public void OnPost() { if (!UsersDAO.CheckLogin(Login) || !UsersDAO.CheckPassword(Password)) { ViewData["error"] = "Неверно заполненное поле или несколько полей."; return; } var connection = Connection.Open(); if (Password.Equals(ConfirmPassword)) { var a = new Tuple <string, string>(null, null); var(item1, item2) = UsersDAO.FirstHashing(Password); Password = item1 + item2; var loginParam = new NpgsqlParameter("@login", Login) { Direction = ParameterDirection.Input, }; var passwordParam = new NpgsqlParameter("@Password", Password) { Direction = ParameterDirection.Input, }; var commandString = (@"INSERT INTO USERS VALUES (@login, @password, null)"); connection.SendCommandWithoutAnswer(commandString, new List <NpgsqlParameter>() { loginParam, passwordParam }); login.IsSession = true; login.LoginSession = Login; login.Staticlogin = Login; Response.Redirect("/account"); } else { ViewData["error"] = "Пароли не совпадают"; } connection.Close(); }
public IActionResult OnPost() { if (!login.IsSession || !login.LoginEqualsLoginSession()) { Response.Redirect("/login"); login.Staticlogin = null; login.IsSession = false; return(Page()); } if (NewLogin == login.Staticlogin && login.IsSession && login.LoginEqualsLoginSession()) { Message = "WARNING: Нельзя поменять логин на такой же"; return(Page()); } switch (Action) { case "exit": Response.Redirect("/login"); login.IsSession = false; login.LoginSession = null; break; case "changeLogin" when !CheckLoginAndPassword(): Message = "WARNING: Логин не должен содержать цифр и иметь длину от 3 до 20 символов."; return(Page()); case "changeLogin": { var connection = Connection.Open(); var reader = Connection.GetDataFromDb(connection, $@"SELECT users.password FROM USERS WHERE '{login.Staticlogin}' = users.login"); if (reader.Read()) { var hashPasswordFromDb = reader.GetValue(0).ToString(); reader.Close(); var passwordAndSalt = new Tuple <string, string>( hashPasswordFromDb.Substring(0, hashPasswordFromDb.Length - 6), hashPasswordFromDb.Substring(hashPasswordFromDb.Length - 6, 6)); if (passwordAndSalt.Item1 == UsersDAO.Hashing(Password, passwordAndSalt.Item2)) { ViewData["error"] = UsersDAO.ChangeLogin(connection, NewLogin); Response.Redirect("/login"); login.IsSession = false; login.Staticlogin = null; } else { Message = "WARNING: Неверный пароль"; } } connection.Close(); break; } case "changeParol": { if (Password == null || NewPassword == null || ConfirmPassword == null) { Message = "WARNING: Поля или одно из полей пустые"; return(Page()); } var connection = Connection.Open(); var reader = Connection.GetDataFromDb(connection, $@"SELECT users.password FROM USERS WHERE '{login.Staticlogin}' = users.login"); if (reader.Read()) { var hashPasswordFromDb = reader.GetValue(0).ToString(); reader.Close(); var passwordAndSalt = new Tuple <string, string>( hashPasswordFromDb.Substring(0, hashPasswordFromDb.Length - 6), hashPasswordFromDb.Substring(hashPasswordFromDb.Length - 6, 6)); if (passwordAndSalt.Item1 == UsersDAO.Hashing(Password, passwordAndSalt.Item2)) { if (NewPassword == ConfirmPassword) { var(hashPassword, salt) = UsersDAO.FirstHashing(NewPassword); UsersDAO.ChangePassword(connection, hashPassword + salt); Response.Redirect("/login"); login.IsSession = false; login.Staticlogin = null; } else { Message = "WARNING: Пароли не совпадают"; return(Page()); } } else { Message = "WARNING: Неверный пароль"; } } connection.Close(); break; } } return(Page()); }