public IHttpActionResult Registry(AccountRegistryViewModel account) { if (!ModelState.IsValid) { return(this.BadRequestError(ModelState)); } DataSet data = DBConnection.GetQuery("select max(id) from [ReportServer].[dbo].[Users]"); string id = "0"; if (data.Tables[0].Rows[0][0].ToString() != "") { id = data.Tables[0].Rows[0][0].ToString(); } data = DBConnection.GetQuery("select count(*) from [ReportServer].[dbo].[Users] where Login = '******'"); if (Convert.ToInt32(data.Tables[0].Rows[0][0].ToString()) > 0) { return(BadRequest("User login already exist")); } string query = @"insert into [ReportServer].[dbo].[Users] values (" + (Convert.ToInt32(id) + 1) + ",'" + account.surname + "','" + account.name + "','" + account.middlename + "','" + account.email + "','" + account.Login + "','" + Plugins.MD5.CreateMD5(account.Password) + "')"; data = DBConnection.GetQuery(query); if (data == null) { return(BadRequest("DB query error")); } account.Password = ""; return(Ok()); }
public IHttpActionResult UserChangePassword(AccountRegistryViewModel login) { if (!ModelState.IsValid) { return(this.BadRequestError(ModelState)); } DataSet data = DBConnection.GetQuery("update [ReportServer].[dbo].[Users] set [password]='" + MD5.CreateMD5(login.Password) + "' where [login]='" + login.Login + "'"); if (data == null) { return(BadRequest("Not connect to DB")); } return(Ok()); }