public static int AddUser(User user)
{
SqlConnection conn = new SqlConnection(ConfigurationSettings.AppSettings["RiversideInternetForumsConnectionString"]);
SqlCommand cmd = new SqlCommand("WS_AddUser", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@UserID", SqlDbType.Int, 4);
cmd.Parameters.Add("@Alias", SqlDbType.NVarChar, 100);
cmd.Parameters.Add("@Email", SqlDbType.NVarChar, 100);
cmd.Parameters.Add("@Password", SqlDbType.NVarChar, 50);
cmd.Parameters.Add("@WebID", SqlDbType.Int, 4);
cmd.Parameters[0].Direction = ParameterDirection.Output;
cmd.Parameters[1].Value = user.Alias;
cmd.Parameters[2].Value = user.Email;
cmd.Parameters[3].Value = user.Password;
cmd.Parameters[4].Value = user.WebID;
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
user.UserID = (int)cmd.Parameters[0].Value;
return user.UserID;
}
private static User PopulateUser(SqlDataReader dr)
{
User user = new User();
user.Alias = Convert.ToString(dr["Alias"]);
user.Email = Convert.ToString(dr["Email"]);
user.PostCount = Convert.ToInt32(dr["PostCount"]);
user.Password = Convert.ToString(dr["Password"]);
user.WebID = Convert.ToInt32(dr["WebID"]);
user.Roles = Convert.IsDBNull(dr["Roles"]) ? string.Empty : Convert.ToString(dr["Roles"]);
user.Avatar = Convert.IsDBNull(dr["Avatar"]) ? string.Empty : Convert.ToString(dr["Avatar"]);
return user;
}
private void SettingsClicked()
{
// Only update a logged on user if all validators are valid
if (Page.IsValid)
{
_userID = LoggedOnUserID;
if (_userID > 0)
{
// Update user details
string avatar = UploadAvatar();
if (avatar != string.Empty)
DeletePreviousAvatar(avatar);
// Populate user object with information that will be changed
User user = new User();
user.UserID = _userID;
user.Alias = _aliasTextBox.Text;
user.Email = _emailTextBox.Text;
// CHANGED by Arthur Zaczek
user.Password = "******"; //_passwordTextBox.Text;
user.Avatar = avatar;
// Update the user
UserDB.UpdateUser(user);
// Redirect if return URL specified
RedirectReturnURL();
}
}
}
private void JoinClicked()
{
// Only add new user if all validators are valid
if (Page.IsValid)
{
// Create new user
User user = new User();
user.Alias = _aliasTextBox.Text;
user.Email = _emailTextBox.Text;
// user.Password = _passwordTextBox.Text;
user.WebID = WebID;
_userID = UserDB.AddUser(user);
if (_userID > 0)
{
// Avatar considerations
string avatar = UploadAvatar();
if (avatar != string.Empty)
{
user.Avatar = avatar;
UserDB.UpdateUser(user);
}
// Log user on using forums authentication and redirect if return URL specified
FormsAuthentication.SetAuthCookie(_userID.ToString(), _rememberMeCheckBox.Checked);
RedirectReturnURL();
}
}
}
public static void UpdateUser(User user)
{
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.AppSettings["RiversideInternetForumsConnectionString"]);
SqlCommand cmd = new SqlCommand("WS_UpdateUser", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@UserID", SqlDbType.Int, 4);
cmd.Parameters.Add("@Alias", SqlDbType.NVarChar, 100);
cmd.Parameters.Add("@Email", SqlDbType.NVarChar, 100);
cmd.Parameters.Add("@Password", SqlDbType.NVarChar, 50);
cmd.Parameters.Add("@Avatar", SqlDbType.NVarChar, 50);
cmd.Parameters[0].Value = user.UserID;
cmd.Parameters[1].Value = user.Alias;
cmd.Parameters[2].Value = user.Email;
cmd.Parameters[3].Value = user.Password;
if (user.Avatar == string.Empty)
cmd.Parameters[4].Value = System.DBNull.Value;
else
cmd.Parameters[4].Value = user.Avatar;
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
}
// CHANGED by Arthur Zaczek
public static int GetLoggedOnUser(string identityName, int webID)
{
// The user variable corresponds to a string which is the number of
// the currently logged on user. Generally, this function should be
// called with user set to "Page.User.Identity.Name".
int userID = 0;
try
{
if(identityName == "")
{
// Return Guest
userID = GetUserIDFromAlias("guest", webID);
if (userID > 0)
{
User user = GetUser(userID);
if (user.WebID != webID)
userID = 0;
}
else
{
// User does not exist -> create
User user = new User();
user.Alias = "guest";
user.WebID = webID;
user.Email = "guest@localhost";
user.Password = "******";
userID = AddUser(user);
}
}
else
{
userID = GetUserIDFromAlias(identityName, webID);
if (userID > 0)
{
User user = GetUser(userID);
if (user.WebID != webID)
userID = 0;
}
else
{
// User does not exist -> create
User user = new User();
user.Alias = identityName;
user.WebID = webID;
user.Email = identityName + "@localhost";
user.Password = "******";
userID = AddUser(user);
}
}
}
catch(Exception e)
{
System.Web.HttpContext.Current.Trace.Write(e.Message);
userID = 0;
}
return userID;
}
