コード例 #1
0
        // UPDATE: api/Users
        public void Update(string userName, string password, string name, string email, string address)
        {
            EncryptionController encryptionController = new EncryptionController();
            string sql = "UPDATE Users(Password, Name, Email, Address, Rating, NumberOfSales, IsAdmin, SALT)" +
                         "VALUES(@username, @password, @name, @email, @address, @rating, @numberOfSales, @isAdmin, @SALT)" +
                         "WHERE Username ='******'";
            //Current User Data
            var    user           = Get(userName);
            string salt           = user.Salt;
            string hashedPassword = encryptionController.EncryptPassword(password + salt);

            if (password == null || password == "")
            {
                hashedPassword = user.Password;
            }
            if (name == null || name == "")
            {
                name = user.Name;
            }
            if (email == null || email == "")
            {
                email = user.Email;
            }
            if (address == null || address == "")
            {
                address = user.Address;
            }
            string connStr = ConfigurationManager.ConnectionStrings["ConnStr"].ConnectionString;

            using (var connection = new SqlConnection(connStr))
            {
                connection.Query(sql, new
                {
                    password      = hashedPassword,
                    name          = name,
                    email         = email,
                    address       = address,
                    rating        = user.Rating,
                    numberOfSales = user.NumberOfSales,
                    isAdmin       = user.IsAdmin,
                    SALT          = salt
                });
            }
        }
コード例 #2
0
        // CREATE: api/Users
        public int Create(string userName, string password, string name, string email, string address)
        {
            EncryptionController encryptionController = new EncryptionController();
            string sql = "INSERT INTO Users (Username, Password, Name, Email, Address, Rating, NumberOfSales, IsAdmin, SALT)" +
                         " VALUES (@username, @password, @name, @email, @address, @rating, @numberOfSales, @isAdmin, @SALT)";

            if (Get(userName) != null)
            {
                return(1);//Username taken error code
            }
            if ((userName != null && userName != "") && (password != null && password != "") &&
                (name != null && name != "") && (email != null && email != "") &&
                (address != null && address != ""))
            {
                string connStr        = ConfigurationManager.ConnectionStrings["ConnStr"].ConnectionString;
                string salt           = Guid.NewGuid().ToString("N").Substring(0, 20);
                string hashedPassword = encryptionController.EncryptPassword(password + salt);
                using (var connection = new SqlConnection(connStr))
                {
                    connection.Query(sql, new
                    {
                        username      = userName,
                        password      = hashedPassword,
                        name          = name,
                        email         = email,
                        address       = address,
                        rating        = 0,
                        numberOfSales = 0,
                        isAdmin       = 0,
                        SALT          = salt
                    });
                }
                return(0); //No errors found
            }
            return(2);     //User couldn't be created
        }