public static bool IsUsernameValid(string username, string password) { if (dbCon.State == ConnectionState.Closed) { dbCon.Open(); } string encryptedPassword = RijndaelEncryptDecrypt.Encrypt(password, encDecKey); string sqlCommand = String.Format(@"SELECT UserName, Password FROM Users WHERE UserName = '******' AND Password = '******'", username, encryptedPassword); SqlCeCommand command = new SqlCeCommand(sqlCommand, dbCon); SqlCeDataReader reader = command.ExecuteReader(); using (reader) { bool isValid = false; if (reader.Read()) { // case sensitive string dbUsername = (string)reader["UserName"]; if (dbUsername == username) { isValid = true; } } dbCon.Close(); return(isValid); } }
internal static string GetPasswordByEmail(string email) { if (dbCon.State == ConnectionState.Closed) { dbCon.Open(); } SqlCeCommand cmd = new SqlCeCommand(); cmd.Connection = dbCon; cmd.CommandText = String.Format( @"SELECT Email, Password FROM Users WHERE Email='{0}'", email); SqlCeDataReader reader = cmd.ExecuteReader(); if (reader.Read()) { string encryptedPassword = (string)reader["Password"]; string decryptedPassword = RijndaelEncryptDecrypt.Decrypt(encryptedPassword, encDecKey); return(decryptedPassword); } else { throw new ArgumentException("This email doesn't exist in database."); } }
internal static void ChangeUserData(string username, string newUserName, string newPassword, string newEmail, string newName) { if (dbCon.State == ConnectionState.Closed) { dbCon.Open(); } SqlCeCommand cmd = new SqlCeCommand(); cmd.Connection = dbCon; string encryptedPassword = RijndaelEncryptDecrypt.Encrypt(newPassword, encDecKey); //cmd.CommandText = String.Format( // @"ALTER TABLE History NOCHECK CONSTRAINT UserName"); //cmd.ExecuteNonQuery(); //cmd.CommandText = String.Format( // @"UPDATE History SET UserName = '******' WHERE UserName = '******'",newUserName,username); //cmd.ExecuteNonQuery(); cmd.CommandText = String.Format( @"UPDATE Users SET UserName='******', Password='******', Name='{2}', Email='{3}' Where UserName='******'", newUserName, encryptedPassword, newName, newEmail, username); cmd.ExecuteNonQuery(); //cmd.CommandText = String.Format( // @"ALTER TABLE History CHECK CONSTRAINT UserName"); cmd.ExecuteNonQuery(); dbCon.Close(); }
internal static void RegisterUser(string username, string password, string email, string name) { if (dbCon.State == ConnectionState.Closed) { dbCon.Open(); } string encryptedPassword = RijndaelEncryptDecrypt.Encrypt(password, encDecKey); string cmdString = String.Format(@"INSERT INTO Users(Username, Password, Type, Name, Email) VALUES ('{0}','{1}','{2}','{3}','{4}')", username, encryptedPassword, UserType.User.ToString(), name, email); SqlCeCommand cmd = new SqlCeCommand(cmdString, dbCon); cmd.ExecuteNonQuery(); dbCon.Close(); }
private void ButtonUpdateInformationClick(object sender, EventArgs e) { string name = textBoxName.Text; string newUsername = textBoxUsername.Text; string newPass = textBoxPassword.Text; string repeatedPass = textBoxRepeatPassword.Text; string email = textBoxEmail.Text; string encDecKey = "calorimeterPS"; string oldPass = RijndaelEncryptDecrypt.Encrypt(textBoxOldPassword.Text, encDecKey); if (string.IsNullOrWhiteSpace(name)) { MessageBox.Show("Enter valid name."); return; } if (string.IsNullOrWhiteSpace(newUsername)) { MessageBox.Show("Enter valid username."); return; } if (repeatedPass != newPass) { MessageBox.Show("Passwords didn't match."); return; } if (!IsValidEmail(email)) { MessageBox.Show("Enter valid email."); return; } if (oldPass != this.user.Password) { MessageBox.Show("Incorrect password."); return; } if (newUsername != user.Nickname && !DBManager.IsUernameFree(newUsername)) { MessageBox.Show("Username is already taken."); return; } if (email != user.Email && !DBManager.IsEmailFree(email)) { MessageBox.Show("Email is already taken."); return; } if (newPass == string.Empty) { newPass = RijndaelEncryptDecrypt.Decrypt(oldPass, encDecKey); } try { DBManager.ChangeUserData(this.user.Nickname, newUsername, newPass, email, name); this.NewUsername = newUsername; this.DialogResult = DialogResult.OK; this.Close(); } catch (Exception ex) { MessageBox.Show("Can't update data. " + ex.Message); } }