/// <summary> /// Fetches the specified account from the database /// </summary> /// <param name="id">The id of the account</param> /// <returns></returns> public Account GetAccount(string id, out bool success) { StringBuilder infos = new StringBuilder(); for (int i = 1; i < 11; i++) { infos.Append(", info").Append(i.ToString()); } string query = "SELECT hid, name, occupation" + infos.ToString() + ", location, email, radius, isVisible, showLog FROM Tbl_user WHERE id = " + id + " LIMIT 1;"; SqlApiRequest sqlRequest = SqlApiRequest.Create(SqlRequestId.GetDataArray, query, 18); SqlDataArrayResponse dataArrayResponse = AwaitDataArrayResponse(sqlRequest, out bool sqlSuccess); if (!sqlSuccess) { success = false; return(null); } string[] account = dataArrayResponse.Result; if (!dataArrayResponse.Success || account.Length != 18) { ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to fetch account info."); success = false; return(null); } string userid = account[0]; AesContext aesContext = new AesContext(userid); string name = aesContext.DecryptOrDefault(account[1]); string occupation = aesContext.DecryptOrDefault(account[2]); string info1 = aesContext.DecryptOrDefault(account[3]); string info2 = aesContext.DecryptOrDefault(account[4]); string info3 = aesContext.DecryptOrDefault(account[5]); string info4 = aesContext.DecryptOrDefault(account[6]); string info5 = aesContext.DecryptOrDefault(account[7]); string info6 = aesContext.DecryptOrDefault(account[8]); string info7 = aesContext.DecryptOrDefault(account[9]); string info8 = aesContext.DecryptOrDefault(account[10]); string info9 = aesContext.DecryptOrDefault(account[11]); string info10 = aesContext.DecryptOrDefault(account[12]); string location = account[13]; string email = account[14]; bool successParse1 = int.TryParse(account[15], out int radius); bool successParse2 = int.TryParse(account[16], out int isVisible); bool successParse3 = int.TryParse(account[17], out int showLog); if (!successParse1 || !successParse2 || !successParse3) { ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to fetch account info."); success = false; return(null); } AccountInfo accountInfo = new AccountInfo(name, occupation, info1, info2, info3, info4, info5, info6, info7, info8, info9, info10, location, radius, userid, email, Convert.ToBoolean(isVisible), Convert.ToBoolean(showLog)); success = true; return(new Account(accountInfo, false, id)); }
public override void Process(ApiServer server) { if (server.AssertServerSetup(this) || server.AssertAccountNull()) { return; } using DatabaseManager databaseManager = new DatabaseManager(server); string query = "SELECT isOnline, name, hid, id FROM Tbl_user WHERE email = \'" + DatabaseEssentials.Security.Sanitize(Email) + "\';"; SqlApiRequest sqlRequest = SqlApiRequest.Create(SqlRequestId.GetDataArray, query, 4); SqlDataArrayResponse dataArrayResponse = databaseManager.AwaitDataArrayResponse(sqlRequest, out bool success); if (!success) { return; } string[] data = dataArrayResponse.Result; if (!dataArrayResponse.Success || data.Length != sqlRequest.ExpectedColumns) { ApiError.Throw(ApiErrorCode.InvalidUser, server, "No account is associated with this email address."); return; } string isOnline = data[0]; string encryptedName = data[1]; string userid = data[2]; server.Account = new Account(null, false, data[3]); if (!isOnline.Equals("0")) { ApiError.Throw(ApiErrorCode.AlreadyOnline, server, "Already logged in from another device."); return; } AesContext aesContext = new AesContext(userid); string name = aesContext.DecryptOrDefault(encryptedName); server.Account = new Account { AuthenticationCode = SecurityManager.GenerateSecurityCode(), AuthenticationId = ApiRequestId.ConfirmPasswordReset, AuthenticationTime = DatabaseEssentials.GetTimeStamp() }; EmailManager emailManager = EmailManager.Create(Subject.ResetPassword, Email, string.IsNullOrEmpty(name) ? "user" : name, server.Account.AuthenticationCode); emailManager.Send(); GenericSuccessResponse response = new GenericSuccessResponse(ResponseId.PasswordReset, true); SerializedApiResponse serializedApiResponse = SerializedApiResponse.Create(response); string json = serializedApiResponse.Serialize(); server.Send(json); server.UnitTesting.MethodSuccess = true; }
