/* * Método para comprobar el inicio de sesión de un usuario * */ public bool CheckUser(string username, string password) { Random r = new Random(); bool ok = false; try { //Connection this._mysql = new MySqlConnection(this._connectionString); this._mysql.Open(); //Query string query = Constants.MysqlRemoteSelect(); //Create Command MySqlCommand cmd = new MySqlCommand(); cmd.Connection = this._mysql; cmd.CommandText = query; cmd.Parameters.AddWithValue("username", username); //Create a data reader and Execute the command MySqlDataReader dataReader = cmd.ExecuteReader(); //Encriptamos la contraseña byte[] passwordBytes = Cripto.EncryptSHA256(password); //Read the data and check password while (dataReader.Read()) { string usuario = (String)dataReader["username"]; byte[] passwordRemote = (byte[])dataReader["password"]; ok = passwordBytes.SequenceEqual(passwordRemote); } //close Data Reader dataReader.Close(); }catch (MySqlException) { } //bool ok = true; return(ok); }
/* * Método para la inserción de un nuevo usuario * */ public bool InsertUser(string username, string password) { bool ok = false; Random r = new Random(); try { //Establecemos la conexión this._mysql = new MySqlConnection(this._connectionString); this._mysql.Open(); //Encriptamos la contraseña byte[] passwordBytes = Cripto.EncryptSHA256(password); //Query string query = Constants.MysqlRemoteInsert(); //Random code int code = r.Next(5000); //create command and assign the query and connection from the constructor MySqlCommand cmd = new MySqlCommand(); cmd.Connection = this._mysql; cmd.CommandText = query; cmd.Parameters.AddWithValue("username", username); cmd.Parameters.AddWithValue("password", passwordBytes); cmd.Parameters.AddWithValue("code", code); //Execute command ok = cmd.ExecuteNonQuery() == 1; //close connection this._mysql.Close(); }catch (MySqlException e) { string error = e.StackTrace; } return(ok); }