public bool SavePassForg([FromBody] UserRowLogId pc)
{
/*
* Saves new password when user forgets it
*/
List <PassChanger> pcList = new List <PassChanger>();
string CS = ConfigurationManager.ConnectionStrings["Fordonskontroll"].ConnectionString;
using (SqlConnection con = new SqlConnection(CS))
{
string selectQuarry = "select * from del_Users where del_ID = " + pc.User;
SqlCommand cmd = new SqlCommand(selectQuarry, con);
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
PassChanger fc = new PassChanger();
fc.User = rdr["del_User"].ToString();
pcList.Add(fc);
}
con.Close();
}
if (pcList.Count == 1)
{
//pc has raw current password and raw new password
//pcList[0] has user email and encripted password
//match them:
StringBuilder gpReal = new StringBuilder();
gpReal.Append(pcList[0].User);
gpReal.Append(pc.idCall);
gpReal.Append(pc.idCall);
//Create pass that will be stored in the database
string passForDB;
using (MD5 md5HashReal = MD5.Create())
{
passForDB = GetMd5Hash(md5HashReal, gpReal.ToString());
}
//Update password based on user id
using (SqlConnection con = new SqlConnection(CS))
{
string updateQuarry = "update del_Users set del_Pass = @del_Pass where del_ID = @del_ID";
SqlCommand cmd = new SqlCommand(updateQuarry, con);
SqlParameter del_ID = new SqlParameter("@del_ID", pc.User);
cmd.Parameters.Add(del_ID);
SqlParameter del_Pass = new SqlParameter("@del_Pass", passForDB);
cmd.Parameters.Add(del_Pass);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
return(true);
}
}
return(true);
}
public List <PassChanger> PassForget([FromBody] UserRowLogId urlid)
{
/*
* Send new password when user forgets it
*/
List <PassChanger> pcList = new List <PassChanger>();
string CS = ConfigurationManager.ConnectionStrings["Fordonskontroll"].ConnectionString;
using (SqlConnection con = new SqlConnection(CS))
{
string selectQuarry = "select * from del_Users where del_User = @email";
SqlCommand cmd = new SqlCommand(selectQuarry, con);
SqlParameter paramA = new SqlParameter("@email", urlid.idCall);
cmd.Parameters.Add(paramA);
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
PassChanger fc = new PassChanger();
fc.User = rdr["del_ID"].ToString();
pcList.Add(fc);
}
con.Close();
}
if (pcList.Count == 1)
{
using (SqlConnection conA = new SqlConnection(CS))
{
SqlCommand cmdA = new SqlCommand("generateCodeForPassForget", conA);
cmdA.CommandType = CommandType.StoredProcedure;
SqlParameter paramA = new SqlParameter("@id", pcList[0].User);
cmdA.Parameters.Add(paramA);
conA.Open();
SqlDataReader rdr = cmdA.ExecuteReader();
conA.Close();
return(pcList);
}
}
else
{
PassChanger fcA = new PassChanger();
fcA.User = "******";
pcList.Add(fcA);
return(pcList); //Email does not exist in database
}
}
public int DelKon([FromBody] UserRowLogId urlID)
{
/*
* Deletes kontrolldatum based on id
*/
if (Login.CheckLogging(urlID.User))
{
string CS = ConfigurationManager.ConnectionStrings["Fordonskontroll"].ConnectionString;
using (SqlConnection con = new SqlConnection(CS))
{
string selectQuarry = "DELETE FROM Kontrolldatum WHERE id = " + urlID.idCall;
SqlCommand cmd = new SqlCommand(selectQuarry, con);
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
con.Close();
}
}
return(0);
}
public bool CheckCode([FromBody] UserRowLogId urlid)
{
/*
* Check if code is OK when user change password
*/
List <PassChanger> pcList = new List <PassChanger>();
string CS = ConfigurationManager.ConnectionStrings["Fordonskontroll"].ConnectionString;
using (SqlConnection con = new SqlConnection(CS))
{
string selectQuarry = "select * from del_Users where del_ID = @del_ID and del_FrgPass = @del_FrgPass";
SqlCommand cmd = new SqlCommand(selectQuarry, con);
SqlParameter paramA = new SqlParameter("@del_ID", urlid.User);
cmd.Parameters.Add(paramA);
SqlParameter paramB = new SqlParameter("@del_FrgPass", urlid.idCall);
cmd.Parameters.Add(paramB);
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
PassChanger fc = new PassChanger();
fc.User = rdr["del_ID"].ToString();
pcList.Add(fc);
}
con.Close();
}
if (pcList.Count == 1)
{
return(true); //Code is corect, user returned, send true
}
else
{
return(false); //Code or user not found, send false
}
}
