static DateTime GetLastLogin(DBConnection db, int accountId)
{
if (GetOnlineAccount(accountId) != null)
return DateTime.UtcNow;
var result = db.Evaluate("select datetime from account_login where account_id = {0} order by datetime desc limit 1", accountId);
if (result is uint)
return Utility.FromUnixTimestamp(Convert.ToInt32(result));
else
return DateTime.MinValue;
}
static bool CanSend(DBConnection db, int sourceId)
{
var time = Utility.UnixTimestamp(DateTime.UtcNow) - 3600;
return Convert.ToInt32(db.Evaluate("select Count(distinct to_id) from message where from_id = " + sourceId + " and time > " + time)) <= 10;
}
string ModifyPassword(string oldPassword, string newPassword, string newPasswordVerify)
{
using (var db = new DBConnection())
{
var realOldPassword = db.Evaluate("select password from account where id = {0}", Account.Id) as String;
if (LT.HtmlUtils.CalculateHash(oldPassword) != realOldPassword)
{
return "Unable to modify your password.<br>You did not enter the correct current password.";
}
if (newPassword != newPasswordVerify)
{
return "Unable to modify your password.<br>The new passwords you entered do not match.";
}
if (newPassword.Length < 5)
{
return "Unable to modify your password.<br>Password must be at least five letters.";
}
db.Execute("update account set password = '******' where id = {1}", DBConnection.AddSlashes(LT.HtmlUtils.CalculateHash(newPassword)), Account.Id);
}
return "Password modified successfully.";
}
string ModifyLoginName(string newLoginName)
{
if (!Account.Name.EndsWith('-' + Account.Id.ToString()))
return "You cannot change your login name";
using (var db = new DBConnection())
{
newLoginName = newLoginName.Trim(new char[] { ' ', '\t', '\n', '\r', '0' });
if (newLoginName != System.Web.HttpUtility.HtmlEncode(newLoginName) || newLoginName != DBConnection.AddSlashes(newLoginName))
return "Invalid login name.";
if (db.Evaluate("select name from account where name = '" + DBConnection.AddSlashes(newLoginName) + "'") != null)
return "Login name already taken";
db.Execute("update account set name = '" + DBConnection.AddSlashes(newLoginName) + "' where id = " + Account.Id);
Account.Name = newLoginName;
// SendEmail(Account.EmailAddress, Account.Name, "New Login Name", String.Format(
//@"You've changed your login to {0}
//
//You can change your account name and password at http://{1}/Account/Settings
//", Account.Name,Request.Url.Host));
}
return "Login name modified successfully. It will not be updated in your current games.";
}
string ModifyEmail(string newEmail)
{
newEmail = newEmail.Trim();
using (var db = new DBConnection())
{
if (!HtmlUtils.IsValidEmailAddress(newEmail))
return "Unable to modify email address.<br>You need to enter a valid email address.";
if (db.Evaluate("select email from account where email = '{0}' and id <> {1}", DBConnection.AddSlashes(newEmail), Account.Id) != null)
return "There is already an account with that email address.";
db.Execute("update account set email = '" + DBConnection.AddSlashes(newEmail) + "' where id = " + Account.Id);
Account.EmailAddress = newEmail;
}
return "Email modified successfully.";
}
protected string CreateAccount(string loginName, string password, string passwordVerify, string email, out int accountId, bool isTempLoginName = false)
{
accountId = 0;
loginName = loginName.Trim(new char[] { ' ', '\t', '\n', '\r', '0' });
email = email.Trim();
if (!LT.HtmlUtils.IsValidEmailAddress(email))
return "You need to enter a valid email address.";
if (loginName != System.Web.HttpUtility.HtmlEncode(loginName) || loginName != DBConnection.AddSlashes(loginName))
return "Invalid login name.";
using (var db = new DBConnection())
{
if (db.Evaluate("select name from account where name = '" + DBConnection.AddSlashes(loginName) + "'") != null)
return "Login name already taken";
if (db.Evaluate("select email from account where email = '" + DBConnection.AddSlashes(email) + "'") != null)
return "There is already an account with that email address.";
if (password != passwordVerify)
return "The passwords you entered do not match.";
if (password.Length < 5)
return "Password must be at least five letters.";
db.Execute
(
"insert into account (name, password, signed_up, email, referred_by, OptOutKey) values('{0}', '{1}', '{2}', '{3}', '{4}', {5})",
DBConnection.AddSlashes(loginName),
DBConnection.AddSlashes(LT.HtmlUtils.CalculateHash(password)),
Utility.UnixTimestamp(DateTime.Now),
DBConnection.AddSlashes(email),
GetInt("ReferredBy"),
Utility.Random.Next(1000000)
);
accountId = Convert.ToInt32(db.LastInsertID);
if (isTempLoginName)
db.Execute("update account set name = concat(name, '-', id) where id = {0}", accountId); // append -ID
}
return String.Empty;
}
