public clsUser(string EMail, string Password)
{
//get the details for this user
//this line of code became obsolete due to introduction clsDataConnectionOLDB
//Users = new clsDataConnection("select * from Users where EMail = '" + EMail + "' and UserPassword = '******'");
//get the details of the user using stored procedure
oldbUsers = new clsDataConnectionOLDB();
//add the stored procedure parameter and parameter name for the email
oldbUsers.AddParameter("@EMail", EMail);
//add the stored procedure parameter and parameter name for the hash password
oldbUsers.AddParameter("@Password", Password);
//execute the stored procedure
oldbUsers.Execute("query_User");
//if there is one user found
if (oldbUsers.Count > 0)
{
//flag authenticated as true
mAuthenticated = true;
//store the email address
mEMail = Convert.ToString(oldbUsers.DataTable.Rows[0]["EMail"]);
//store the first name
mFirstName = Convert.ToString(oldbUsers.DataTable.Rows[0]["FirstName"]);
//store the User no
mUserNo = Convert.ToInt32(oldbUsers.DataTable.Rows[0]["UserNo"]);
//mLastName = Users.RecordNumber(0).Item("LastName")
mAdmin = Convert.ToBoolean(oldbUsers.DataTable.Rows[0]["Administrator"]);
}
else
{
//else flag authenticated as false
mAuthenticated = false;
}
}
public Boolean Login(string EMail, string Password)
{
//convert the plain text password to a hash code
Password = GetHashString(Password + EMail);
//find the record matching the users email address and password
//this code is now obsolete because the of the introduction of clsDataConnectionOLDB
//clsDataConnection UserAccount = new clsDataConnection("select * from Users where EMail='" + EMail + "' and UserPassword= '******'");
clsDataConnectionOLDB oldbDBConnect = new clsDataConnectionOLDB();
//add the stored procedure parameter and parameter name for the email
oldbDBConnect.AddParameter("@EMail", EMail);
//add the stored procedure parameter and parameter name for the hash password
oldbDBConnect.AddParameter("@Password", Password);
//execute the stored procedure
oldbDBConnect.Execute("query_Login");
//if there is only one record found then return true
if (oldbDBConnect.Count == 1)
{
return(true);
}
else //otherwise return false
{
return(false);
}
}
public bool SendEMail(string SenderEMail, string RecipientEMail, string SubjectLine, string Message)
{
//create a new clsDataConnectionOLDB object
clsDataConnectionOLDB oldbDB = new clsDataConnectionOLDB();
//add the stored procedure parameter and parameter name for the sender email
oldbDB.AddParameter("@SenderEMail", SenderEMail);
//add the stored procedure parameter and parameter name for the recipeint email
oldbDB.AddParameter("@RecipientEMail", RecipientEMail);
//add the stored procedure parameter and parameter name for the subjectline
oldbDB.AddParameter("@SubjectLine", SubjectLine);
//add the stored procedure parameter and parameter name for the message
oldbDB.AddParameter("@Message", Message);
//execute the stored procedure
oldbDB.Execute("query_SendEmail");
//oldcode using old clsDataConnection
//clsDataConnection DB = new clsDataConnection("select * from tblEmail");
//DB.NewRecord["SenderEMail"] = SenderEMail;
//DB.NewRecord["RecipientEMail"] = RecipientEMail;
//DB.NewRecord["SubjectLine"] = SubjectLine;
//DB.NewRecord["Message"] = Message;
//DB.AddNewRecord();
//DB.SaveChanges();
return(true);
}
public Boolean IsEmailUnique(string EMail)
{
clsDataConnectionOLDB DBManager = new clsDataConnectionOLDB();
DBManager.AddParameter("@EMail", EMail);
DBManager.Execute("qry_Users_EmailExists");
if (DBManager.Count >= 1)
{
return(false);
}
else
{
return(true);
}
}
public Boolean Login(string EMail, string Password)
{
Password = GetHashString(Password + EMail);
clsDataConnectionOLDB UserAccount = new clsDataConnectionOLDB();
UserAccount.AddParameter("@EMail", EMail);
UserAccount.AddParameter("@UserPassword", Password);
UserAccount.Execute("qry_Users_FilterByEmailAndPassword");
if (UserAccount.Count >= 1)
{
return(true);
}
else
{
return(false);
}
}
public Boolean Login(string EMail, string Password)
{
//convert the plain text password to a hash code
Password = GetHashString(Password + EMail);
//find the record mataching the users email address and password
clsDataConnectionOLDB UserAccount = new clsDataConnectionOLDB();
//add the parmeters
UserAccount.AddParameter("@EMail", EMail);
UserAccount.AddParameter("@UserPassword", Password);
//execute the query
UserAccount.Execute("qry_Users_FilterByEmailAndPassword");
//if there is only one record found then return true
if (UserAccount.Count >= 1)
{
return(true);
}
else //otherwise reutn false
{
return(false);
}
}
public string SignUp(string EMail, string Password, string PasswordConfirm)
{
//public method allowing the user to sign up for an account
//string variable to store error messages
string ErrorMsg = "";
//if the two passwords match
if (Password == PasswordConfirm)
{
//get the hash of the plain text password
string HashPassword = GetHashString(Password + EMail);
//add the record to the database
//create an instance of the class clsDataConnection
clsDataConnectionOLDB oldbDBConnection = new clsDataConnectionOLDB();
//add the stored procedure parameter and parameter name for the email
oldbDBConnection.AddParameter("@Email", EMail);
//add the stored procedure parameter and parameter name for the hash password
oldbDBConnection.AddParameter("@HashPassword", HashPassword);
//execute the stored procedure
oldbDBConnection.Execute("query_SignUp");
//old obsolete code due to the new clsDataConnectionOLDB
//clsDataConnection DB = new clsDataConnection("select * from Users");
//DB.NewRecord["Email"] = EMail;
//DB.NewRecord["UserPassword"] = HashPassword;
//DB.AddNewRecord();
//DB.SaveChanges();
}
//if the passwords do not match
else
{
//generate an error message
ErrorMsg = "The passwords do not match.";
}
//return the error message (if there is one)
return(ErrorMsg);
}
public string SignUp(string EMail, string Password, string PasswordConfirm)
{
string ErrorMsg = "";
if (!IsEmailUnique(EMail))
{
ErrorMsg = "Account with this email is already registered.";
}
else if (Password == PasswordConfirm)
{
string HashPassword = GetHashString(Password + EMail);
clsDataConnectionOLDB DB = new clsDataConnectionOLDB();
DB.AddParameter("@EMail", EMail);
DB.AddParameter("@userPassword", HashPassword);
DB.Execute("qry_Users_AddUser");
}
else
{
ErrorMsg = "The passwords do not match.";
}
return(ErrorMsg);
}
