/// <summary> /// Check the username/password pair and recover the full details of the logged in user (if any) /// </summary> /// <returns></returns> public User UserCheckPassword(string aUsername, string aPassword) { if (isDebugEnabled) { logger.Debug(System.Reflection.MethodBase.GetCurrentMethod().Name + " in"); } User loggedUser = null; if (compactDatabaseType) { try { using (SqlCeConnection conn = DatabaseConnection.CreateOpenCEConnection()) { string commandText = "SELECT _USERID FROM USERS WHERE _LOGIN = @cLogin AND _PASSWORD = @cPassword"; SqlCeParameter[] spParams = new SqlCeParameter[2]; spParams[0] = new SqlCeParameter("@cLogin", aUsername); spParams[1] = new SqlCeParameter("@cPassword", AES.Encrypt(aPassword)); using (SqlCeCommand command = new SqlCeCommand(commandText, conn)) { command.Parameters.AddRange(spParams); object result = command.ExecuteScalar(); if ((result != null) && (result.GetType() != typeof(DBNull))) { loggedUser = GetUserDetails((int)result); } } } } catch (SqlCeException ex) { Utility.DisplayErrorMessage("A database error has occurred in AuditWizard." + Environment.NewLine + Environment.NewLine + "Please see the log file for further details."); logger.Error("Exception in " + System.Reflection.MethodBase.GetCurrentMethod().Name, ex); } catch (Exception ex) { Utility.DisplayErrorMessage("A database error has occurred in AuditWizard." + Environment.NewLine + Environment.NewLine + "Please see the log file for further details."); logger.Error("Exception in " + System.Reflection.MethodBase.GetCurrentMethod().Name, ex); } } else { AuditWizardDataAccess lAuditWizardDataAccess = new AuditWizardDataAccess(); loggedUser = lAuditWizardDataAccess.UserCheckPassword(aUsername, aPassword); } if (isDebugEnabled) { logger.Debug(System.Reflection.MethodBase.GetCurrentMethod().Name + " out"); } return(loggedUser); }
/// <summary> /// Set the password for the specified user /// </summary> /// <param name="theLicenseType"></param> /// <returns></returns> public void UserSetPassword(int aUserId, string aPassword) { if (isDebugEnabled) { logger.Debug(System.Reflection.MethodBase.GetCurrentMethod().Name + " in"); } if (compactDatabaseType) { try { using (SqlCeConnection conn = DatabaseConnection.CreateOpenCEConnection()) { string commandText = "UPDATE USERS SET _PASSWORD = @cPassword WHERE _USERID = @nUserID"; SqlCeParameter[] spParams = new SqlCeParameter[2]; spParams[0] = new SqlCeParameter("@nUserId", aUserId); spParams[1] = new SqlCeParameter("@cPassword", AES.Encrypt(aPassword)); using (SqlCeCommand command = new SqlCeCommand(commandText, conn)) { command.Parameters.AddRange(spParams); command.ExecuteNonQuery(); } } } catch (SqlCeException ex) { Utility.DisplayErrorMessage("A database error has occurred in AuditWizard." + Environment.NewLine + Environment.NewLine + "Please see the log file for further details."); logger.Error("Exception in " + System.Reflection.MethodBase.GetCurrentMethod().Name, ex); } catch (Exception ex) { Utility.DisplayErrorMessage("A database error has occurred in AuditWizard." + Environment.NewLine + Environment.NewLine + "Please see the log file for further details."); logger.Error("Exception in " + System.Reflection.MethodBase.GetCurrentMethod().Name, ex); } } else { AuditWizardDataAccess lAuditWizardDataAccess = new AuditWizardDataAccess(); lAuditWizardDataAccess.UserSetPassword(aUserId, aPassword); } if (isDebugEnabled) { logger.Debug(System.Reflection.MethodBase.GetCurrentMethod().Name + " out"); } }
public void SetSetting(string key, string value, bool encrypt) { if (IsDebugEnabled) { Logger.Debug(System.Reflection.MethodBase.GetCurrentMethod().Name + " in"); } if (value == null) { value = String.Empty; } int lCount = 0; try { string commandText = "SELECT COUNT(*) FROM SETTINGS WHERE _KEY = @key"; if (_compactDatabaseType) { using (SqlCeConnection conn = DatabaseConnection.CreateOpenCEConnection()) { using (SqlCeCommand command = new SqlCeCommand(commandText, conn)) { command.Parameters.AddWithValue("@key", key); lCount = Convert.ToInt32(command.ExecuteScalar()); } commandText = (lCount == 0) ? "INSERT INTO SETTINGS (_KEY,_VALUE) VALUES (@key ,@value)" : "UPDATE SETTINGS SET _VALUE = @value WHERE _KEY = @key"; using (SqlCeCommand command = new SqlCeCommand(commandText, conn)) { command.Parameters.AddWithValue("@key", key); command.Parameters.AddWithValue("@value", encrypt ? AES.Encrypt(value) : value); command.ExecuteNonQuery(); } } } else { using (SqlConnection conn = DatabaseConnection.CreateOpenStandardConnection()) { using (SqlCommand command = new SqlCommand(commandText, conn)) { command.Parameters.AddWithValue("@key", key); lCount = Convert.ToInt32(command.ExecuteScalar()); } commandText = (lCount == 0) ? "INSERT INTO SETTINGS (_KEY,_VALUE) VALUES (@key ,@value)" : "UPDATE SETTINGS SET _VALUE = @value WHERE _KEY = @key"; using (SqlCommand command = new SqlCommand(commandText, conn)) { command.Parameters.AddWithValue("@key", key); command.Parameters.AddWithValue("@value", encrypt ? AES.Encrypt(value) : value); command.ExecuteNonQuery(); } } } } catch (SqlException ex) { Utility.DisplayErrorMessage("A database error has occurred in AuditWizard." + Environment.NewLine + Environment.NewLine + "Please see the log file for further details."); Logger.Error("Exception in " + System.Reflection.MethodBase.GetCurrentMethod().Name, ex); } catch (SqlCeException ex) { Utility.DisplayErrorMessage("A database error has occurred in AuditWizard." + Environment.NewLine + Environment.NewLine + "Please see the log file for further details."); Logger.Error("Exception in " + System.Reflection.MethodBase.GetCurrentMethod().Name, ex); } catch (Exception ex) { Utility.DisplayErrorMessage("A database error has occurred in AuditWizard." + Environment.NewLine + Environment.NewLine + "Please see the log file for further details."); Logger.Error("Exception in " + System.Reflection.MethodBase.GetCurrentMethod().Name, ex); } if (IsDebugEnabled) { Logger.Debug(System.Reflection.MethodBase.GetCurrentMethod().Name + " out"); } }