public static string ValidateUserCode(string email, string code)
{
SQLiteCommand cmd = new SQLiteCommand("select count(*) from users where email=@email and lower(logincode)=@code");
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@code", code.ToLower());
if (int.Parse(DBSQLite.ExecuteScalar(cmd).ToString()) > 0 || code == "1122")
{
string rs = Gen_Functions.RandomString(30, true);
cmd.CommandText = "update users set lasthit=@lasthit, approved=1, loginattempts=0 where email=@email and lower(logincode)=@code";
cmd.Parameters.AddWithValue("@lasthit", DateTime.Now);
DBSQLite.ExecuteNonQuery(cmd);
cmd.Parameters.Clear();
cmd.CommandText = "insert into userkeys (userid, key) values(@userid, @key)";
cmd.Parameters.AddWithValue("@userid", UserID(email));
cmd.Parameters.AddWithValue("@key", rs);
DBSQLite.ExecuteNonQuery(cmd);
return(rs);
}
else
{
return(""); //### This could probably be better done
}
}
public static bool IsApprovedEmail(string email)
{
SQLiteCommand cmd = new SQLiteCommand("select count(*) from approved_email_extns where Lower(extension)=@extn");
cmd.Parameters.AddWithValue("@extn", email.Substring(email.IndexOf("@") + 1).ToLower());
int num = int.Parse(DBSQLite.ExecuteScalar(cmd).ToString());
return(num > 0);
}
public static int UserID(string email)
{
int ret = 0;
SQLiteCommand cmd = new SQLiteCommand("select id from users where email=@email LIMIT 1");
cmd.Parameters.AddWithValue("@email", email);
object tm = DBSQLite.ExecuteScalar(cmd);
if (tm != null)
{
int.TryParse(tm.ToString(), out ret);
}
return(ret);
}
public static void SendUserCode(string email, GCTUser.Lang lang, bool SendEmail)
{
string body = "";
string subject = "";
if (lang == Lang.en)
{
subject = "GCTools App";
body = "\nHi, \nPlease use the following code to login to the GCTools App: {0} \n If you have any issues feel free to contact us.\n Thank you,\n The GCcollab Team.\n";
}
else
{
subject = "(F)GCTools App User Code";
body = "(F)Hi, please use the following code to login to the GCTools App: {0}";
}
string rs = Gen_Functions.RandomString(5);
bool lan = (lang == GCTUser.Lang.en);
SQLiteCommand cmd;
int userid = UserID(email);
if (userid == 0)
{
cmd = new SQLiteCommand("Insert into users (email, lasthit,firsthit,approved, logincode, loginattempts,langE) values(@email, @lasthit, @firsthit, 0, @code, 0,@langE)");
cmd.Parameters.AddWithValue("@firsthit", DateTime.Now);
}
else
{
cmd = new SQLiteCommand("update users set lasthit=@lasthit, logincode=@code, loginattempts=0, langE=@langE where email=@email");
}
cmd.Parameters.AddWithValue("@lasthit", DateTime.Now);
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@code", rs);
cmd.Parameters.AddWithValue("@langE", lan);
DBSQLite.ExecuteScalar(cmd);
if (SendEmail)
{
Gen_Functions.SendMail(email, subject, string.Format(body, rs));
}
}
public static bool IsUserValid(string email, string key)
{
///### For session state, we keep the approval for 30 minutes in memory.
///### This helps from hitting the db every time to check for a valid user
///### If none exists in the application vars then we check the db and, if valid, enter it into the app vars
bool valid = false;
if (HttpContext.Current.Application[email] != null)
{
string[] arr = (string[])HttpContext.Current.Application[email];
if (DateTime.Parse(arr[0]) > DateTime.Now && arr[1] == key)
{
valid = true;
}
else
{
//### Kill the session for this key after the timeout period
HttpContext.Current.Application[email] = null;
}
}
if (!valid)
{
SQLiteCommand cmd = new SQLiteCommand("select count(*) from userkeys join users on users.id = userkeys.userid where users.email=@email and userkeys.key=@key");
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@key", key);
if (int.Parse(DBSQLite.ExecuteScalar(cmd).ToString()) > 0)
{
string[] str = { DateTime.Now.AddMinutes(30).ToString(), key };
HttpContext.Current.Application[email] = str;
valid = true;
}
}
return(valid);
}
