static public User AuthorizationUser = new User(); //Сессия авторизованного пользователя /// <summary> /// Метод добавления пользователя в Базу Данных /// </summary> /// <param name="Login">Логин</param> /// <param name="Password">Пароль</param> /// <param name="First_Name">Имя</param> /// <param name="Email">Email</param> /// <param name="Middle_Name">Отчетство</param> /// <param name="Last_Name">Фамилия</param> /// <param name="Phonenumber">Телефон</param> /// <param name="AccessLevel">Уровень доступа</param> /// <returns></returns> public static User Add(string Login, string Password, string First_Name, string Email, string Middle_Name = "null", string Last_Name = "null", string Phonenumber = "null", int AccessLevel = 1) { try { Password = SecurityPasswordController.GetMd5Hash(Password); var sql = $"INSERT INTO Users(login, password, first_name, middle_name, last_name, email, phone_number, access_level) VALUES('{Login}', '{Password}', '{First_Name}', '{Middle_Name}', '{Last_Name}', '{Email}', '{Phonenumber}', {AccessLevel}) RETURNING ID"; var user = new User(); var cmds = new NpgsqlCommand(); cmds.Connection = Program.Connection; cmds.CommandText = sql; user.ID = (int)cmds.ExecuteScalar(); user.login = Login; user.password = Password; user.first_name = First_Name; user.middle_name = Middle_Name; user.last_name = Last_Name; user.email = Email; user.phone_number = Phonenumber; user.access_level = AccessLevel; return(user); } catch (Exception ex) { MessageBox.Show("Ошибка добавления пользователя"); return(null); } }
/// <summary> /// Проверка авторизации пользователя /// </summary> /// <param name="login"></param> /// <param name="pass"></param> /// <returns></returns> public static bool CheckAuth(string login, string pass) { try { pass = SecurityPasswordController.GetMd5Hash(pass); var sql = $"SELECT * FROM Users WHERE login = '******'"; using (var command = new NpgsqlCommand(sql, Program.Connection)) { var user = new User(); using (var reader = command.ExecuteReader()) { while (reader.Read()) { user.ID = Int32.Parse(reader["id"].ToString()); user.login = reader["login"].ToString(); user.password = reader["password"].ToString(); } } if (user.login == null) { return(false); } if (user.password == pass) { AuthorizationUser = GetUser(user.ID); return(true); } return(false); } } catch (Exception ex) { MessageBox.Show("Ошибка авторизации пользователя"); return(false); } }