Exemplo n.º 1
0
        public static string RegisterNewUser(tbl_userdata user)
        {
            string activationCode = generateActivationCode();

            try
            {
                Dictionary <string, Object> dic = new Dictionary <string, Object>();
                dic.Add("in_userName", user.fld_username);
                dic.Add("in_password", SaltNHash(user.fld_password));
                dic.Add("in_firstName", user.fld_firstname);
                dic.Add("in_lastName", user.fld_lastname);
                dic.Add("in_gender", user.fld_gender);
                dic.Add("in_address", user.fld_address);
                dic.Add("in_zipCode", user.fld_zipcode);
                dic.Add("in_dob", user.fld_dateofbirth);
                dic.Add("in_phoneNumber", user.fld_phonenumber);
                dic.Add("in_emailAddress", user.fld_email);
                dic.Add("in_activationCode", activationCode);
                dic.Add("in_isActivated", false);
                dic.Add("out_userId", 0);
                dic = ProcedureCall <int> .ExecuteNonQuery(dic, "user_Register");

                user.fld_activationcode = activationCode;
                user.fld_userid         = Convert.ToInt32(dic["out_userId"]);
                EsUpdater <tbl_userdata> .InsertDocument(user, "moll_users", "User", dic["out_userId"].ToString());

                return(activationCode);
            }
            catch (Exception e)
            {
                return("Db Error!");
            }
        }
Exemplo n.º 2
0
        public static tbl_userdata FindUserByEmail(string emailAddress)
        {
            tbl_userdata foundUser          = new tbl_userdata();
            Dictionary <string, Object> dic = new Dictionary <string, Object>();

            dic.Add("in_email", emailAddress);
            foundUser = (tbl_userdata)ProcedureCall <tbl_userdata> .ExecuteReader(dic, "FindUserByEmail");

            return(foundUser);
        }
Exemplo n.º 3
0
        public static List <Object> GetShoppingCartItems(int userid)
        {
            Dictionary <string, object> dic = new Dictionary <string, Object>();

            dic.Add("in_givenUserId", userid);
            List <Object> offeredServiceIds = ProcedureCall <Object> .returnPrimitiveList(dic, "GetShoppingCartItems");


            return(offeredServiceIds);
        }
Exemplo n.º 4
0
        public static tbl_userdata FindUserById(int userId)
        {
            tbl_userdata foundUser          = new tbl_userdata();
            Dictionary <string, Object> dic = new Dictionary <string, Object>();

            dic.Add("in_givenUserId", userId);
            foundUser = (tbl_userdata)ProcedureCall <tbl_userdata> .ExecuteReader(dic, "FindUserById");

            return(foundUser);
        }
Exemplo n.º 5
0
        public static tbl_servicedata FindServiceById(int serviceId)
        {
            tbl_servicedata             foundService = new tbl_servicedata();
            Dictionary <string, Object> dic          = new Dictionary <string, Object>();

            dic.Add("in_givenServiceId", serviceId);
            foundService = (tbl_servicedata)ProcedureCall <tbl_servicedata> .ExecuteReader(dic, "FindServiceById");

            return(foundService);
        }
Exemplo n.º 6
0
        public static tbl_labourerdata FindLabourerById(string labourerId)
        {
            tbl_labourerdata            foundLabourer = new tbl_labourerdata();
            Dictionary <string, Object> dic           = new Dictionary <string, Object>();

            dic.Add("in_givenLabourerId", labourerId);
            foundLabourer = ProcedureCall <tbl_labourerdata> .ExecuteReader(dic, "FindLabourerById");

            return(foundLabourer);
        }
Exemplo n.º 7
0
        public static bool CheckShoppingCartItem(int fld_offeredserviceid, int fld_userid)
        {
            Dictionary <string, Object> dic = new Dictionary <string, Object>();

            dic.Add("in_givenServiceId", fld_offeredserviceid);
            dic.Add("in_givenUserId", fld_userid);
            dic.Add("out_result", 0);
            dic = ProcedureCall <int> .ExecuteNonQuery(dic, "CheckShoppingCartItemExistance");

