public static Client GetClient(string dni, string pass) { Client client = new Client(); try { Procedure proc = new Procedure(); Encryptation enc = new Encryptation(); string query = "select * from clients where dni = @1 and web_pass = @2"; using (MySqlConnection conn = new MySqlConnection(proc.StrConn)) { if (conn.State != ConnectionState.Open) { conn.Open(); } MySqlCommand cmd = new MySqlCommand(query, conn); cmd.Parameters.AddWithValue("@1", dni); cmd.Parameters.AddWithValue("@2", enc.Encrypt(pass)); MySqlDataAdapter da = new MySqlDataAdapter(cmd); DataSet ds = new DataSet(); da.Fill(ds); if (ds.Tables[0].Rows.Count > 0) { DataRow row = ds.Tables[0].Rows[0]; client.Id = (int)row["client_id"]; client.Dni = row["dni"] == null ? "" : row["dni"].ToString(); client.FirstName = row["first_name"] == null ? "" : row["first_name"].ToString(); client.LastName = row["last_name"] == null ? "" : row["last_name"].ToString(); client.Email = row["email"] == null ? "" : row["email"].ToString(); client.PhoneNumber1 = row["phone_number1"] == null ? "" : row["phone_number1"].ToString(); client.PhoneNumber2 = row["phone_number2"] == null ? "" : row["phone_number2"].ToString(); client.Address = row["address"] == null ? "" : row["address"].ToString(); client.Status = (int)row["status"]; HttpContext.Current.Session["client_id"] = client.Id; } } } catch (Exception ex) { throw new Exception(ex.Message); } return(client); }
public HttpResponseMessage login(string username, string password) { try { User user = new User(); Encryptation enc = new Encryptation(); string query = "SELECT " + "user_id," + "dni," + "first_name," + "last_name," + "address," + "email," + "phone_number1," + "phone_number2," + "permission_level," + "status," + "image " + "FROM users " + "WHERE " + "dni = @1 AND pass = @2"; using (MySqlConnection conn = new MySqlConnection(strConn)) { conn.Open(); MySqlCommand cmd = new MySqlCommand(query, conn); cmd.Parameters.AddWithValue("@1", username); cmd.Parameters.AddWithValue("@2", enc.Encrypt(password)); MySqlDataAdapter da = new MySqlDataAdapter(cmd); DataSet ds = new DataSet(); da.Fill(ds); if (ds.Tables[0].Rows.Count > 0) { DataRow row = ds.Tables[0].Rows[0]; user.Id = (int)row["user_id"]; user.Dni = (long)row["dni"]; user.FirstName = row["first_name"].ToString(); user.LastName = row["last_name"].ToString(); user.Email = row["email"].ToString(); user.Address = row["address"].ToString(); user.PhoneNumber1 = long.Parse(row["phone_number1"].ToString()); user.PermissionLevel = (int)row["permission_level"]; user.Status = (int)row["status"]; //for (int i = 0; i < ds.Tables[0].Rows.Count; i++) //{ // users.Add(user); //} return(Request.CreateResponse(HttpStatusCode.OK, JsonConvert.SerializeObject(user))); } else { return(Request.CreateResponse(HttpStatusCode.NoContent)); } } } catch (Exception ex) { return(Request.CreateResponse(HttpStatusCode.InternalServerError, ex.Message)); } }