static DateTime GetLastLogin(DBConnection db, int accountId) { if (GetOnlineAccount(accountId) != null) return DateTime.UtcNow; var result = db.Evaluate("select datetime from account_login where account_id = {0} order by datetime desc limit 1", accountId); if (result is uint) return Utility.FromUnixTimestamp(Convert.ToInt32(result)); else return DateTime.MinValue; }
static bool CanSend(DBConnection db, int sourceId) { var time = Utility.UnixTimestamp(DateTime.UtcNow) - 3600; return Convert.ToInt32(db.Evaluate("select Count(distinct to_id) from message where from_id = " + sourceId + " and time > " + time)) <= 10; }
string ModifyPassword(string oldPassword, string newPassword, string newPasswordVerify) { using (var db = new DBConnection()) { var realOldPassword = db.Evaluate("select password from account where id = {0}", Account.Id) as String; if (LT.HtmlUtils.CalculateHash(oldPassword) != realOldPassword) { return "Unable to modify your password.<br>You did not enter the correct current password."; } if (newPassword != newPasswordVerify) { return "Unable to modify your password.<br>The new passwords you entered do not match."; } if (newPassword.Length < 5) { return "Unable to modify your password.<br>Password must be at least five letters."; } db.Execute("update account set password = '******' where id = {1}", DBConnection.AddSlashes(LT.HtmlUtils.CalculateHash(newPassword)), Account.Id); } return "Password modified successfully."; }
string ModifyLoginName(string newLoginName) { if (!Account.Name.EndsWith('-' + Account.Id.ToString())) return "You cannot change your login name"; using (var db = new DBConnection()) { newLoginName = newLoginName.Trim(new char[] { ' ', '\t', '\n', '\r', '0' }); if (newLoginName != System.Web.HttpUtility.HtmlEncode(newLoginName) || newLoginName != DBConnection.AddSlashes(newLoginName)) return "Invalid login name."; if (db.Evaluate("select name from account where name = '" + DBConnection.AddSlashes(newLoginName) + "'") != null) return "Login name already taken"; db.Execute("update account set name = '" + DBConnection.AddSlashes(newLoginName) + "' where id = " + Account.Id); Account.Name = newLoginName; // SendEmail(Account.EmailAddress, Account.Name, "New Login Name", String.Format( //@"You've changed your login to {0} // //You can change your account name and password at http://{1}/Account/Settings //", Account.Name,Request.Url.Host)); } return "Login name modified successfully. It will not be updated in your current games."; }
string ModifyEmail(string newEmail) { newEmail = newEmail.Trim(); using (var db = new DBConnection()) { if (!HtmlUtils.IsValidEmailAddress(newEmail)) return "Unable to modify email address.<br>You need to enter a valid email address."; if (db.Evaluate("select email from account where email = '{0}' and id <> {1}", DBConnection.AddSlashes(newEmail), Account.Id) != null) return "There is already an account with that email address."; db.Execute("update account set email = '" + DBConnection.AddSlashes(newEmail) + "' where id = " + Account.Id); Account.EmailAddress = newEmail; } return "Email modified successfully."; }
protected string CreateAccount(string loginName, string password, string passwordVerify, string email, out int accountId, bool isTempLoginName = false) { accountId = 0; loginName = loginName.Trim(new char[] { ' ', '\t', '\n', '\r', '0' }); email = email.Trim(); if (!LT.HtmlUtils.IsValidEmailAddress(email)) return "You need to enter a valid email address."; if (loginName != System.Web.HttpUtility.HtmlEncode(loginName) || loginName != DBConnection.AddSlashes(loginName)) return "Invalid login name."; using (var db = new DBConnection()) { if (db.Evaluate("select name from account where name = '" + DBConnection.AddSlashes(loginName) + "'") != null) return "Login name already taken"; if (db.Evaluate("select email from account where email = '" + DBConnection.AddSlashes(email) + "'") != null) return "There is already an account with that email address."; if (password != passwordVerify) return "The passwords you entered do not match."; if (password.Length < 5) return "Password must be at least five letters."; db.Execute ( "insert into account (name, password, signed_up, email, referred_by, OptOutKey) values('{0}', '{1}', '{2}', '{3}', '{4}', {5})", DBConnection.AddSlashes(loginName), DBConnection.AddSlashes(LT.HtmlUtils.CalculateHash(password)), Utility.UnixTimestamp(DateTime.Now), DBConnection.AddSlashes(email), GetInt("ReferredBy"), Utility.Random.Next(1000000) ); accountId = Convert.ToInt32(db.LastInsertID); if (isTempLoginName) db.Execute("update account set name = concat(name, '-', id) where id = {0}", accountId); // append -ID } return String.Empty; }