public static UserAccount Create(string username, string password, bool admin) { string role = (admin ? "admin" : "user"); if (username.Length > 16 || string.IsNullOrEmpty(password)) { return(null); } if (Find(username) != null) { return(null); } MySqlConnection connection = MySQLConnector.GetConnection(); if (connection != null) { MySqlCommand command = new MySqlCommand("INSERT INTO `users` VALUES(NULL, @username, @password, NOW(), NOW(), @role)", connection); command.Prepare(); command.Parameters.AddWithValue("@username", username); command.Parameters.AddWithValue("@password", Hash(password)); command.Parameters.AddWithValue("@role", role); command.ExecuteReader(); connection.Close(); return(Find(username)); } return(null); }
public bool SetPassword(string password) { if (string.IsNullOrEmpty(password) || string.IsNullOrWhiteSpace(password) || password.Length < 6) { return(false); } MySqlConnection connection = MySQLConnector.GetConnection(); MySqlCommand updateCommand = new MySqlCommand("UPDATE `users` SET `password`=@password WHERE `id`=@id ORDER BY `id` ASC LIMIT 1", connection); updateCommand.Prepare(); updateCommand.Parameters.AddWithValue("@password", Hash(password)); updateCommand.Parameters.AddWithValue("@id", AccountId); updateCommand.ExecuteReader(); connection.Close(); return(true); }
public bool SetRole(string role) { if (!(role.Equals("admin") || role.Equals("user"))) { return(false); } MySqlConnection connection = MySQLConnector.GetConnection(); MySqlCommand updateCommand = new MySqlCommand("UPDATE `users` SET `role`=@role WHERE `id`=@id ORDER BY `id` ASC LIMIT 1", connection); updateCommand.Prepare(); updateCommand.Parameters.AddWithValue("@role", role); updateCommand.Parameters.AddWithValue("@id", AccountId); updateCommand.ExecuteReader(); connection.Close(); Role = StringToRole(role); return(true); }
public bool ComparePassword(string password) { MySqlConnection connection = MySQLConnector.GetConnection(); if (connection != null) { MySqlCommand command = new MySqlCommand("SELECT `password` FROM `users` WHERE `id`=@id AND `password`=@password ORDER BY `id` ASC LIMIT 1", connection); command.Prepare(); command.Parameters.AddWithValue("@id", AccountId); command.Parameters.AddWithValue("@password", Hash(password)); MySqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { connection.Close(); return(true); } } return(false); }
public static UserAccount Find(string username) { MySqlConnection connection = MySQLConnector.GetConnection(); if (connection != null) { MySqlCommand command = new MySqlCommand("SELECT `id`,`username`,`created_at`,`last_login`,`role` FROM `users` WHERE `username`=@username ORDER BY `id` ASC LIMIT 1", connection); command.Prepare(); command.Parameters.AddWithValue("@username", username); MySqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { UserAccount account = new UserAccount(reader.GetInt32("id"), reader.GetString("username"), reader.GetString("created_at"), reader.GetString("last_login"), reader.GetString("role")); connection.Close(); return(account); } } return(null); }
public static UserAccount Attempt(string username, string password) { if (username.Length > 16 || string.IsNullOrEmpty(password)) { return(null); } MySqlConnection connection = MySQLConnector.GetConnection(); if (connection != null) { MySqlCommand command = new MySqlCommand("SELECT `id`,`username`,`created_at`,`last_login`,`role` FROM `users` WHERE `username`=@username AND `password`=@password ORDER BY `id` ASC LIMIT 1", connection); command.Prepare(); command.Parameters.AddWithValue("@username", username); command.Parameters.AddWithValue("@password", Hash(password)); MySqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { int id = reader.GetInt32("id"); UserAccount account = new UserAccount(id, reader.GetString("username"), reader.GetString("created_at"), reader.GetString("last_login"), reader.GetString("role")); connection.Close(); connection = MySQLConnector.GetConnection(); MySqlCommand updateCommand = new MySqlCommand("UPDATE `users` SET `last_login`=NOW() WHERE `id`=@id ORDER BY `id` ASC LIMIT 1", connection); updateCommand.Prepare(); updateCommand.Parameters.AddWithValue("@id", id); updateCommand.ExecuteReader(); connection.Close(); return(account); } } connection.Close(); return(null); }
public MySQLConnectionAdapter(MySQLDatabase sql) { connection = MySQLConnector.GetConnection(sql); }