public string Login(string loginName, string password)
{
using (var db = new DBConnection())
{
var accountRow = db.EvaluateRow("select * from account where name = '{0}' or email = '{0}'", DBConnection.AddSlashes(loginName));
if (accountRow == null)
return "Unknown login name or email address.";
if ((int)accountRow["disabled_by"] != 0)
return "That account has been permanently disabled.";
if (password != (string)accountRow["password"] && LT.HtmlUtils.CalculateHash(password) != (string)accountRow["password"])
return "Bad Password";
SetSession(accountRow);
return null;
}
}
public ActionResult Index()
{
var model = new HomeIndexModel();
using (var db = new DBConnection())
{
model.NewGames = GameServer.GetNewGames();
if (LoggedIn)
{
// refresh account record
Account = Account.Load(db.EvaluateRow("select * from account where id = {0}", Account.Id));
model.PlayerGames = GameServer.GetPlayerGames(Account.Id);
model.InvitedGames = GameServer.GetPlayerGames(Account.Id, false, true);
}
}
return View(model);
}
public ActionResult Invite(int id, string inviteEmail)
{
Initalize(id);
if (!String.IsNullOrEmpty(inviteEmail))
{
var invites = inviteEmail.Split(',', '\n');
foreach (var invite in invites)
{
var trimmedInvite = invite.Trim();
if (!String.IsNullOrEmpty(trimmedInvite))
{
using (var db = new DBConnection())
{
var account = FindAccount(trimmedInvite);
bool accountCreated = false;
if (account == null)
{
int accountId;
AddErrorMessage(CreateAccount(trimmedInvite, game.Id, out accountId));
accountCreated = true;
account = Account.Load(db.EvaluateRow("select * from account where id = {0}", accountId));
}
if (account != null)
{
// Check for existing invite
if ((from i in game.Invites where i.AccountId == account.Id select i).Count() > 0)
{
AddErrorMessage(account.Name + " has already been invited to this game.");
continue;
}
if ((from p in game.Players where p.AccountId == account.Id select p).Count() > 0)
{
AddErrorMessage(account.Name + " is already playing this game.");
continue;
}
game.Invites.Add(new Invite() { AccountId = account.Id, Name = account.Name });
//game.SendForumMessage(String.Format("{0} invited {1} to this game.", Account.Name, account.Name));
GameServer.PlayerInvited(game, account);
if (!accountCreated)
{
GameServer.SendMessage(db, account.Id, Account.Id, Account.Name, String.Format(
@"You've been challenged to a game of {3} by {0}.
Visit http://{1}/Game-{2}/ to view the details and join the game.
", Account.Name, Request.Url.Host, game.Id, HtmlUtils.SiteName));
}
}
}
}
}
}
LoadMessages();
return View("Lobby", game);
}
public static string SendMessage(DBConnection db, int destinationId, int sourceId, string sourceName, string text)
{
//if (sourceId > 1 && !CanSend(db, sourceId))
// return "Unable to send message due to spam guard. Everyone is only allowed to message ten different places within a single hour.";
db.Execute
(
"insert into message (to_id, from_id, time, text) values ({0}, {1}, {2}, '{3}')",
destinationId,
sourceId,
Utility.UnixTimestamp(DateTime.UtcNow),
DBConnection.AddSlashes(text)
);
if (destinationId > 0)
{
var account = GameServer.GetOnlineAccount(destinationId);
if (account != null)
{
GameHub.SendMessage(account.SessionKey, sourceId, sourceName, text);
}
else
{
// send email?
