/// <summary> /// Resets the password,creates a string with the length of 8, encodes the new password and writes back into database. /// </summary> /// <param name="userId">User that password will be resetted.</param> /// <returns>string value which contains the new password.</returns> public static string ResetPassword(string userId) { int result = 0; string newPassword = CreateRandomString(8); string sql = "select Salt from user where UserId='" + userId + "';"; List <object[]> rows = RepositoryManager.Repository.DoQuery(sql); if (rows.Count == 0) { return(null); } string salt = (string)rows[0][0]; string newHashedPassword = EncryptionManager.EncodePassword(newPassword, salt); sql = "update user set HashedPassword = '******' where UserId = '" + userId + "';"; result = RepositoryManager.Repository.DoCommand(sql); if (result == 1) { return(newPassword); } else { return(null); } }
/// <summary> /// Updates user information over options and userId and alters the database. /// </summary> /// <param name="update">New value which is wanted to change.</param> /// <param name="userId">User that wants to make the change.</param> /// <param name="option">The value (Ranged from 1 to 6) to determine which field will be changed.</param> /// <returns>Boolean value whether the transaction is happened or not.</returns> public static bool UpdateUser(string update, string userId, int option) { string sql = ""; int result = 0; if (option == 1) { sql = "update user set Name ='" + update + "' where UserId = '" + userId + "';"; result = RepositoryManager.Repository.DoCommand(sql); } else if (option == 2) { sql = "select Salt from user where UserId='" + userId + "';"; List <object[]> rows = RepositoryManager.Repository.DoQuery(sql); if (rows.Count == 0) { return(false); } string salt = (string)rows[0][0]; string hashedPassword = EncryptionManager.EncodePassword(update, salt); sql = "update user set HashedPassword='******' where UserId = '" + userId + "';"; result = RepositoryManager.Repository.DoCommand(sql); } else if (option == 3) { sql = "update user set Email='" + update + "' where UserId = '" + userId + "';"; result = RepositoryManager.Repository.DoCommand(sql); } else if (option == 4) { sql = "update user set Gender='" + update + "' where UserId = '" + userId + "';"; result = RepositoryManager.Repository.DoCommand(sql); } else if (option == 5) { sql = "update user set BirthDate='" + update + "' where UserId = '" + userId + "';"; result = RepositoryManager.Repository.DoCommand(sql); } else if (option == 6) { sql = "update user set Location='" + update + "' where UserId = '" + userId + "';"; result = RepositoryManager.Repository.DoCommand(sql); } if (result == 1) { return(true); } else { return(false); } }
/* * This method adds an admin that's name is admin and password is abc123 */ public static void addAdmin() { string salt = EncryptionManager.PasswordSalt; User Users = new User { Id = 0, Name = "admin", EmailAddress = "*****@*****.**", Salt = salt, HashPassword = EncryptionManager.EncodePassword("abc123", salt), IsAdmin = 1, Status = 1 }; AddUser(Users); }
/* * Recreate and reinitialize the database. * The return value is true iff the initialization succeeds. */ public bool Initialize() { bool success = true; Close(); try { SQLiteConnection.CreateFile(databaseFile); } catch (IOException e) { success = false; } bool openResult = Open(); if (success & openResult) { string salt = EncryptionManager.PasswordSalt; string HashedPassword = EncryptionManager.EncodePassword("deneme1234", salt); string sql = "CREATE TABLE doctor (doctorID VARCHAR(50), doctorName VARCHAR(50), doctorEmail VARCHAR(50)," + "password VARCHAR(50), salt VARCHAR(50), hashedPassword VARCHAR(50)," + "doctorSex VARCHAR(50), isadmin VARCHAR(50), status VARCHAR(50), PRIMARY KEY(doctorID))"; DoCommand(sql); sql = "insert into doctor(doctorID, doctorName, doctorEmail, password," + "salt, hashedPassword, doctorSex, isadmin, status) values " + "('1234567', 'Deniz Merve Gunduz', '*****@*****.