Exemple #1
0
        public static int RequestPasswordReset(string username)
        {
            string email;
            string name;

            /*VERIFICA SE O UTILIZADOR EXISTE*/
            using (MySqlConnection conn = new MySqlConnection(Properties.Settings.Default.DB))
            {
                conn.Open();
                using (MySqlCommand cmd = new MySqlCommand("SELECT * FROM staff_view WHERE email = @email", conn))
                {
                    cmd.Parameters.AddWithValue("@email", username);
                    MySqlDataReader reader = cmd.ExecuteReader();
                    if (!reader.Read())
                    {
                        return(-1);
                    }

                    email = reader["email"].ToString();
                    name  = reader["nome"].ToString();
                }
                conn.Close();
            }

            string token = PasswordGenerator.Generate(length: 64, allowed: Sets.Alphanumerics);

            if (PasswordResetTokens.ContainsKey(email))
            {
                PasswordResetTokens.Remove(email);
            }
            PasswordResetTokens.Add(email, token);


            return(SMTPClient.ResetPasswordEmail(name, email, token) == false ? 0 : 1);
        }
Exemple #2
0
        public static int ChangePassword(string token, string newPassword)
        {
            if (!PasswordResetTokens.ContainsValue(token))
            {
                return(-2);
            }

            string email = PasswordResetTokens.Keys.FirstOrDefault(s => PasswordResetTokens[s] == token);

            int idStaff;

            /*VERIFICA SE O UTILIZADOR EXISTE*/
            using (MySqlConnection conn = new MySqlConnection(Properties.Settings.Default.DB))
            {
                conn.Open();
                using (MySqlCommand cmd = new MySqlCommand("SELECT * FROM staff_view WHERE email = @email", conn))
                {
                    cmd.Parameters.AddWithValue("@email", email);
                    MySqlDataReader reader = cmd.ExecuteReader();
                    if (!reader.Read())
                    {
                        return(-1);
                    }

                    idStaff = int.Parse(reader["idStaff"].ToString());
                }
                conn.Close();

                conn.Open();

                using (MySqlCommand cmd = new MySqlCommand("UPDATE `staff` SET password = @password WHERE idStaff = @idStaff", conn))
                {
                    cmd.Parameters.AddWithValue("@password", BCrypt.Net.BCrypt.HashPassword(newPassword, 13));
                    cmd.Parameters.AddWithValue("@idStaff", idStaff);
                    int nrRows = cmd.ExecuteNonQuery();
                    if (nrRows <= 0)
                    {
                        return(0);
                    }
                }
                conn.Close();
            }

            /*SENDS CONFIRMATION EMAIl*/
            SMTPClient.PasswordChangedEmail(email);

            return(1);
        }
Exemple #3
0
        public static int CreateParticipacaoTelemovel(JObject participacao)
        {
            try
            {
                int    idPessoa;
                string email;
                /*OBTEM DADOS DA PESSOA*/
                using (MySqlConnection conn = new MySqlConnection(Properties.Settings.Default.DB))
                {
                    conn.Open();
                    using (MySqlCommand cmd = new MySqlCommand("SELECT idPessoa,email FROM pessoa WHERE telefone=@telemovel", conn))
                    {
                        cmd.Parameters.AddWithValue("@telemovel", participacao["telemovel"].ToString());
                        MySqlDataReader reader = cmd.ExecuteReader();

                        if (!reader.Read())
                        {
                            return(0);
                        }

                        idPessoa = (int)reader["idPessoa"];
                        email    = reader["email"].ToString();
                    }


                    conn.Close();
                }


                using (MySqlConnection conn = new MySqlConnection(Properties.Settings.Default.DB))
                {
                    conn.Open();
                    using (MySqlCommand sqlCommand = new MySqlCommand("INSERT INTO `registoevento` (idParticipante, idEvento) VALUES (@idParticipante, @idEvento)", conn))
                    {
                        sqlCommand.Parameters.AddWithValue("@idParticipante", idPessoa);
                        sqlCommand.Parameters.AddWithValue("@idEvento", participacao["idEvento"]);

                        sqlCommand.ExecuteNonQuery();
                    }


                    conn.Close();
                }

                /*ENVIA EMAIL DE CONFIRMAÇÃO*/
                if (email != null)
                {
                    if (!SMTPClient.RegistoEventoEmail(email, new Evento.Evento().GetEvento((int)participacao["idEvento"])))
                    {
                        return(-1);
                    }
                }



                return(0);
            }
            catch (Exception e)
            {
                Debug.WriteLine("Erro ao registar Participação: " + e.Message);

                if (e.Message.StartsWith("Duplicate"))
                {
                    return(-2);
                }

                return(-1);
            }
        }