private bool InsertNewUser(UserSignupObject request)
{
const string SQLSTATEMENT = @"
INSERT INTO user (id,username,password,creation,email,verified) VALUES(NULL,@username,@password,now(),@email,1);
INSERT INTO profile (uid,nickname,avatar) VALUES(LAST_INSERT_ID(),@nickname,'');";
bool worked = false;
int result = DBHelper.ExecuteQuery(SQLSTATEMENT, new Dictionary <string, object>()
{
{ "@username", request.username },
{ "@password", HashPassword(request.password) },
{ "@email", request.email },
{ "@nickname", request.nickname }
});
worked = (result > 0);
if (RequireInvite)
{
int uid = HashStringToInt(request.username);
// using (MySqlConnection conn = Program.GetMysqlConnection())
// {
// MySqlCommand cmd = conn.CreateCommand();
// cmd.CommandText = "USE webPlatform;UPDATE inviteCode SET uid = LAST_INSERT_ID() WHERE uid = @uid;";
// cmd.Parameters.AddWithValue("@uid", uid);
// cmd.Prepare();
// cmd.ExecuteNonQuery();
// }
}
if (worked)
{
//Send mail.
}
return(worked);
}
private bool CreateUserRequest(HttpListenerContext con, out UserSignupObject obj)
{
string data = "";
bool dataAvaliable = true;
obj = new UserSignupObject();
while (dataAvaliable)
{
char c = (char)con.Request.InputStream.ReadByte();
if (c != (char)UInt16.MaxValue)
{
data += c;
}
else
{
dataAvaliable = false;
con.Request.InputStream.Close();
}
}
try
{
obj = JsonConvert.DeserializeObject <UserSignupObject>(data);
}
catch (JsonSerializationException) {
return(false);
}
if (obj.username != null && obj.password != null && obj.email != null)
{
if (obj.username.Length < 6 || obj.email.Length < 6 || obj.password.Length < 6 || new System.Net.Mail.MailAddress(obj.email).Address != obj.email || obj.nickname.Length < 1)
{
return(false);
}
if (CheckUsernameExists(obj.username))
{
return(false);
}
}
else
{
return(false);
}
if (obj.username.Length > 128 || obj.password.Length > 128 || obj.email.Length > 128 || obj.nickname.Length > 32)
{
return(false);
}
if (RequireInvite)
{
if (obj.invite != null)
{
if (obj.invite.Length > 30)
{
return(false);
}
//Create a temp uid
int uid = HashStringToInt(obj.username);
bool inviteAccepted = false;
//Check invite
// using (MySqlConnection conn = Program.GetMysqlConnection())
// {
// MySqlCommand cmd = conn.CreateCommand();
// cmd.CommandText = "UPDATE inviteCode SET uid = @uid WHERE code = @code AND uid = -1";
// cmd.Parameters.AddWithValue("@code", obj.invite);
// cmd.Parameters.AddWithValue("@uid", uid);
// cmd.Prepare();
// inviteAccepted = (cmd.ExecuteNonQuery() > 0);
// }
//
return(inviteAccepted);
}
}
return(true);
}
