public static bool ChangePassTo(User oldUser)
{
const string QUARY = @"Exec dbo.ChangePassTo @Login, @Password";
var connectionString = GetConnectionString();
using (var connection = new SqlConnection(connectionString))
{
using (var command = new SqlCommand(QUARY,connection))
{
command.Parameters.Add("@Login", SqlDbType.NVarChar);
command.Parameters["@Login"].Value = oldUser.Login;
command.Parameters.Add("@Password", SqlDbType.NVarChar);
command.Parameters["@Password"].Value = oldUser.Password;
command.Connection.Open();
int count;
try
{
count = command.ExecuteNonQuery();
}
catch (InvalidCastException)
{
return false;
}
if (count == 1)
{
return true;
}
return false;
}
}
}
public void ProcessRequest(HttpContext context)
{
HttpCookie userInfoCookies = context.Request.Cookies["UserInfo"];
if (userInfoCookies == null)
{
context.Response.Redirect("~/Views/Pages/Default.aspx");
return;
}
var login = new User {Login = userInfoCookies["UserName"], Password = userInfoCookies["UserPassword"]};
if (!Users.IsCorrectLogin(login))
{
context.Response.Redirect("~/Views/Pages/Default.aspx");
}
int id;
if (int.TryParse(context.Request.QueryString["id"],out id))
{
var record = Records.GetRecordByID(id);
if (record != null)
{
var file = new FileInfo(record.FileWay);
if (file.Exists)
{
context.Response.Clear();
context.Response.ClearHeaders();
context.Response.ClearContent();
context.Response.AddHeader("Content-Disposition", "attachment; filename=" + file.Name);
context.Response.AddHeader("Content-Length", file.Length.ToString());
context.Response.Flush();
context.Response.TransmitFile(file.FullName);
context.Response.End();
}
else
{
context.Response.ContentType = "image";
context.Response.WriteFile(@"~/Images/NoFile.png");
}
}
else
{
context.Response.ContentType = "image";
context.Response.WriteFile(@"~/Images/NoFile.png");
}
}
context.Response.ContentType = "image";
context.Response.WriteFile(@"~/Images/NoFile.png");
}
public static bool ChangePassTo(User oldUser)
{
var changeUser = oldUser.Clone();
changeUser.Password = Hash(oldUser.Password);
return UserAccess.ChangePassTo(changeUser);
}
public static bool IsCorrectLogin(User user)
{
RichUser baseLogin;
try
{
baseLogin = UserAccess.GetUserByLogin(user.Login);
}
catch(InvalidCastException)
{
return false;
}
if (baseLogin != null)
{
return Hash(user.Password) == baseLogin.Password;
}
return false;
}
public static bool IsAdminUser(User user)
{
RichUser baseLogin;
try
{
baseLogin = UserAccess.GetUserByLogin(user.Login);
}
catch (InvalidCastException)
{
return false;
}
if (baseLogin != null)
{
return baseLogin.IsAdmin;
}
return false;
}
public static int GetIDUser(User login)
{
return UserAccess.GetIDByLogin(login.Login);
}