public static async Task AddCredits(User user, int amount)
{
Monitor.Enter(coherenceLock);
UpdateQuery <User> query = new UpdateQuery <User>();
query.Where("user_id", user.ID);
query.Set("credits", user.Credits + amount);
await Program.MySql().ExecuteNonQuery(query);
Monitor.Exit(coherenceLock);
}
public static async Task BanUser(User user)
{
Monitor.Enter(coherenceLock);
UpdateQuery <User> query = new UpdateQuery <User>();
query.Where("user_id", user.ID);
query.Set("role", UserRole.Banned);
await Program.MySql().ExecuteNonQuery(query);
Monitor.Exit(coherenceLock);
}
public async Task UpdateOne(DbClient client)
{
UpdateQuery query = client.GetQueryProvider().Update("people");
query.Where("id", 2);
query.Set("name", "Pepe");
NonQueryResult res = await client.ExecuteNonQuery(query);
Assert.AreEqual(1, res.RowsAffected);
client.Dispose();
}
public static async Task <bool> BookEvent(User user, Kid kid, ScheduledEvent scheduled)
{
Monitor.Enter(coherenceLock);
bool success = false;
Event evt = scheduled.Event;
User organizer = evt.Organizer;
if (user.Credits > evt.Price)
{
/*
* Transfer funds
*/
UpdateQuery <User> chargeQuery = new UpdateQuery <User>();
chargeQuery.Where("user_id", user.ID);
chargeQuery.Set("credits", user.Credits - evt.Price);
int compensation = (int)(evt.Price * (1 - Options.Fee));
UpdateQuery <User> compensateQuery = new UpdateQuery <User>();
compensateQuery.Where("user_id", organizer.ID);
compensateQuery.Set("credits", organizer.Credits + compensation);
await Program.MySql().ExecuteNonQuery(chargeQuery);
await Program.MySql().ExecuteNonQuery(compensateQuery);
/*
* Add attendance
*/
EventAttendance attendance = new EventAttendance(scheduled, kid);
await Program.MySql().Insert(attendance);
success = true;
}
Monitor.Exit(coherenceLock);
return(success);
}
public static async Task <bool> UpdatePassword(User user, string password, string password2)
{
if (password != password2)
{
return(false);
}
Monitor.Enter(coherenceLock);
string salt = GenerateSalt();
string passwordHash = GetPasswordHash(password, salt);
UpdateQuery <User> query = new UpdateQuery <User>();
query.Where("user_id", user.ID);
query.Set("password", passwordHash)
.Set("salt", salt);
NonQueryResult res = await Program.MySql().ExecuteNonQuery(query);
Monitor.Exit(coherenceLock);
return(res.RowsAffected == 1);
}
public async Task UserUpdate(HttpRequest req)
{
UserSession session = req.Session as UserSession;
User user = await session.GetUser();
string redirectTo = "/profile";
if (user == null)
{
req.SetStatusCode(HttpStatusCode.Unauthorized);
await req.Close();
return;
}
if (await req.HasPOST("id"))
{
if (user.Role != UserRole.Admin)
{
await req.SetStatusCode(HttpStatusCode.Forbidden).Close();
return;
}
SelectQuery <User> sel = new SelectQuery <User>();
sel.Where("user_id", await req.POST("id"));
user = (await Program.MySql().Execute(sel)).FirstOrDefault();
if (user == null)
{
await req.SetStatusCode(HttpStatusCode.NotFound).Close();
return;
}
redirectTo = "/admin";
}
/*
* First update the password
*/
string password = await req.POST("password", "");
string password2 = await req.POST("password2", "");
if (!string.IsNullOrWhiteSpace(password) && !string.IsNullOrWhiteSpace(password2))
{
if (!await Auth.UpdatePassword(user, password, password2))
{
await req.SetStatusCode(HttpStatusCode.BadRequest).Close();
return;
}
}
/*
* Then update the rest of the data
*/
UpdateQuery <User> query = new UpdateQuery <User>();
query.Where("user_id", user.ID);
if (await req.HasPOST("email") &&
!string.IsNullOrWhiteSpace(await req.POST("email")) &&
user.Email != await req.POST("email"))
{
if (await Auth.EmailTaken(await req.POST("email")))
{
await req.SetStatusCode(HttpStatusCode.Found).Close();
return;
}
query.Set("email", await req.POST("email"));
}
if (await req.HasPOST("full_name") && !string.IsNullOrWhiteSpace(await req.POST("full_name")))
{
query.Set("full_name", await req.POST("full_name"));
}
if (await req.HasPOST("address") && !string.IsNullOrWhiteSpace(await req.POST("address")))
{
query.Set("address", await req.POST("address"));
}
await Program.MySql().Execute(query);
await req.Redirect(redirectTo);
}