public static void Cmd_Site_AddUser(Object o, CommandEventArgs ea) { if (!((VirtualFtpSession)ea.Session).IsSuperUser) { ea.Connection.WriteLine("500 Unknown command"); return; } if (ea.Parameters.Length < 2) { ea.Connection.WriteLine("501 Syntax error in parameters or arguments."); return; } MySqlConnection lConnection = SpbServUserManager.GetConnection(); try { MySqlCommand lCommand = lConnection.CreateCommand(); lCommand.CommandText = String.Format("insert into login (username, passwordhash, admin) values ('{0}', '', 0)", ea.Parameters[1].Replace("'", "''")); try { lCommand.ExecuteNonQuery(); ea.Connection.WriteLine("501 User Added."); } catch { ea.Connection.WriteLine("501 Unable to add user."); } } finally { SpbServUserManager.ReleaseConnection(lConnection); } }
public static void Cmd_Site_Passwd(Object o, CommandEventArgs ea) { if (!((VirtualFtpSession)ea.Session).IsSuperUser) { ea.Connection.WriteLine("500 Unknown command"); return; } if (ea.Parameters.Length < 3) { ea.Connection.WriteLine("501 Syntax error in parameters or arguments."); return; } MySqlConnection lConnection = SpbServUserManager.GetConnection(); try { MySqlCommand lCommand = lConnection.CreateCommand(); lCommand.CommandText = String.Format("update login set passwordhash='{1}' where username='******'", ea.Parameters[1].Replace("'", "''"), SpbServUserManager.GenerateHash(ea.Parameters[2])); try { lCommand.ExecuteNonQuery(); ea.Connection.WriteLine("501 Password changed."); } catch { ea.Connection.WriteLine("501 Unable to add user."); } } finally { SpbServUserManager.ReleaseConnection(lConnection); } }
public static void Cmd_Site_Change(Object o, CommandEventArgs ea) { if (!((VirtualFtpSession)ea.Session).IsSuperUser) { ea.Connection.WriteLine("500 Unknown command"); return; } if (ea.Parameters.Length < 4) { ea.Connection.WriteLine("501 Syntax error in parameters or arguments."); return; } String lField = ea.Parameters[2].ToUpper(); String lValue = ea.Parameters[3]; MySqlConnection lConnection = SpbServUserManager.GetConnection(); try { try { MySqlCommand lCommand = lConnection.CreateCommand(); if (lField.Equals("ADMIN")) { if (lValue.Equals("1")) { lCommand.CommandText = String.Format("update login set admin=2 where username='******'", ea.Parameters[1].Replace("'", "''")); } else { lCommand.CommandText = String.Format("update login set admin=0 where username='******'", ea.Parameters[1].Replace("'", "''")); } lCommand.ExecuteNonQuery(); } else if (lField.Equals("FILEADMIN")) { if (lValue.Equals("1")) { lCommand.CommandText = String.Format("update login set admin=1 where username='******'", ea.Parameters[1].Replace("'", "''")); } else { lCommand.CommandText = String.Format("update login set admin=0 where username='******'", ea.Parameters[1].Replace("'", "''")); } lCommand.ExecuteNonQuery(); } ea.Connection.WriteLine("501 User changed."); } catch { ea.Connection.WriteLine("501 Unable to add user."); } } finally { SpbServUserManager.ReleaseConnection(lConnection); } }
public static void Cmd_Site_DelUser(Object o, CommandEventArgs ea) { if (!((VirtualFtpSession)ea.Session).IsSuperUser) { ea.Connection.WriteLine("500 Unknown command"); return; } if (ea.Parameters.Length < 2) { ea.Connection.WriteLine("501 Syntax error in parameters or arguments."); return; } if (ea.Parameters[1] == ((VirtualFtpSession)ea.Session).Username) { ea.Connection.WriteLine("501 You cannot delete yourself."); return; } MySqlConnection lConnection = SpbServUserManager.GetConnection(); try { MySqlCommand lCommand = lConnection.CreateCommand(); lCommand.CommandText = String.Format("delete from login where username='******'", ea.Parameters[1].Replace("'", "''")); try { lCommand.ExecuteNonQuery(); ea.Connection.WriteLine("501 User deleted."); } catch { ea.Connection.WriteLine("501 Unable to delete user."); } } finally { SpbServUserManager.ReleaseConnection(lConnection); } }