/// <summary> /// Adds all of the information for the new video to the database /// </summary> protected void btnAdd_Click(object sender, EventArgs e) { var mysql = new SqlConnector("db_trackvideowatching"); var user = (DataTable) mysql.Select("SELECT PK_UserID, Username, Password_Hash, Salt FROM tbl_users WHERE Username = '******';"); if (user.Rows.Count == 0) { Response.Write("You are not logged in, please log in"); return; } if (Utilities.HashPassword(user.Rows[0][1].ToString() + user.Rows[0][2], user.Rows[0][3].ToString(), MD5.Create()) == Request.Cookies["Token"].Value) { var platform = cboPlatform.Text; if (cboPlatform.Text == "Other") { platform = txtPlatform.Text; } mysql.NonQuery("INSERT INTO tbl_records ( FK_UserID, Video_Platform, Date_Watched, Channel, Length) VALUES ('" + user.Rows[0][0] + "','" + platform + "','" + Calendar1.SelectedDate.ToString("yyyy-MM-dd") + "','" + txtChannel.Text + "','" + txtHour.Text + ":" + txtMin.Text + ":" + txtSec.Text + "');"); cboPlatform.Text = "YouTube"; txtPlatform.Text = ""; txtChannel.Text = ""; txtHour.Text = ""; txtMin.Text = ""; txtSec.Text = ""; Response.Write("Video has been added to database"); return; } Response.Write("Authentication failed"); }
/// <summary> /// Registers a user given the textbox inputs /// </summary> protected void cmdRegister_Click(object sender, EventArgs e) { if (txtPassword.Text != txtCPassword.Text) { Response.Write("Passwords do not match"); return; } var mysql = new SqlConnector("db_trackvideowatching"); var users = (DataTable) mysql.Select("Select Username, EmailAddress From tbl_users WHERE Username = '******' OR EmailAddress = '" + txtEmail.Text + "';"); if (users.Rows.Count != 0) { Response.Write("A user already exists with this username/email"); return; } var salt = Utilities.GenerateSaltValue(); var password = Utilities.HashPassword(txtPassword.Text, salt, MD5.Create()); mysql.NonQuery("INSERT INTO tbl_users ( Username, Password_hash, Salt, EmailAddress) VALUES ('" + txtUsername.Text + "','" + password + "','" + salt + "','" + txtEmail.Text + "');"); HtmlMeta meta = new HtmlMeta(); meta.HttpEquiv = "Refresh"; meta.Content = "5;url=Login.aspx"; Page.Controls.Add(meta); Response.Write("Account Creation Successfull, you will now be redirected"); }