private async void Register_Button_Click(object sender, RoutedEventArgs e) { try { RequestSender request = new RequestSender(); var userJson = TBUser.Create(UserName_TextBox.Text, Password_TextBox.Password, PhoneNumber_TextBox.Text, Email_TextBox.Text); var result = request.SendPost("NewUser", userJson); dynamic resDetailed = JsonConvert.DeserializeObject(result); resDetailed = JsonConvert.DeserializeObject((string)resDetailed); if ((int)resDetailed["Status"] == 1) { SessionState.LoggedInId = Convert.ToInt32(resDetailed["Data"]["UserId"]); SessionState.LoggedInName = resDetailed["Data"]["UserName"].ToString(); SessionState.LoggedIn = true; } else { MessageDialog msg = new MessageDialog("There is a user already associated with that username."); await msg.ShowAsync(); } // Then log in with those credentials NavigateToPage.Navigate(typeof(HomePage)); } catch (Exception ex) { MessageDialog msg = new MessageDialog("There is a user already associated with that username."); await msg.ShowAsync(); } }
public ActionResult Login(UserLogginViewModel p) { if (ModelState.IsValid) { if (p.EmailOrPhone.Equals(Session["userid"])) { //hacker attack return(Redirect("../")); } SqlParameter emailParameter = new SqlParameter("FDEmailOrPhone", SqlDbType.VarChar, Common.Const.EmailOrPhoneLength); emailParameter.Value = p.EmailOrPhone; SqlParameter passwordParameter = new SqlParameter("FDPassword", SqlDbType.VarChar, Common.Const.PasswordLength_Max); passwordParameter.Value = p.Password; //int count = db.Database.ExecuteSqlCommand("select count(*) from TBUsers"); TBUser user = db.Database.SqlQuery <TBUser>("select * from TBUsers where FDEmailOrPhone = @FDEmailOrPhone and FDPassword = HASHBYTES('SHA2_256',@FDPassword)", emailParameter, passwordParameter).FirstOrDefault(); if (user == null) { //Verification Code Error ModelState.AddModelError("Password", "User ID or Password not correct"); return(View(p)); } else { Session.Add("userid", p.EmailOrPhone); Session.Add("nickname", user.FDNickname); } } return(Redirect("../")); }
private void Button_Click(object sender, RoutedEventArgs e) { //dados do usuario da tela TBUser U = new TBUser(); U.Nome = txtNome.Text; U.Email = txtEmail.Text; //gravar no banco de dados using (FisioEntities3 ctx = new FisioEntities3()) { ctx.TBUser.Add(U); ctx.SaveChanges(); } }
private void BtSalvar(object sender, RoutedEventArgs e) { //gravar no banco de dados if (operacao == "inserir") { //dados do usuario da tela TBUser U = new TBUser(); U.Nome = txtNome.Text; U.Email = txtEmail.Text; U.Fone = txtFone.Text; U.Login = txtLogin.Text; U.Senha = txtSenha.Password; U.Ativo = checkAtivo.IsChecked; U.Tipo = txttipo.Text; using (FisioEntities3 ctx = new FisioEntities3()) { ctx.TBUser.Add(U); ctx.SaveChanges(); } } if (operacao == "alterar") { using (FisioEntities3 ctx = new FisioEntities3()) { TBUser U = ctx.TBUser.Find(Convert.ToInt32(txtID.Text)); if (U != null) { U.Nome = txtNome.Text; U.Email = txtEmail.Text; U.Fone = txtFone.Text; U.Login = txtLogin.Text; U.Senha = txtSenha.Password; U.Ativo = checkAtivo.IsChecked; U.Tipo = txttipo.Text; ctx.SaveChanges(); } } } this.ListarUser(); this.AlteraBotoes(1); this.LimpaCampos(); }
//excluir private void BtExcluir_Click(object sender, RoutedEventArgs e) { using (FisioEntities3 ctx = new FisioEntities3()) { TBUser U = ctx.TBUser.Find(Convert.ToInt32(txtID.Text)); if (U != null) { ctx.TBUser.Remove(U); ctx.SaveChanges(); } } this.ListarUser(); this.AlteraBotoes(1); this.LimpaCampos(); }
//pesquisar private void BtPesquisar_Click(object sender, RoutedEventArgs e) { if (txtID.Text.Trim().Count() > 0) { try { //busca pelo codigo int id = Convert.ToInt32(txtID.Text); using (FisioEntities3 ctx = new FisioEntities3()) { // var consulta = ctx.TBUser; // dgDados.ItemsSource = consulta.ToList(); //procura elemento pelo codigo - substitui select TBUser U = ctx.TBUser.Find(id); dgDados.ItemsSource = new TBUser[1] { U }; } } catch { } } //procura pelo nome if (txtNome.Text.Trim().Count() > 0) { try { using (FisioEntities3 ctx = new FisioEntities3()) { var consulta = from U in ctx.TBUser where U.Nome.Contains(txtNome.Text) select U; dgDados.ItemsSource = consulta.ToList(); } } catch { } } }
public ActionResult Validate(UserRegistrationCodeVerificationViewModel validateForm) { if (ModelState.IsValid) { if (!validateForm.EmailOrPhone.Equals(Session["userid"])) { //hacker attack } SqlParameter emailParameter = new SqlParameter("FDEmailOrPhone", SqlDbType.VarChar, Common.Const.EmailOrPhoneLength); emailParameter.Value = validateForm.EmailOrPhone; SqlParameter passwordParameter = new SqlParameter("FDPassword", SqlDbType.VarChar, Common.Const.VerificationCodeLength); passwordParameter.Value = validateForm.VerificationCode; //int count = db.Database.ExecuteSqlCommand("select count(*) from TBUsers"); TBUser user = db.Database.SqlQuery <TBUser>("select * from TBUsers where FDEmailOrPhone = @FDEmailOrPhone and FDPassword = HASHBYTES('SHA2_256',@FDPassword)", emailParameter, passwordParameter).FirstOrDefault(); if (user == null) { //Verification Code Error ModelState.AddModelError("VerificationCode", "Verification Code is wrong "); } else { if (user.FDNickname.StartsWith(" ")) { UserInfoCompletionViewModel p = new UserInfoCompletionViewModel(); p.EmailOrPhone = validateForm.EmailOrPhone; return(View("Completion", p)); } else { //hacker attack or wrong user request return(Redirect("../")); } } } return(View("RegistrationCodeVerification", validateForm)); }