public override void HandleRequest(HttpListenerContext context)
{
NameValueCollection query;
using (var rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database(Program.Settings.GetValue("conn")))
{
byte[] status;
if (!IsUsername(query["newGUID"]))
status = Encoding.UTF8.GetBytes("<Error>Invalid username</Error>");
else
{
if (db.HasUuid(query["guid"]) &&
db.Verify(query["guid"], "") != null)
{
if (db.HasUuid(query["newGUID"]))
status = Encoding.UTF8.GetBytes("<Error>Duplicate username</Error>");
else if (db.HasEmail(query["email"]))
status = Encoding.UTF8.GetBytes("<Error>Duplicate email</Error>");
else
{
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText =
"UPDATE accounts SET uuid=@newUuid, password=SHA1(@password), email=@email, guest=FALSE WHERE uuid=@uuid;";
cmd.Parameters.AddWithValue("@uuid", query["guid"]);
cmd.Parameters.AddWithValue("@newUuid", query["newGUID"]);
cmd.Parameters.AddWithValue("@password", query["newPassword"]);
cmd.Parameters.AddWithValue("@email", query["email"]);
if (cmd.ExecuteNonQuery() > 0)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
}
else
{
if (db.HasUuid(query["newGUID"])) {
status = Encoding.UTF8.GetBytes("<Error>Duplicate username</Error>");
} else if (db.HasEmail(query["email"])) {
status = Encoding.UTF8.GetBytes("<Error>Duplicate email</Error>");
} else {
if (db.Register(query["newGUID"], query["newPassword"], query["email"], false) != null)
status = Encoding.UTF8.GetBytes("<Success />");
else
status = Encoding.UTF8.GetBytes("<Error>Internal Error</Error>");
}
}
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
public override void HandleRequest(HttpListenerContext context)
{
var rand = new Random();
NameValueCollection query;
using (var rdr = new StreamReader(context.Request.InputStream))
query = HttpUtility.ParseQueryString(rdr.ReadToEnd());
using (var db = new Database(Program.Settings.GetValue("conn")))
{
byte[] status;
var password = CreatePassword(rand.Next(8, 12));
if (!db.HasEmail(query["email"]))
status = Encoding.UTF8.GetBytes("<Error>Account not found</Error>");
else if (!IsValidEmail(query["email"]))
status = Encoding.UTF8.GetBytes("<Error>Invalid email address</Error>");
else
{
MySqlCommand cmd = db.CreateQuery();
cmd.CommandText = "UPDATE accounts SET password=SHA1(@password) WHERE email=@email;";
cmd.Parameters.AddWithValue("@email", query["email"]);
cmd.Parameters.AddWithValue("@password", password);
if (cmd.ExecuteNonQuery() == 0)
status = Encoding.UTF8.GetBytes("<Error>Could not reset account password!</Error>");
else
{
cmd = db.CreateQuery();
cmd.CommandText = "SELECT id, uuid, name, email FROM accounts WHERE email=@email";
cmd.Parameters.AddWithValue("@email", query["email"]);
using (MySqlDataReader rdr = cmd.ExecuteReader())
{
if (!rdr.HasRows) return;
rdr.Read();
var to = rdr.GetString("email").ToLower();
const string @from = "*****@*****.**";
var message = new MailMessage(from, to)
{
Subject = "Email Verification for : " + rdr.GetString("name")
};
string htmlBody =
@"
<html>
<body style='font-family: 'Segoe UI','Helvetica Neue',Helvetica,Arial,sans-serif;font-size: 13px;line-height: 20px;color: #333;margin:0;padding:0;'>
<table cellspacing='0' cellpadding='0' border='0' width='100%'>
<tr style='background: #3f3f3f'>
<td class='navbar navbar-inverse' align='center'>
<table width='650px' cellspacing='0' cellpadding='3' class='container' style='width:auto;margin:0;padding:0;'>
<tr class='navbar navbar-inverse'>
<td><a style='margin:0px -3px;text-decoration:none;display: block;padding: 20px;font-size: 20px;font-weight: 200;color: rgb(241,241,241);text-shadow: 0px -1px 1px rgba(0, 0, 0, 0.55);' class='brand' href='http://zerorealms.com'>Home Page</a></td>
<td><a style='margin:0px -3px;text-decoration:none;display: block;padding: 20px;font-size: 20px;font-weight: 200;color: rgb(241,241,241);text-shadow: 0px -1px 1px rgba(0, 0, 0, 0.55);' href='http://forum.zerorealms.com'>Forums</a></li></ul></td>
</tr>
</table>
</td>
</tr>
<tr style='background: #d6d6d6;'>
<td align='center'>
<table width='650px' cellspacing='0' cellpadding='3' class='container' style='width:960px;margin-top:15px;'>
<tr>
<th colspan='2'><h1 style='margin: 10px 0px;font-family: inherit;font-weight: bold;line-height: 40px;font-size: 36px;color: inherit;text-rendering: optimizelegibility;margin-bottom: 35px;'>Forgot Password</h1></th>
</tr>
<tr style='height:40px;'>
<td align='right' style='width:42%;'><p style='font-weight:600;color:#474747;'>Account Name : </p></td><td style='width:58%;'><b>" +
rdr.GetString("uuid") + @"</b></td>
</tr>
<tr style='height:40px;'>
<td align='right' style='width:42%;'><p style='font-weight:600;color:#474747;'>Character Name : </p></td><td style='width:58%;'><b>" +
rdr.GetString("name") + @"</b></td>
</tr>
<tr style='height:40px;'>
<td align='right' style='width:42%;'><p style='font-weight:600;color:#474747;'>Email Address : </p></td><td style='width:58%;'><b style='color:#0063CA;text-decoration:none;'>" +
rdr.GetString("email") + @"</b></td>
</tr>
<tr style='height:80px;'>
<td colspan='2' align='center' style='width:100%;'><p style='font-weight:600;color:#474747;'>A password reset has been requested for the account described above.<br />We've generated a new password for your account that is active immediately.<br />Please use the password shown below when you login.</p></td>
</tr>
<tr style='height:40px;'>
<td align='right' style='width:42%;'><p style='font-weight:600;color:#474747;'>New Password : </p></td><td style='width:58%;'><b style='color:#0063CA;text-decoration:none;'>" +
password + @"</b></td>
</tr>
</table>
</td>
</tr>
<tr style='background: #d6d6d6;'>
<td align='center'>
<table width='650px' cellspacing='0' cellpadding='3' class='container' style='width:960px;'>
<tr>
<td align='center' style='font-size:12pt;'>
<hr style='border-right: 0px none;border-left: 0px none;-moz-border-top-colors: none;-moz-border-right-colors: none;-moz-border-bottom-colors: none;-moz-border-left-colors: none;border-image: none;border-width: 1px 0px;border-style: solid none;border-color: #EEE -moz-use-text-color #FFF;'>
<p style='height:80px;margin-bottom:35px;'><b>Copyright © 2013-2014 | <a style='color: #0063CA;text-decoration:none;' href='http://zerorealms.com'>ZeroRealms.com</a> - Lucifer</b></p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>";
message.Body = htmlBody;
message.IsBodyHtml = true;
var client = new SmtpClient
{
Port = 587,
Host = "smtp.mandrillapp.com",
Credentials = new NetworkCredential("*****@*****.**",
"xI7YXXrmtLC5BdwIEzsG0w")
};
// Credentials are necessary if the server requires the client
// to authenticate before it will send e-mail on the client's behalf.
try
{
client.Send(message);
return;
}
catch
{
return;
}
}
}
}
context.Response.OutputStream.Write(status, 0, status.Length);
}
}