            if (Convert.ToInt32(dic["out_result"]) > 0)
            {
                return(true);
            }

            return(false);
        }
Exemplo n.º 8
0
        public static int FindOrderId(int fld_offeredserviceid, string email)
        {
            try
            {
                Dictionary <string, object> dic = new Dictionary <string, Object>();
                dic.Add("in_offeredServiceId", fld_offeredserviceid);
                dic.Add("in_givenEmail", email);
                dic.Add("out_result", -1);
                dic = ProcedureCall <int> .ExecuteNonQuery(dic, "util_getOrderId");

                return(Convert.ToInt32(dic["out_result"]));
            }
            catch (Exception e)
            {
                return(-1);
            }
        }
Exemplo n.º 9
0
        //Creating a row using a ModelStateDictionary
        public static int CreateRow(ModelStateDictionary modelState, string targetTable)
        {
            try
            {
                Dictionary <string, object> dic = new Dictionary <string, object>();
                dic.Add("in_TargetTable", targetTable);
                dic.Add("out_generatedId", -1);

                dic = CreateStrings(modelState, dic);
                dic = ProcedureCall <object> .ExecuteNonQuery(dic, "util_CreateRow");

                return(Convert.ToInt32(dic["out_generatedId"]));
            }
            catch (Exception e)
            {
                return(-1);
            }
        }
Exemplo n.º 10
0
        //Creating a row from an object

        public static int CreateRow(Object row)
        {
            try
            {
                Dictionary <string, object> dic = new Dictionary <string, object>();
                dic.Add("in_targetTable", row.GetType().Name);
                dic.Add("out_generatedId", -1);

                dic = CreateStrings(row, dic);
                dic = ProcedureCall <object> .ExecuteNonQuery(dic, "util_CreateRow");

                return(Convert.ToInt32(dic["out_generatedId"]));
            }
            catch (Exception e)
            {
                return(-1);
            }
        }
Exemplo n.º 11
0
        public static int CheckIfUserExists(string emailAddress)
        {
            int result = -1;

            try
            {
                Dictionary <string, Object> dic = new Dictionary <string, Object>();
                dic.Add("in_emailAddress", emailAddress);
                dic.Add("out_result", result);
                dic = ProcedureCall <int> .ExecuteNonQuery(dic, "auth_CheckUserExists");

                return(Convert.ToInt32(dic["out_result"]));
            }
            catch (Exception e)
            {
                return(-2);
            }
        }
Exemplo n.º 12
0
        public static int FindUserIdByEmail(string emailAddress)
        {
            int result = -1;

            try
            {
                Dictionary <string, Object> dic = new Dictionary <string, Object>();
                dic.Add("in_email", emailAddress);
                dic.Add("out_userId", result);
                Dictionary <string, Object> results = ProcedureCall <int> .ExecuteNonQuery(dic, "user_FindUserIdByEmail");

                return(Convert.ToInt32(results["out_userId"]));
            }
            catch (Exception e)
            {
                return(result);
            }
        }
Exemplo n.º 13
0
        public static int CheckIfPasswordsMatchs(LoginModel loginMdl)
        {
            int errorResult = 2;

            try
            {
                Dictionary <string, Object> dic = new Dictionary <string, Object>();
                dic.Add("in_emailAddress", loginMdl.EmailAddress);
                dic.Add("in_password", SaltNHash(loginMdl.Password));
                dic.Add("out_result", -2);
                dic = ProcedureCall <int> .ExecuteNonQuery(dic, "auth_CheckUserExists");

                return(Convert.ToInt32(dic["out_result"]));
            }
            catch (Exception ex)
            {
                return(errorResult);
            }
        }
Exemplo n.º 14
0
        public static int CheckIfUserNameIsTaken(string userName)
        {
            int result = -2;

            try
            {
                Dictionary <string, Object> dic = new Dictionary <string, Object>();
                dic.Add("in_userName", userName);
                dic.Add("out_result", -2);
                dic = ProcedureCall <int> .ExecuteNonQuery(dic, "CheckIfUserNameIsTaken");

                return(Convert.ToInt32(dic["out_result"]));
            }

            catch (Exception e)
            {
                return(result);
            }
        }
Exemplo n.º 15
0
        public static int VerifyUser(string token, int userid)
        {
            int result = 0;

            try
            {
                Dictionary <string, Object> dic = new Dictionary <string, Object>();
                dic.Add("in_token", token);
                dic.Add("in_userid", userid);
                dic.Add("out_result", result);

                dic = ProcedureCall <int> .ExecuteNonQuery(dic, "user_verify");

