private void editButton(object sender, EventArgs e)
{
passhasher ph = new passhasher();
string sqlquery = "";
string rname = nameTextBox.Text;
string uname = UsernameTextBox.Text;
string pwd = PasswordTextBox.Text;
pwd = ph.GetSHA512Hash(pwd);
if (PasswordTextBox.Text != "")
{
if (PasswordTextBox.Text != PasswordTextBox2.Text)
{
errPwd.SetError(PasswordTextBox2, "Passwords do not match");
return;
}
sqlquery = "UPDATE nts_users SET username = '******', password = '******', realname = '" + rname + "' WHERE userkey = " + ukey + ";";
}
else
{
sqlquery = "UPDATE nts_users SET username = '******', realname = '" + rname + "' WHERE userkey = " + ukey + ";";
}
//sqlquery = "UPDATE nts_users SET realname = 'Crack Bandit' WHERE userkey=2;";
//MessageBox.Show(sqlquery);
SQLiteDataReader reader;
sqlConn.Open();
sqlDoCmd.CommandText = sqlquery;
reader = sqlDoCmd.ExecuteReader();
reader.Close();
sqlConn.Close();
if (reader.RecordsAffected > 0)
{
MessageBox.Show("User info successfully changed!");
}
nameTextBox.Text = "";
UsernameTextBox.Text = "";
PasswordTextBox.Text = "";
PasswordTextBox2.Text = "";
nameLabel.Visible = false;
nameTextBox.Visible = false;
UsernameLabel.Visible = false;
UsernameTextBox.Visible = false;
PasswordLabel.Visible = false;
PasswordTextBox.Visible = false;
PasswordLabel2.Visible = false;
PasswordTextBox2.Visible = false;
EditButton.Visible = false;
}
private void CreateButton_Click(object sender, EventArgs e)
{
passhasher ph = new passhasher();
string phash = ph.GetSHA512Hash(PasswordTextBox.Text);
string command = "select * from nts_users where `username` = '" + UsernameTextBox.Text + "';";
SQLiteDataReader reader;
errorChecker.Clear();
if (PasswordTextBox.Text != PasswordTextBox2.Text)
{
errorChecker.SetError(PasswordTextBox2, "Passwords do not match.");
return;
}
sqlConn.Open();
sqlDoCreate.CommandText = command;
reader = sqlDoCreate.ExecuteReader();
if (reader.HasRows)
{
errorChecker.SetError(UsernameTextBox, "Username already exists in the database.");
reader.Close();
sqlConn.Close();
return;
}
reader.Close();
command = "insert into nts_users (`username`,`password`,`realname`,`lastlogin`) values ( '" + UsernameTextBox.Text + "', '" + phash + "', '" + nameTextBox.Text + "', " + DateTime.Now.ToString("yyyyMMddHHmmss") + ");";
if (Admin.Checked == true)
{
command += "insert into nts_admins(`userkey`) values (last_insert_rowid());";
}
sqlDoCreate.CommandText = command;
reader = sqlDoCreate.ExecuteReader();
if (reader.RecordsAffected > 0)
{
MessageBox.Show("User created successfully!");
}
reader.Close();
sqlConn.Close();
this.Close();
}
private void LoginButton_Click(object sender, EventArgs e)
{
SQLiteDataReader sqldr;
passhasher ph = new passhasher();
Form w = null;
sqlConn.Open();
errLogin.Clear();
string phash = ph.GetSHA512Hash(PasswordTextBox.Text);
string sqlstmt = "SELECT nts_users.username, nts_users.password, nts_users.realname, nts_users.lastlogin, nts_users.userkey, nts_admins.userkey AS admin FROM nts_users LEFT OUTER JOIN nts_admins ON nts_users.userkey = nts_admins.userkey where nts_users.username = '******' and nts_users.password = '******'";
sqlDoLogin.CommandText = sqlstmt.Replace("USERNAME_PARSE", UsernameTextBox.Text.ToLower()).Replace("PASSWORD_HASH", phash);
sqldr = sqlDoLogin.ExecuteReader();
//MessageBox.Show(sqlDoLogin.CommandText);
if (!sqldr.HasRows)
{
PasswordTextBox.Text = "";
errLogin.SetError(PasswordTextBox, "Sorry, but we couldn't find your username or password.");
sqldr.Close();
sqlConn.Close();
return;
}
sqldr.Read();
if (sqldr.IsDBNull(sqldr.GetOrdinal("admin")))
{
w = new WelcomePage();
}
else
{
w = new WelcomeAdmin();
}
Properties.Settings.Default.userkey = Convert.ToInt32(sqldr["userkey"]);
//on successful login
sqldr.Close();
sqlConn.Close();
this.Hide();
w.ShowDialog();
this.Close();
}