public ActionResult Forgotpass(string Email)
{
string key = KeyGenerator.GetUniqueKey(new Random().Next(15, 30));
using (var conn = new MySqlConnection(ConnectionString.Get("EscademyMDB")))
{
conn.Open();
using (var cmd = conn.CreateCommand())
{
cmd.CommandText = "INSERT INTO esc_userpasswordreset(PasswordResetToken, PasswordResetExpiration, Email) VALUES (@token, @exp, @mail)";
cmd.Parameters.AddWithValue("@token", key);
cmd.Parameters.AddWithValue("@exp", DateTime.UtcNow.AddDays(5));
cmd.Parameters.AddWithValue("@mail", Email);
if (cmd.ExecuteNonQuery() >= 1)
{
// SEND MAIL TO USER
var reset_link = "https://www.escademy.com/auth/reset_password?token=" + key;
var fileContents = System.IO.File.ReadAllText(Server.MapPath(@"~/App_Data/bf_resetpassword.html"))
.Replace("REP_RESET_LINK", reset_link)
.Replace("{USERNAME}", "User");
using (var mFactory = new MailFactory())
{
mFactory.SendMail(
"Password Reset",
fileContents,
new MailAddress(Email)
);
}
}
}
conn.Close();
}
ViewBag.mail_sent = true;
return(View());
}
public ActionResult Register(User user)
{
ViewBag.success = false;
// ignored for now ..
/*
* if (!VerifyCapatcha(ConnectionString.Get("capatcha"), Request["g-recaptcha-response"]))
* return View();
*/
// Verify input
if (string.IsNullOrWhiteSpace(user.Email) || string.IsNullOrWhiteSpace(user.Password) || string.IsNullOrWhiteSpace(user.FirstName) || string.IsNullOrWhiteSpace(user.LastName))
{
return(View());
}
bool verified = false;
// INSERT INTO esc_accounts (Email, Password, FirstName, Level) VALUES (@Email, @Password, @FirstName, 1)
using (var conn = new MySqlConnection(ConnectionString.Get("EscademyMDB")))
{
conn.Open();
using (var cmd = conn.CreateCommand())
{
cmd.CommandText = "INSERT INTO esc_accounts (Email, Password, Level, FirstName, LastName, verified, Created_at, Country) VALUES (@Email, @Password, 1, @FirstName, @LastName, 0, @CreationDate, @Country)";
cmd.Parameters.AddWithValue("@Email", user.Email);
cmd.Parameters.AddWithValue("@Password", user.Password.ToSHA512());
cmd.Parameters.AddWithValue("@FirstName", user.FirstName);
cmd.Parameters.AddWithValue("@LastName", user.LastName);
cmd.Parameters.AddWithValue("@CreationDate", DateTime.UtcNow);
cmd.Parameters.AddWithValue("@Country", user.Country);
try
{
if (cmd.ExecuteNonQuery() >= 1)
{
verified = true;
}
} catch (MySqlException)
{
//duplicate entry exception..
}
}
if (verified)
{
string key = KeyGenerator.GetUniqueKey(new Random().Next(15, 30));
var reglink = "https://www.escademy.com/auth/confirm_mail?reg=" + key;
using (var cmd = conn.CreateCommand())
{
cmd.CommandText = "INSERT INTO esc_verificationcodes(VerificationCode, Email) VALUES (@VerificationCode, @Email)";
cmd.Parameters.AddWithValue("@VerificationCode", key);
cmd.Parameters.AddWithValue("@Email", user.Email);
cmd.ExecuteNonQuery();
}
var fileContents = System.IO.File.ReadAllText(Server.MapPath(@"~/App_Data/bf_confirm_mail.html"))
.Replace("REP_ACTIVACTION_URL", reglink)
.Replace("{FirstName}", user.FirstName);
using (var mFactory = new MailFactory())
{
mFactory.SendMail(
"Welcome to Escademy",
//"<html><body><h1>Tak for din registrering hos Escademy.</h1>Tryk på linket forneden for at færdigøre registreringen<br /><a href=\"" + reglink + "\">" + reglink + "</a></body></html>",
fileContents,
new MailAddress(user.Email)
);
}
}
conn.Close();
if (verified)
{
return(RedirectToAction("Success"));
}
else
{
return(View());
}
}
}