**', 'pass', '" + salt + "', '" + HashedPassword + "', 'female', '1', '1')"; DoCommand(sql); string sql1 = "CREATE TABLE patient (patientID VARCHAR(50), doctorID VARCHAR(50), patientName VARCHAR(50), patientEmail VARCHAR(50)," + "patientPhone VARCHAR(50), patientSex VARCHAR(50)," + "patientAge VARCHAR(50), healthProblem VARCHAR(50), PRIMARY KEY(patientID))"; DoCommand(sql1); sql1 = "insert into patient(patientID, doctorID, patientName, patientEmail," + "patientPhone, patientSex, patientAge, healthProblem) values " + "('1234567', '1', 'Deniz', '*****@*****.**', '050666666666', 'female', '22', 'Crazy')"; DoCommand(sql1); } return(success); }
/* * Add a Doctor to the database. * Return true iff the add succeeds. */ public static bool AddDoctor(Doctor doctor) { string salt = EncryptionManager.PasswordSalt; string HashedPassword = EncryptionManager.EncodePassword(doctor.Password, salt); string sql = "insert into doctor (DoctorID, DoctorName, DoctorEmail, Password, Salt, HashedPassword, " + "DoctorSex, Isadmin, Status) values ('" + doctor.DoctorID + "', '" + doctor.DoctorName + "', '" + doctor.DoctorEmail + "', '" + doctor.Password + "', '" + salt + "', '" + HashedPassword + "', '" + doctor.DoctorSex + "', '" + doctor.IsAdmin + "', '" + doctor.Status + "')"; RepositoryManager.Repository.DoCommand(sql); return(true); }
/// <summary> /// Adds user over credential to the database. /// </summary> /// <param name="cr">New user's information is kept in credential object.</param> /// <returns>Boolean value whether the transaction is happened or not.</returns> public static bool AddUser(Credential cr) { string salt = User.CreateSalt(); string hashedPassword = EncryptionManager.EncodePassword(cr.Password, salt); string sql = "insert into user (UserId, Name,Salt, HashedPassword,Email,IsAdmin,Status,Gender,BirthDate,Location) values ('" + cr.UserId + "', '" + cr.Name + "', '" + salt + "', '" + hashedPassword + "', '" + cr.Email + "'," + "0" + ", '" + "A" + "','" + cr.gender + "', '" + cr.BirthDate + "', '" + cr.Location + "'); "; RepositoryManager.Repository.DoCommand(sql); PrintAllUsers(); return(true); }
/* * Recreate and reinitialize the database. * The return value is true iff the initialization succeeds. */ public bool Initialize() { bool openResult; if (File.Exists(databaseFile) && new FileInfo(databaseFile).Length > 10) { openResult = Open(); return(openResult); } bool success = true; Close(); try { SQLiteConnection.CreateFile(databaseFile); } catch (IOException e) { success = false; } openResult = Open(); if (success & openResult) { string salt; string sql = "CREATE TABLE user (UserId VARCHAR(50), Name VARCHAR(50),Salt VARCHAR(50), HashedPassword VARCHAR(50),Email VARCHAR(50),IsAdmin BIT,Status VARCHAR(1),Gender VARCHAR(6),BirthDate VARCHAR(10), Location VARCHAR(30), PRIMARY KEY(UserId));"; DoCommand(sql); sql = "CREATE TABLE car (carId INTEGER, Brand VARCHAR(50), Model VARCHAR(50),Owner VARCHAR(50),YearOfProduction INTEGER,KM INT,Url VARCHAR(200),TransmissionType VARCHAR(15), Fuel VARCHAR(15),TopSpeed INT, Acceleration Float,UrbanConsumption Float, WheelDrive VARCHAR(20), PRIMARY KEY(carId),FOREIGN KEY (Owner) references user(UserId));"; DoCommand(sql); sql = "CREATE TABLE comment (CommentId INTEGER, carId INTEGER,UserId VARCHAR(50), Text VARCHAR(300),FOREIGN KEY (carId) references car(carId),PRIMARY KEY(CommentId),FOREIGN KEY (UserId) references user(UserId));"; DoCommand(sql); sql = "CREATE TABLE favourites (UserId VARCHAR(12), carId INTEGER,FOREIGN KEY (carId) references car(carId),FOREIGN KEY (UserId) references user(UserId));"; DoCommand(sql); salt = User.CreateSalt(); sql = "insert into user (UserId, Name,Salt, HashedPassword,Email,IsAdmin,Status,Gender,BirthDate,Location) values ('" + "crysispeed" + "', '" + "Caglar" + "', '" + salt + "', '" + EncryptionManager.EncodePassword("123456", salt) + "', '" + "*****@*****.