static void RunCheck(AesContext context, byte[] bytes, byte[] cipher, bool parallel = false) { Stopwatch sw = new Stopwatch(); Console.WriteLine("Encryption: "); sw.Start(); var encryptedBytes = context.EncryptBytes(bytes, cipher, parallel); sw.Stop(); Console.WriteLine($"Time: {sw.ElapsedMilliseconds} ms."); Console.WriteLine("Decryption: "); sw.Restart(); var roundTrip = context.DecryptBytes(encryptedBytes, cipher, parallel); sw.Stop(); Console.WriteLine($"Time: {sw.ElapsedMilliseconds} ms."); }
public override void Process(ApiServer server) { if (server.AssertServerSetup(this) || AccountInfo == null) { ApiError.Throw(ApiErrorCode.InvalidArgument, server, "AccountInfo was null."); return; } if (server.AssertUserOnline() || server.AssertIdSet() || server.AssertAccountInfoNotNull()) { return; } using DatabaseManager databaseManager = new DatabaseManager(server); string query; bool success; if (string.IsNullOrEmpty(server.Account.AccountInfo.UserId)) { query = "SELECT hid FROM Tbl_user WHERE id = " + DatabaseEssentials.Security.Sanitize(server.Account.Id); SqlApiRequest sqlRequest = SqlApiRequest.Create(SqlRequestId.GetSingleOrDefault, query, 1); SqlSingleOrDefaultResponse singleOrDefaultResponse = databaseManager.AwaitSingleOrDefaultResponse(sqlRequest, out success); if (!success) { return; } if (!singleOrDefaultResponse.Success) { ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to determine userid."); return; } server.Account.AccountInfo.UserId = singleOrDefaultResponse.Result; } AesContext aesContext = new AesContext(server.Account.AccountInfo.UserId); string cryptoName = aesContext.EncryptOrDefault(AccountInfo.Name); string cryptoOccupation = aesContext.EncryptOrDefault(AccountInfo.Occupation); StringBuilder stringBuilder = new StringBuilder(); string[] infos = new string[] { AccountInfo.Info1, AccountInfo.Info2, AccountInfo.Info3, AccountInfo.Info4, AccountInfo.Info5, AccountInfo.Info6, AccountInfo.Info7, AccountInfo.Info8, AccountInfo.Info9, AccountInfo.Info10 }; for (int i = 0; i < infos.Length; i++) { stringBuilder.Append(", info").Append((i + 1).ToString()).Append(" = \'").Append(aesContext.EncryptOrDefault(infos[i])).Append('\''); } query = "UPDATE Tbl_user SET name = \'" + cryptoName + "\', occupation = \'" + cryptoOccupation + "\'" + stringBuilder.ToString() + ", location = \'" + DatabaseEssentials.Security.Sanitize(AccountInfo.Location) + "\', radius = " + AccountInfo.Radius.ToString() + ", isVisible = " + (AccountInfo.IsVisible ? "1" : "0") + ", showLog = " + (AccountInfo.ShowLog ? "1" : "0") + " WHERE id = " + DatabaseEssentials.Security.Sanitize(server.Account.Id) + ";"; SqlApiRequest sqlApiRequest = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1); SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlApiRequest, out success); if (!success) { return; } if (!modifyDataResponse.Success) { ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to update account info."); return; } GenericSuccessResponse successResponse = new GenericSuccessResponse(ResponseId.UpdateAccountInfo, true); SerializedApiResponse serializedApiResponse = SerializedApiResponse.Create(successResponse); string json = serializedApiResponse.Serialize(); server.Send(json); server.UnitTesting.MethodSuccess = true; }