var destAccount = db.EvaluateRow("select name, email, forward_emails from account where id = " + destinationId);
if ((string)destAccount["forward_emails"] == "All")
GameServer.SendEmail((string)destAccount["email"], (string)destAccount["name"], "Message from " + sourceName, sourceName + " wrote:\n" + text);
}
}
return "Message Sent";
}
public static void EmailAllPlayers(Game game, string subject, string message, bool isGameStart = false)
{
using (var db = new DBConnection())
{
foreach (var player in game.Players)
{
if (GetOnlineAccount(player.AccountId) == null)
{
var accountRow = db.EvaluateRow("select name, email, forward_emails from account where id = {0}", player.AccountId);
if (accountRow != null)
{
string forwardEmails = (string)accountRow["forward_emails"];
if (isGameStart && forwardEmails == "GameStarts")
SendEmail((string)accountRow["email"], (string)accountRow["name"], subject, message);
else
{
if (forwardEmails == "All" || forwardEmails == "AllGame")
SendEmail((string)accountRow["email"], (string)accountRow["name"], subject, message);
}
}
}
}
}
}
string ResetPassword(string email)
{
if (String.IsNullOrWhiteSpace(email))
return "Invalid login name or email address.";
using (var db = new DBConnection())
{
var accountRow = db.EvaluateRow("select * from account where name = '{0}' or email = '{0}'", DBConnection.AddSlashes(email));
if (accountRow == null)
return "Account not found.";
var newPassword = HtmlUtils.GeneratePassword(8);
db.Execute("update account set password = '******' where id = {1}", DBConnection.AddSlashes(LT.HtmlUtils.CalculateHash(newPassword)), (int)accountRow["id"]);
GameServer.SendEmail((string)accountRow["email"], GameServer.FromAddress, LT.HtmlUtils.SiteName + " Password Reset", "Login Name: " + (string)accountRow["name"] + "\nPassword: "******"\n\nIf you have a hard time remembering it, try tattooing it to your leg for easy access. \n\nThis request was sent from " + Request.UserHostAddress);
return "A new password was sent to your email.";
}
}
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
int accountId;
var errorMessage = CreateAccount(model.UserName, model.Password, model.ConfirmPassword, model.Email, out accountId);
if (!String.IsNullOrEmpty(errorMessage))
{
ModelState.AddModelError("", errorMessage);
}
else
{
using (var db = new DBConnection())
{
var row = db.EvaluateRow("select * from account where id = {0}", accountId);
SetSession(row);
}
FormsAuthentication.SetAuthCookie(model.Email, true);
return RedirectToAction("Index", "Home");
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
protected void Session_Start()
{
if (User.Identity.IsAuthenticated)
{
using (var db = new DBConnection())
{
var accountRow = db.EvaluateRow("select * from account where name = '{0}' or email = '{0}'", DBConnection.AddSlashes(User.Identity.Name));
if (accountRow != null)
AccountController.SetSession(accountRow);
}
}
}
public ActionResult PlayerInfo(int id)
{
if (id <= 0)
return HttpNotFound();
var model = new PlayerInfoModel();
using (var db = new DBConnection())
{
model.Account = Account.Load(db.EvaluateRow("select * from account where id = {0}", id));
if (model.Account == null)
return HttpNotFound();
if (LoggedIn && Account.Id == id) // use freshest account record
Account = model.Account;
if (IsSet("ShowLoginHistory"))
model.IpAddresses = db.EvaluateTable("select * from account_login where account_id = " + id + " order by datetime desc limit 100");
if (IsSet("KillAccount") && Account.IsAdmin)
{
db.Execute("update account set disabled_by = " + Account.Id + " where id=" + id);
ViewBag.ErrorMessage = "Account Disabled";
}
if (id > 1)
model.Games = GameServer.GetPlayerGames(id, IsSet("AllGames"));
else
model.Games = new List<Game>();
}
return View("PlayerInfo", model);
}
public ActionResult OptOut(int account)
{
if (!IsSet("Account") || !IsSet("Key"))
{
ViewBag.ErrorMessage = "Missing account or opt out key.";
return View();
}
using (var db = new DBConnection())
{
var accountRow = db.EvaluateRow("select * from Account where Id = {0}", account);
if (accountRow == null)
{
ViewBag.ErrorMessage = "Invalid account.";
return View();
}
else
{
if ((int)accountRow["OptOutKey"] != GetInt("Key"))
{
ViewBag.ErrorMessage = "Incorrect opt out key.";
return View();
}
}
db.Execute("update Account set OptOut = 1 where Id = {0}", account);
ViewBag.ErrorMessage = "You will no longer recieve emails about new features.";
}
return View();
}
protected Account FindAccount(string emailOrAccountName)
{
using (var db = new DBConnection())
{
var row = db.EvaluateRow("select * from account where name = '{0}' or email = '{0}'", DBConnection.AddSlashes(emailOrAccountName));
if (row == null)
return null;
return Account.Load(row);
}
}
