public void renewUser(String userId)
{
// updates a user account after renewal
sqltransaction s = new sqltransaction();
String svSQLQString = "UPDATE users SET d_created=GETDATE() WHERE (id='" + userId + "')";
Boolean renewed = s.doQueryNoResults(svSQLQString);
}
public void modifyUser(String id, String firstname, String lastname, String nickname, String username, String password, String company, String company_website, String email, String phone, String address1, String address2, String city, String provstate, String country, String postalzip, String roleid, String statusid, String groupid)
{
// updates the user with all information changes except id, d_created and d_last_accessed
if (id != "")
{
uid = id;
//sqltransaction s = new sqltransaction();
//String svSQLQString = "UPDATE users SET ";
//svSQLQString += "first_name='" + firstname + "', last_name='" + lastname + "', altname='" + nickname + "', username='******', password='******', company='" + company + "', company_url='" + company_website + "', email='" + email + "', street_address1='" + address1 + "', street_address2='" + address2 + "', city='" + city + "', prov_state='" + provstate + "', country='" + country + "', postal_zip='" + postalzip + "', role='" + roleid + "', status='" + statusid + "', [group]='" + groupid + "', d_updated=GETDATE()";
//svSQLQString += " WHERE ";
//svSQLQString += " (id='" + uid + "')";
//Boolean userCreated = s.doQueryNoResults(svSQLQString);
if (password != "")
{
sqltransaction s = new sqltransaction();
String svSQLQString = "UPDATE users SET ";
svSQLQString += "first_name='" + firstname + "', last_name='" + lastname + "', altname='" + nickname + "', username='******', password='******', company='" + company + "', company_url='" + company_website + "', email='" + email + "', phone_number='" + phone + "', street_address1='" + address1 + "', street_address2='" + address2 + "', city='" + city + "', prov_state='" + provstate + "', country='" + country + "', postal_zip='" + postalzip + "', role='" + roleid + "', status='" + statusid + "', [group]='" + groupid + "', d_updated=GETDATE()";
svSQLQString += " WHERE ";
svSQLQString += " (id='" + uid + "')";
Boolean userCreated = s.doQueryNoResults(svSQLQString);
}
else
{
sqltransaction s = new sqltransaction();
String svSQLQString = "UPDATE users SET ";
svSQLQString += "first_name='" + firstname + "', last_name='" + lastname + "', altname='" + nickname + "', username='******', company='" + company + "', company_url='" + company_website + "', email='" + email + "', phone_number='" + phone + "', street_address1='" + address1 + "', street_address2='" + address2 + "', city='" + city + "', prov_state='" + provstate + "', country='" + country + "', postal_zip='" + postalzip + "', role='" + roleid + "', status='" + statusid + "', [group]='" + groupid + "', d_updated=GETDATE()";
svSQLQString += " WHERE ";
svSQLQString += " (id='" + uid + "')";
Boolean userCreated = s.doQueryNoResults(svSQLQString);
}
}
}
public void userOptedIn(String userId)
{
// updates a user account after renewal
sqltransaction s = new sqltransaction();
String svSQLQString = "UPDATE users SET optout=0 WHERE (id='" + userId + "')";
Boolean renewed = s.doQueryNoResults(svSQLQString);
}
public string addGroup(String name, String lang, int parentid, String accessHash)
{
user u = new user();
if (u.validateAccessHash(accessHash))
{
String newId = "Error";
sqltransaction s = new sqltransaction();
String qs = "SELECT MAX(id) as maxid FROM groups";
String tn = "maxid";
DataSet ds = s.doQueryWithResults(qs, tn);
// get the highest id, then add 100
int maxid = int.Parse(ds.Tables[tn].Rows[0][tn].ToString());
int newid = maxid + 100;
qs = "INSERT INTO groups (id, name, language, parent) VALUES (" + newid + ", '" + name + "','" + lang + "', " + parentid + ")";
bool c = s.doQueryNoResults(qs);
if (c)
{
newId = newid.ToString();
}
return(newId);
}
else
{
return("");
}
}
public void reActivateUser(String svUID)
{
// set the user's status to disabled.
