public override bool ValidateUser(string username, string password)
{
if (!SecUtility.ValidateParameter(ref username,
true,
true,
false,
255))
{
return(false);
}
if (!SecUtility.ValidateParameter(ref password,
true,
true,
false,
128))
{
return(false);
}
AccessConnectionHolder holder = MyConnectionHelper.GetConnection(_databaseFileName, true);
SqlConnection connection = holder.Connection;
try
{
try
{
int appId = GetAppplicationId(holder);
int userId = MyConnectionHelper.GetUserID(connection, appId, username, false);
if (CheckPassword(connection, userId, password))
{
return(true);
}
else
{
return(false);
}
}
catch (Exception e)
{
throw MyConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}
public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
if (!SecUtility.ValidateParameter(ref password,
true,
true,
false,
0))
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
string salt = GenerateSalt();
string pass = EncodePassword(password, (int)_passwordFormat, salt);
if (pass.Length > 128)
{
status = MembershipCreateStatus.InvalidPassword;
return(null);
}
if (!SecUtility.ValidateParameter(ref username,
true,
true,
true,
255))
{
status = MembershipCreateStatus.InvalidUserName;
return(null);
}
AccessConnectionHolder holder = MyConnectionHelper.GetConnection(_databaseFileName, true);
SqlConnection connection = holder.Connection;
try
{
try
{
//
// Start transaction
//
SqlCommand command = new SqlCommand();
int appId = GetAppplicationId(holder);
object result;
int uid;
////////////////////////////////////////////////////////////
// Step 1: Check if the user exists in the Users table: create if not
uid = MyConnectionHelper.GetUserID(connection, appId, username, false);
if (uid != 0)
{ // User not created successfully!
status = MembershipCreateStatus.DuplicateUserName;
return(null);
}
////////////////////////////////////////////////////////////
// Step 4: Create user in Membership table
DateTime dt = MyConnectionHelper.RoundToSeconds(DateTime.Now);
command = new SqlCommand(@"INSERT INTO users " +
"(UserName,PasswordHash, Salt) " +
"VALUES (@UserName,@PasswordHash, @salt)",
connection);
int pFormat = (int)_passwordFormat;
command.Parameters.Add(new SqlParameter("@UserName", username));
command.Parameters.Add(new SqlParameter("@PasswordHash", pass));
command.Parameters.Add(new SqlParameter("@salt", salt));
//
// Error inserting row
//
if (command.ExecuteNonQuery() != 1)
{
status = MembershipCreateStatus.ProviderError;
return(null);
}
status = MembershipCreateStatus.Success;
return(new MembershipUser(this.Name,
username,
uid,
email,
passwordQuestion,
null,
isApproved,
false,
dt,
dt,
dt,
dt,
DateTime.MinValue));
}
catch (Exception e)
{
throw MyConnectionHelper.GetBetterException(e, holder);
}
finally
{
holder.Close();
}
}
catch
{
throw;
}
}