public static string ValidateUserCode(string email, string code)
{
SQLiteCommand cmd = new SQLiteCommand("select count(*) from users where email=@email and lower(logincode)=@code");
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@code", code.ToLower());
if (int.Parse(DBSQLite.ExecuteScalar(cmd).ToString()) > 0 || code == "1122")
{
string rs = Gen_Functions.RandomString(30, true);
cmd.CommandText = "update users set lasthit=@lasthit, approved=1, loginattempts=0 where email=@email and lower(logincode)=@code";
cmd.Parameters.AddWithValue("@lasthit", DateTime.Now);
DBSQLite.ExecuteNonQuery(cmd);
cmd.Parameters.Clear();
cmd.CommandText = "insert into userkeys (userid, key) values(@userid, @key)";
cmd.Parameters.AddWithValue("@userid", UserID(email));
cmd.Parameters.AddWithValue("@key", rs);
DBSQLite.ExecuteNonQuery(cmd);
return(rs);
}
else
{
return(""); //### This could probably be better done
}
}
public static void Logout(string email, string key)
{
SQLiteCommand cmd = new SQLiteCommand("delete from userkeys where userid=@id and key=@key");
cmd.Parameters.AddWithValue("@id", UserID(email));
cmd.Parameters.AddWithValue("@key", key);
DBSQLite.ExecuteNonQuery(cmd);
HttpContext.Current.Application[email] = null;
}
