private bool CreateUserRequest(HttpListenerContext con,out UserSignupObject obj){ string data = ""; bool dataAvaliable = true; obj = new UserSignupObject(); while (dataAvaliable) { char c = (char)con.Request.InputStream.ReadByte(); if (c != (char)UInt16.MaxValue) { data += c; } else { dataAvaliable = false; con.Request.InputStream.Close(); } } try { obj = JsonConvert.DeserializeObject<UserSignupObject>(data); } catch(JsonSerializationException){ return false; } if (obj.username != null && obj.password != null && obj.email != null) { if (obj.username.Length < 6 || obj.email.Length < 6 || obj.password.Length < 6 || new System.Net.Mail.MailAddress(obj.email).Address != obj.email || obj.nickname.Length < 1) { return false; } if (CheckUsernameExists(obj.username)) { return false; } } else { return false; } if (obj.username.Length > 128 || obj.password.Length > 128 || obj.email.Length > 128 || obj.nickname.Length > 32) { return false; } if (RequireInvite) { if (obj.invite != null) { if (obj.invite.Length > 30) { return false; } //Create a temp uid int uid = HashStringToInt(obj.username); bool inviteAccepted = false; //Check invite // using (MySqlConnection conn = Program.GetMysqlConnection()) // { // MySqlCommand cmd = conn.CreateCommand(); // cmd.CommandText = "UPDATE inviteCode SET uid = @uid WHERE code = @code AND uid = -1"; // cmd.Parameters.AddWithValue("@code", obj.invite); // cmd.Parameters.AddWithValue("@uid", uid); // cmd.Prepare(); // inviteAccepted = (cmd.ExecuteNonQuery() > 0); // } // return inviteAccepted; } } return true; }
private bool InsertNewUser(UserSignupObject request){ const string SQLSTATEMENT = @" INSERT INTO user (id,username,password,creation,email,verified) VALUES(NULL,@username,@password,now(),@email,1); INSERT INTO profile (uid,nickname,avatar) VALUES(LAST_INSERT_ID(),@nickname,'');"; bool worked = false; int result = DBHelper.ExecuteQuery(SQLSTATEMENT,new Dictionary<string, object>(){ {"@username", request.username}, {"@password", HashPassword(request.password)}, {"@email", request.email}, {"@nickname", request.nickname} }); worked = (result > 0); if(RequireInvite){ int uid = HashStringToInt(request.username); // using (MySqlConnection conn = Program.GetMysqlConnection()) // { // MySqlCommand cmd = conn.CreateCommand(); // cmd.CommandText = "USE webPlatform;UPDATE inviteCode SET uid = LAST_INSERT_ID() WHERE uid = @uid;"; // cmd.Parameters.AddWithValue("@uid", uid); // cmd.Prepare(); // cmd.ExecuteNonQuery(); // } } if (worked) { //Send mail. } return worked; }