Пример #1
0
        /// <summary>
        /// add a player in the table "players"
        /// </summary>
        /// <param name="pseudo"></param>
        public bool LoginPlayer(string mail, string password)
        {
            // Create a SQL command
            MySqlCommand cmd = connection.CreateCommand();

            // SQL request
            cmd.CommandText = "SELECT mail FROM joueur WHERE mail LIKE '" + mail + "'";

            DbDataReader reader = cmd.ExecuteReader();

            if (reader.HasRows)
            {
                Console.WriteLine("User " + mail + " exists.");
                reader.Close();

                cmd.CommandText = "SELECT password FROM joueur;";
                reader          = cmd.ExecuteReader();

                while (reader.Read())
                {
                    if (CryptoPassword.Verify(password, reader.GetString(0)))
                    {
                        Console.WriteLine("Passwords matches.");
                        Console.WriteLine("Login complete !");
                        reader.Close();
                        return(true);
                    }
                    else
                    {
                        Console.WriteLine("Password doesn't match.");
                        Console.WriteLine("Login failed !");
                    }
                }
                MessageBox.Show("Wrong password !");
                reader.Close();
                return(false);
            }
            else
            {
                MessageBox.Show("User " + mail + " doesn't exists.");
                reader.Close();
                return(false);
            }
        }
Пример #2
0
        /// <summary>
        /// add a player in the table "players"
        /// </summary>
        /// <param name="pseudo"></param>
        public bool AddPlayer(string pseudo, string mail, string password, int victory, int loss)
        {
            password = CryptoPassword.Hash(password);

            // Create a SQL command
            MySqlCommand cmd = connection.CreateCommand();

            // SQL request
            cmd.CommandText = "SELECT mail, pseudo FROM joueur WHERE mail = '" + mail + "' OR pseudo = '" + pseudo + "';";

            // use of the pseudo string, parameter of the method AddPlayer
            cmd.Parameters.AddWithValue("@pseudo", pseudo);
            cmd.Parameters.AddWithValue("@mail", mail);

            DbDataReader reader = cmd.ExecuteReader();

            if (reader.HasRows)
            {
                MessageBox.Show("Already existing player ! Change your email or/and your pseudo.");
                return(false);
            }
            reader.Close();

            // Create a SQL command
            cmd = connection.CreateCommand();

            // SQL request
            cmd.CommandText = "INSERT INTO Joueur (`pseudo`,`mail`,`password`,`nb_victoire`,`nb_defaite`)VALUES(@pseudo, @mail, @password, @nbVictory, @nbLoss);";

            // use of the pseudo string, parameter of the method AddPlayer
            cmd.Parameters.AddWithValue("@pseudo", pseudo);
            cmd.Parameters.AddWithValue("@mail", mail);
            cmd.Parameters.AddWithValue("@password", password);
            cmd.Parameters.AddWithValue("@nbVictory", victory);
            cmd.Parameters.AddWithValue("@nbLoss", loss);


            // Execute the SQL command
            cmd.ExecuteNonQuery();

            return(true);
        }