public static TutorType TutorLogin(string email = "", string password = "", int tzOs = 0, string conStr = "") { TutorType tutor = null; using (SqlConnection con = new SqlConnection(conStr)) { SqlCommand cmd = new SqlCommand("sp_ManageUsers", con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Mode", Value = "CheckLogin" }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Email", Value = email }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Password", Value = password }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@TimeZoneOffset", Value = tzOs }); con.Open(); SqlDataReader rdr = cmd.ExecuteReader(); if (rdr.HasRows) { while (rdr.Read()) { tutor = new TutorType(rdr); } } con.Close(); } return(tutor); }
//To be discussed !! (What to return) public static TutorType UserSignUp(User user, string actUrl, string conStr = "") { TutorType tutor = null; const int MAXIMUM_PASSWORD_ATTEMPTS = 10000; bool includeLowercase = true; bool includeUppercase = true; bool includeNumeric = true; bool includeSpecial = false; int lengthOfPassword = 16; PasswordGeneratorSettings settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, lengthOfPassword); string password; if (!settings.IsValidLength()) { password = settings.LengthErrorMessage(); } else { int passwordAttempts = 0; do { password = PasswordGenerator.GeneratePassword(settings); passwordAttempts++; }while (passwordAttempts < MAXIMUM_PASSWORD_ATTEMPTS && !PasswordGenerator.PasswordIsValid(settings, password)); password = PasswordGenerator.PasswordIsValid(settings, password) ? password : "******"; } user.ActivationCode = password; using (SqlConnection con = new SqlConnection(conStr)) { using (SqlCommand cmd = new SqlCommand("sp_ManageUsers", con)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Mode", Value = "Insert" }); cmd.Parameters.Add("@FirstName", SqlDbType.VarChar).Value = user.FirstName; cmd.Parameters.Add("@LastName", SqlDbType.VarChar).Value = user.LastName; cmd.Parameters.Add("@Email", SqlDbType.VarChar).Value = user.Email; cmd.Parameters.Add("@Password", SqlDbType.VarChar).Value = user.Password; cmd.Parameters.Add("@ActivationCode", SqlDbType.VarChar).Value = user.ActivationCode; cmd.Parameters.Add("@CountryId", SqlDbType.Int).Value = user.LocationSettings.Country.Id; cmd.Parameters.Add("@ObjEntityId", SqlDbType.Int).Value = (Byte)user.Type; cmd.Parameters.Add("@TimeZoneOffset", SqlDbType.Int).Value = user.TimezoneOffset; con.Open(); int rows = cmd.ExecuteNonQuery(); bool success = false; if (rows > 0) { //TODO: Notify SecondaryEmail first if any. string htmlString = "<html><body><h1>Dear " + user.FirstName + ",</h1><br/>" + "<h6>Please click on the link below to activate your account:</h6><br/><br/>" + "<a href=\"" + actUrl + "/" + user.UserId + "/" + user.ActivationCode + "\">Activate</a></body></html>"; success = new EmailNotifier { From = "*****@*****.**", //TODO: Read from DB Password = "******", //TODO: Read from DB To = new string[] { user.Email }, Subject = "INTO Account", Body = htmlString, IsBodyHtml = true, SmtpServer = "smtp.gmail.com", SmtpPort = 587, IsSSL = true }.Notify(); } if (success) { tutor = new TutorType { FirstName = user.FirstName, LastName = user.LastName, Active = false, LocationSettings = user.LocationSettings, Phone = user.Phone, Email = user.Email, Password = user.Password }; } } return(tutor); } }
//To be discussed !! (What to return) public static TutorType UserSignUp_(string firstName = "", string lastName = "", string email = "", string password = "", int tzOs = 0, int countryId = 0, string conStr = "") { TutorType us = new TutorType(); us = null; using (SqlConnection con = new SqlConnection(conStr)) { SqlCommand cmd = new SqlCommand("sp_ManageUsers", con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Mode", Value = "Insert" }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@FirstName", Value = firstName }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@LastName", Value = lastName }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Email", Value = email }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Password", Value = password }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@CountryId", Value = countryId }); //@ObjName cmd.Parameters.Add(new SqlParameter() { ParameterName = "@ObjName", Value = "Tutor" }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@LanguageId", Value = 1 }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Active", Value = 0 }); try { con.Open(); cmd.ExecuteNonQuery(); con.Close(); us = TutorLogin(email, password, tzOs, conStr); return(us); } catch (Exception) { return(us); } } }
public static User Login(EntityType type, string email = "", string password = "", int tzOs = 0, string conStr = "") { User user = null; switch (type) { case EntityType.Tutor: user = TutorLogin(email, password, tzOs, conStr); break; case EntityType.Student: user = StudentLogin(email, password, tzOs, conStr); break; case EntityType.Parent: user = ParentLogin(email, password, tzOs, conStr); break; case EntityType.School: user = SchoolLogin(email, password, tzOs, conStr); break; } using (SqlConnection con = new SqlConnection(conStr)) { SqlCommand cmd = new SqlCommand("sp_ManageUsers", con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Mode", Value = "CheckLogin" }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Email", Value = email }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@Password", Value = password }); cmd.Parameters.Add(new SqlParameter() { ParameterName = "@TimeZoneOffset", Value = tzOs }); con.Open(); SqlDataReader rdr = cmd.ExecuteReader(); if (rdr.HasRows) { //jinan rdr.Read(); if (rdr["EntityType"] != DBNull.Value) { byte entityType = Convert.ToByte(rdr["EntityType"]); type = (EntityType)entityType; switch (type) { case EntityType.Tutor: user = new TutorType(rdr); break; case EntityType.Student: user = new StudentType(rdr); break; case EntityType.Parent: //user = ParentLogin(email, password, conStr); break; case EntityType.School: //user = SchoolLogin(email, password, conStr); break; } } } } return(user); }