Example #1
0
        public static bool AddUser(UserProfile u)
        {
            bool success = false;
            using (SqlConnection conn = new SqlConnection(connectionstring))
            {
                //try
                //{
                    Guid userGuid = System.Guid.NewGuid();
                    SqlCommand cmd = new SqlCommand("UserAdd", conn);
                    string hashedPW = Security.Hash(u.password + userGuid.ToString());

                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.Parameters.Add(new SqlParameter("@Name", u.name));
                    cmd.Parameters.Add(new SqlParameter("@UserName", u.username));
                    cmd.Parameters.Add(new SqlParameter("@Password", hashedPW));
                    cmd.Parameters.Add(new SqlParameter("@GUID", userGuid));

                    conn.Open();
                    cmd.ExecuteNonQuery();
                    conn.Close();
                    success = true;
                //}
                /*catch
                {

                    success = false;
                }*/

            }
            return success;
        }
Example #2
0
        protected void Register(object sender, EventArgs e)
        {
            UserProfile newUser = new UserProfile();
            newUser.name = name.Text;
            newUser.username = inputLogin.Text;
            newUser.password = inputPassword.Text;

            if (Users.AddUser(newUser))
            {
                Response.Redirect("~/Default.aspx?Register=true");
            }

            Response.Redirect("~/Default.aspx?Register=false");
        }
Example #3
0
        public static UserProfile GetUser(int id)
        {
            UserProfile user = new UserProfile();
            using (SqlConnection conn = new SqlConnection(connectionstring))
            {
                SqlCommand cmd = new SqlCommand("UserGet", conn);

                cmd.CommandType = CommandType.StoredProcedure;
                cmd.Parameters.Add(new SqlParameter("@id", id));

                conn.Open();
                SqlDataReader dr = cmd.ExecuteReader();

                dr.Read();

                user.id = Convert.ToInt32(dr["id"]);
                user.name = Convert.ToString(dr["Name"]);
                user.username = Convert.ToString(dr["UserName"]);
                conn.Close();
            }
            return user;
        }