id", user_id);
                cmd1.Parameters.AddWithValue("?user_name", user_name);
                cmd1.Parameters.AddWithValue("?user_password", passcrypt);
                cmd1.Parameters.AddWithValue("?date_created", DateTime.Now.ToLongDateString() + " at " + DateTime.Now.ToLongTimeString());
                cmd2.Parameters.AddWithValue("?user_id", user_id);
                cmd2.Parameters.AddWithValue("?first_name", first_name);
                cmd2.Parameters.AddWithValue("?middle_name", middle_name);
                cmd2.Parameters.AddWithValue("?last_name", last_name);
                cmd3.Parameters.AddWithValue("?user_id", user_id);
                cmd1.ExecuteNonQuery();
                cmd1.Dispose();
                cmd2.ExecuteNonQuery();
                cmd2.Dispose();
                cmd3.ExecuteNonQuery();
                cmd3.Dispose();
            }
            finally
            {
                con.Close();
            }
        }
Example #3
0
        public bool isAuth(String user_name, String user_password)
        {
            con    = new MySqlConnection();
            crypts = new Conf.Crypto();
            dbcon  = new Conf.dbs();
            bool   isAuth = false;
            String crypt  = "";

            con.ConnectionString = dbcon.getConnectionString();
            String sql = "SELECT * FROM user_account ";

            sql += "WHERE user_name = ?user_name AND user_password = ?user_password";
            try
            {
                con.Open();
                crypts.Hashed(user_password);
                crypt = crypts.retreiveHash();
                MySqlCommand cmd = new MySqlCommand(sql, con);
                cmd.Parameters.Add("?user_name", MySqlDbType.VarChar, 35).Value     = user_name;
                cmd.Parameters.Add("?user_password", MySqlDbType.VarChar, 45).Value = crypt;
                Validate(user_name);
                Validate(user_password);
                MySqlDataReader rdr = cmd.ExecuteReader();
                if (rdr.Read())
                {
                    isAuth = true;
                }
                else
                {
                    isAuth = false;
                }
            }
            finally
            {
                con.Close();
            }
            return(isAuth);
        }
Example #4
0
        public void resetPassword(String user_name)
        {
            crypts = new Conf.Crypto();
            con    = new MySqlConnection();
            dbcon  = new Conf.dbs();
            con.ConnectionString = dbcon.getConnectionString();
            String query = "UPDATE user_account SET user_password = ?user_password";

            query += " WHERE user_name = ?user_name";
            try
            {
                con.Open();
                crypts.Hashed(defaultPassword);
                passcrypt = crypts.retreiveHash();
                MySqlCommand cmd = new MySqlCommand(query, con);
                cmd.Parameters.AddWithValue("?user_password", passcrypt);
                cmd.Parameters.AddWithValue("?user_name", user_name);
                cmd.ExecuteNonQuery();
            }
            finally
            {
                con.Close();
            }
        }