if (svUID != "")
{
sqltransaction s = new sqltransaction();
String svSQLQString = "UPDATE users SET ";
svSQLQString += "status='100', d_updated=GETDATE()";
svSQLQString += " WHERE ";
svSQLQString += " (id='" + svUID + "')";
Boolean userCreated = s.doQueryNoResults(svSQLQString);
}
}
public void createUser(String firstname, String lastname, String nickname, String username, String password, String company, String company_website, String email, String phone, String address1, String address2, String city, String provstate, String country, String postalzip, String roleid, String statusid, String groupid)
{
// adds this user to the database.
if (uid != "")
{
sqltransaction s = new sqltransaction();
String svSQLQString = "INSERT INTO users ";
svSQLQString += "(id, first_name, last_name, altname, username, password, company, company_url, email, phone_number, street_address1, street_address2, city, prov_state, country, postal_zip, role, status, [group], d_created)";
svSQLQString += " VALUES ";
svSQLQString += "('" + uid + "','" + firstname + "','" + lastname + "','" + nickname + "','" + username + "','" + saltedhash.ComputeHash(password, "MD5", Encoding.UTF8.GetBytes(uid)) + "','" + company + "','" + company_website + "','" + email + "','" + phone + "','" + address1 + "','" + address2 + "','" + city + "','" + provstate + "','" + country + "','" + postalzip + "','" + roleid + "','" + statusid + "','" + groupid + "',GETDATE())";
Boolean userCreated = s.doQueryNoResults(svSQLQString);
}
}
public void hardDeleteUser(String svUID)
{
// delete the user's record.
if (svUID != "")
{
// protect the built-in admin
if (svUID != "965efdec-6254-4664-85e7-6b13e8f795d8")
{
sqltransaction s = new sqltransaction();
String svSQLQString = "DELETE FROM users ";
svSQLQString += " WHERE ";
svSQLQString += " (id='" + svUID + "')";
Boolean userCreated = s.doQueryNoResults(svSQLQString);
// add any other special conditions here.
}
}
}
public bool setGroup(int id, String name, String lang, int parentid, String accessHash)
{
user u = new user();
if (u.validateAccessHash(accessHash))
{
sqltransaction s = new sqltransaction();
String qs = "UPDATE groups SET name='" + name + "', language='" + lang + "', parent=" + parentid + " WHERE id=" + id + "";
bool c = s.doQueryNoResults(qs);
return(c);
}
else
{
return(false);
}
}
public bool removeGroup(int id, String accessHash)
{
user u = new user();
if (u.validateAccessHash(accessHash))
{
sqltransaction s = new sqltransaction();
String qs = "DELETE FROM groups WHERE id=" + id + "";
bool c = s.doQueryNoResults(qs);
//will need to put in code for if removing group with children then to update all children to root parent
return(c);
}
else
{
return(false);
}
}
public Boolean initialUpdatePass(String id, String pass, String accessHash)
{
user u = new user();
if (u.validateAccessHash(accessHash))
{
sqltransaction s = new sqltransaction();
String svSQLQString = "UPDATE users SET password='******'";
svSQLQString += " WHERE ";
svSQLQString += " (id='" + id + "')";
Boolean userUpdate = s.doQueryNoResults(svSQLQString);
return(userUpdate);
}
else
{
return(false);
}
}
public Boolean updateLastAccessUser(String id, String accessHash)
{
user u = new user();
if (u.validateAccessHash(accessHash))
{
// updates the user with all information changes except id, d_created and d_last_accessed
sqltransaction s = new sqltransaction();
String svSQLQString = "UPDATE users SET d_last_accessed=GETDATE()";
svSQLQString += " WHERE ";
svSQLQString += " (id='" + id + "')";
Boolean userCreated = s.doQueryNoResults(svSQLQString);
return(userCreated);
}
else
{
return(false);
}
}