**" + "'," + "1" + ", '" + "A" + "','" + "Male" + "', '" + "1995-08-26" + "', '" + "Ankara" + "');"; DoCommand(sql); salt = User.CreateSalt(); sql = "insert into user (UserId, Name,Salt, HashedPassword,Email,IsAdmin,Status,Gender,BirthDate,Location) values ('" + "gurko32" + "', '" + "Gurkan" + "', '" + salt + "', '" + EncryptionManager.EncodePassword("123456", salt) + "', '" + "*****@*****.**" + "'," + "1" + ", '" + "A" + "', '" + "Male" + "', '" + "1996-10-16" + "', '" + "Ankara" + "');"; DoCommand(sql); UserPersistence.PrintAllUsers(); } return(success); }
public ActionResult UserName(User newUser) { string newEmail = newUser.EmailAddress; string newName = newUser.Name; newUser = (User)Session["user"]; if (newUser == null) { return(View("User", "ChangeUser")); } string salt = EncryptionManager.PasswordSalt; if (newEmail != null && newName != null) { User Users = new User { Id = newUser.Id, Name = newName, EmailAddress = newEmail, Salt = salt, HashPassword = EncryptionManager.EncodePassword("abc123", salt), IsAdmin = 0, Status = 0 }; bool result = UserPersistence.UpdateUser(Users); if (result) { ViewBag.message = "User Updated"; } else { ViewBag.message = "That user could not be Updated"; } } else if (newEmail != null && newName == null) { User Users = new User { Id = newUser.Id, Name = newUser.Name, EmailAddress = newEmail, Salt = salt, HashPassword = EncryptionManager.EncodePassword("abc123", salt), IsAdmin = 0, Status = 0 }; bool result = UserPersistence.UpdateUser(Users); if (result) { ViewBag.message = "User Updated"; } else { ViewBag.message = "That user could not be Updated"; } } else { User Users = new User { Id = newUser.Id, Name = newName, EmailAddress = newUser.EmailAddress, Salt = salt, HashPassword = EncryptionManager.EncodePassword("abc123", salt), IsAdmin = 0, Status = 0 }; bool result = UserPersistence.UpdateUser(Users); if (result) { ViewBag.message = "User Updated"; } else { ViewBag.message = "That user could not be Updated"; } } return(View(newUser)); }
public ActionResult SignUp(RegisterCredential registerCredential) { ViewBag.Title = "SignUp"; // Validate book data from the transaction if (registerCredential == null) { TempData["signupMessage"] = "Error: Invalid Request - please try again"; return(View(new RegisterCredential())); } if (registerCredential.Name == null || registerCredential.Name.Length == 0) { TempData["signupMessage"] = "Error: Name is required"; return(View(registerCredential)); } if (registerCredential.Email == null || registerCredential.Email.Length == 0 || !registerCredential.Email.Contains("@")) { TempData["signupMessage"] = "Error: Please type a valid mail"; return(View(registerCredential)); } if (registerCredential.Password == null) { TempData["signupMessage"] = "Error: Please type a valid password"; return(View(registerCredential)); } // Create the user String salt = EncryptionManager.PasswordSalt; System.Diagnostics.Debug.WriteLine("signup passhash: " + EncryptionManager.EncodePassword(registerCredential.Password, salt)); System.Diagnostics.Debug.WriteLine("signup salt: " + salt); User user = new User { UserId = registerCredential.UserId, Salt = salt, PasswordHash = EncryptionManager.EncodePassword(registerCredential.Password, salt), Name = registerCredential.Name, Email = registerCredential.Email, IsAdmin = false, IsActive = true, RegisterDate = DateTime.Now, Age = registerCredential.Age, IsProvider = registerCredential.IsProvider }; System.Diagnostics.Debug.WriteLine("user passhash: " + user.PasswordHash); System.Diagnostics.Debug.WriteLine("user salt: " + user.Salt); //Add user bool result = UserManager.AddNewUser(user); if (result) { TempData["signupMessage"] = ""; return(RedirectToAction("Index", "Home")); } else { TempData["signupMessage"] = "User name " + registerCredential.UserId + " already exists, try again"; return(View(registerCredential)); } }