public void UpdateUser(Models.AccessModel access)
{
var dbCon = DBConnection;
if (dbCon.IsConnect())
{
string query = string.Format("UPDATE accesstable set username='******', password='******', employeeid={2}, isadmin={3} where employeeid={2};", access.Username, access.Password, access.EmployeeId, access.IsAdmin);
if (dbCon.Connection.State.ToString() == "Closed")
{
dbCon.Connection.Open();
}
var cmd = new MySqlCommand(query, dbCon.Connection);
var reader = cmd.ExecuteNonQuery();
dbCon.Close();
}
}
public void UpdateToken(Models.AccessModel access)
{
var dbCon = DBConnection;
if (dbCon.IsConnect())
{
string query = string.Format("UPDATE accesstable set accesstoken='{0}' where employeeid={1};", access.LoginToken, access.EmployeeId);
if (dbCon.Connection.State.ToString() == "Closed")
{
dbCon.Connection.Open();
}
var cmd = new MySqlCommand(query, dbCon.Connection);
var reader = cmd.ExecuteNonQuery();
dbCon.Close();
}
}
public Models.AccessModel getLoginData(Models.AccessModel access)
{
var dbCon = DBConnection;
if (dbCon.IsConnect())
{
string query = string.Format("SELECT username, password, employeeid, isadmin FROM accesstable where username='******' and password='******'", access.Username, access.Password);
var cmd = new MySqlCommand(query, dbCon.Connection);
var reader = cmd.ExecuteReader();
if (!reader.HasRows)
{
return access;
}
while (reader.Read())
{
access.Username = reader["username"].ToString();
access.Password = reader["password"].ToString();
access.EmployeeId = int.Parse(reader["employeeid"].ToString());
access.IsAdmin = bool.Parse(reader["isadmin"].ToString());
access.LoggedIn = true;
}
dbCon.Close();
}
return access;
}
public void CreateUser(Models.AccessModel access)
{
var dbCon = DBConnection; //get database
if (dbCon.IsConnect()) //check if connected
{
//set the query to add the new user to the accesstable
string query = string.Format("INSERT INTO accesstable (username, password, employeeid, isadmin) VALUES('{0}', '{1}', {2}, {3});", access.Username, access.Password, access.EmployeeId,access.IsAdmin);
var cmd = new MySqlCommand(query, dbCon.Connection); //set mysqll command to be executed.
var reader = cmd.ExecuteNonQuery(); //execute the query
dbCon.Close(); //close the database
}
}
public Models.AccessModel VerifyTokenData(Models.AccessModel token, string verifyUsername, string verifyToken)
{
if (string.IsNullOrEmpty(verifyToken) || string.IsNullOrEmpty(verifyUsername))
{
token.LoggedIn = false;
return token;
}
var dbCon = DBConnection;
if (dbCon.IsConnect())
{
string query = string.Format("SELECT username, password, employeeid, isadmin, accesstoken FROM accesstable where username='******' and accesstoken='{1}'", token.Username, token.LoginToken);
var cmd = new MySqlCommand(query, dbCon.Connection);
var reader = cmd.ExecuteReader();
if (!reader.HasRows)
{
token.LoggedIn = false;
return token;
}
while (reader.Read())
{
token.Username = reader["username"].ToString();
token.LoginToken = reader["accesstoken"].ToString();
token.EmployeeId = int.Parse(reader["employeeid"].ToString());
token.IsAdmin = bool.Parse(reader["isadmin"].ToString());
token.LoggedIn = true;
}
dbCon.Close();
}
if (verifyUsername != token.Username) { token.LoggedIn = false; return token; }
if (verifyToken != token.LoginToken) { token.LoggedIn = false; return token; }
return token;
}