                EsUpdater <tbl_userdata> .UpdateField("" + userid, "fld_isactivated", 1);

                return(Convert.ToInt32(dic["out_result"]));
            }
            catch (Exception e)
            {
                return(result);
            }
        }
Exemplo n.º 16
0
        public static string DeleteRow(string targetTable, string targetColumn, int targetValue)
        {
            string result = "";

            try
            {
                Dictionary <string, Object> dic = new Dictionary <string, Object>();
                dic.Add("in_TargetTable", targetTable);
                dic.Add("in_TargetColumn", targetColumn);
                dic.Add("in_TargetValue", targetValue);

                dic = ProcedureCall <Object> .ExecuteNonQuery(dic, "util_DeleteRow");



                return("Change successful");
            }
            catch (Exception e)
            {
                result = "Failed to change field";
                return(result);
            }
        }
Exemplo n.º 17
0
        public static string UpdateNumberField(string targetTable, string fieldToChange, int valueForField, string primaryKeyColumn, int id)
        {
            string result = "";

            try
            {
                Dictionary <string, Object> dic = new Dictionary <string, Object>();
                dic.Add("in_TargetTable", targetTable);
                dic.Add("in_FieldToChange", fieldToChange);
                dic.Add("in_valueForField", valueForField);
                dic.Add("in_PrimaryKeyColumn", primaryKeyColumn);
                dic.Add("in_Id", id);

                dic = ProcedureCall <Object> .ExecuteNonQuery(dic, "util_UpdateNumberField");

                return("Change successful");
            }
            catch (Exception e)
            {
                result = "Failed to change field";
                return(result);
            }
        }
Exemplo n.º 18
0
        public static LoginModel UserLogin(LoginModel loginMdl)
        {
            //Check if user is found (return the password)
            Dictionary <string, Object> dic1 = new Dictionary <string, object>();

            dic1.Add("in_emailAddress", loginMdl.EmailAddress);
            tbl_userdata user = ProcedureCall <tbl_userdata> .ExecuteReader(dic1, "auth_CheckUserExistsLogin");

            string result = user.fld_password;

            if (result == null)
            {
                //Account was not found
                loginMdl.UserId = -1;
                return(loginMdl);
            }


            //Check if passwords match

            //First we convert the storedPassword to bytes
            if (result != null)
            {
                string storedPassword = result.ToString();

                byte[] passwordBytes = Convert.FromBase64String(storedPassword);

                //We grab the salt
                byte[] salt = new byte[16];
                Array.Copy(passwordBytes, 0, salt, 0, 16);

                //Hash the given password and grab the resulting hash
                Rfc2898DeriveBytes pbkdf2    = new Rfc2898DeriveBytes(loginMdl.Password, salt, 10000);
                byte[]             givenHash = pbkdf2.GetBytes(20);

                //Compare the hashes of the stored password with the given password
                int success = 1;
                for (int i = 0; i < 20; i++)
                {
                    if (passwordBytes[i + 16] != givenHash[i])
                    {
                        loginMdl.UserId = 0;
                        return(loginMdl);
                    }
                }
            }


            //Lastly, we check if the account is verified. If it is, the procedure will return all relevant information for later usage

            if (user.fld_isactivated == 0)
            {
                loginMdl.UserId   = -3;
                loginMdl.UserName = user.fld_username;
                return(loginMdl);
            }


            loginMdl.Admin        = user.fld_adminPriv;
            loginMdl.UserName     = user.fld_username;
            loginMdl.EmailAddress = user.fld_email;
            loginMdl.UserId       = user.fld_userid;

            return(loginMdl);
            //Retrieve relevant info
        }