public static List <Title> getTitle()
{
List <Title> tu = new List <Title>();
using (MySqlConnection conn = DataAccessBase.GetConnection())
{
conn.Open();
MySqlCommand command = new MySqlCommand("GetTitles", conn);
command.CommandType = System.Data.CommandType.StoredProcedure;
using (MySqlDataReader reader = command.ExecuteReader())
{
while (reader.Read())
{
Class.Title titleUser = new Class.Title();
titleUser.title_Id = reader.GetInt16(0);
titleUser.title = reader.GetString(1);
tu.Add(titleUser);
}
}
}
return(tu);
}
public static Result ChangePasswordUser(string mail)
{
Result res = new Result();
PasswordHandling newPassword = new PasswordHandling();
newPassword.salt_length = 10;
newPassword.generateSalt();
string password = newPassword.getSalt();
newPassword.generateSalt();
newPassword.hashPassword(password);
string dbEmail = "mail address not in db";
string username = "******";
try
{
using (MySqlConnection conn = DataAccessBase.GetConnection())
{
conn.Open();
MySqlCommand command = new MySqlCommand("ChangePassword", conn);
command.CommandType = System.Data.CommandType.StoredProcedure;
command.Parameters.AddWithValue("PW", newPassword.getHashedPassword());
command.Parameters.AddWithValue("salt", newPassword.getSalt());
command.Parameters.AddWithValue("Email", mail.Trim());
using (MySqlDataReader reader = command.ExecuteReader())
{
while (reader.Read())
{
if (reader["email"] != DBNull.Value)
{
dbEmail = reader.GetString(0);
}
else
{
dbEmail = "mail address not in db";
}
}
}
res.result = true;
}
}
catch (Exception ex)
{
res.result = false;
res.Message = ex.Message;
}
if (res.result) // if password has been successfully changed, send an email to user
{
if (mail == dbEmail)
{
string salutation = "Sir / Madam";
try
{
using (MySqlConnection conn = DataAccessBase.GetConnection())
{
conn.Open();
MySqlCommand command = new MySqlCommand("getUserWithEmail", conn);
command.CommandType = System.Data.CommandType.StoredProcedure;
command.Parameters.AddWithValue("in_email", mail);
using (MySqlDataReader reader = command.ExecuteReader())
{
while (reader.Read())
{
if (reader["Title"] != DBNull.Value)
{
salutation = reader.GetString(0) + " ";
}
if (reader["surname"] != DBNull.Value)
{
salutation += reader.GetString(1);
}
username = reader.GetString(2);
}
}
}
}catch (Exception) {}
List <string> message = Constant.changePasswordMail(salutation, password, username);
MyEmail notification = new MyEmail();
// notification.email.Bcc.Add(notification.sender); // send a copy of the mail to the email address of the admin
notification.sendEmail(mail, message[0], message[1]);
}
else
{
}
}
return(res);
}