bool CustomAuthenticate(string username, string password) { DBDriver db = new DBDriver(); string q = "select count(*) from softeng4.users where userName='******';"; db.Query = q; int k = (int)db.scalar(); if (k == 0) { //user does not exist in DB ErrorLabel.Text = "You have entered an unknown username."; return(false); } else { q = "select count(*) from softeng4.users u where u.userName='******' and u.password='******'"; db.Query = q; k = (int)db.scalar(); if (k == 0) { //password incorrect ErrorLabel.Text = "You have entered an incorrect password."; return(false); } else { //successful authentication q = "select u.security s, u.ID id, p.firstName fname, p.lastName lname from softeng4.users u, softeng4.person p where u.ID = p.ID and u.username='******'"; db.Query = q; SqlDataReader dr = db.createReader(); dr.Read(); user = new User(dr["id"].ToString()); db.close(); // create the cookie Response.Cookies["user"].Values.Add("role", user.Role); Response.Cookies["user"].Values.Add("id", user.ID); Response.Cookies["user"].Values.Add("name", user.UserName); Response.Cookies["user"].Values.Add("fname", user.FirstName); Response.Cookies["user"].Values.Add("lname", user.LastName); return(true); } } }
bool CustomAuthenticate(string username, string password) { DBDriver db = new DBDriver(); string q="select count(*) from softeng4.users where userName='******';"; db.Query = q; int k=(int)db.scalar(); if(k==0) { //user does not exist in DB ErrorLabel.Text = "You have entered an unknown username."; return false; } else { q="select count(*) from softeng4.users u where u.userName='******' and u.password='******'"; db.Query = q; k=(int)db.scalar(); if(k==0) { //password incorrect ErrorLabel.Text = "You have entered an incorrect password."; return false; } else { //successful authentication q="select u.security s, u.ID id, p.firstName fname, p.lastName lname from softeng4.users u, softeng4.person p where u.ID = p.ID and u.username='******'"; db.Query = q; SqlDataReader dr=db.createReader(); dr.Read(); user = new User(dr["id"].ToString()); db.close(); // create the cookie Response.Cookies["user"].Values.Add("role", user.Role); Response.Cookies["user"].Values.Add("id", user.ID); Response.Cookies["user"].Values.Add("name", user.UserName); Response.Cookies["user"].Values.Add("fname", user.FirstName); Response.Cookies["user"].Values.Add("lname", user.LastName); return true; } } }
/// <summary> /// Verify that an email address exists in the database /// </summary> /// <param name="email">email address to verify</param> /// <returns>true if it exists, false if it doesn't</returns> static public bool verifyEmailExists(string email) { DBDriver myDB = new DBDriver(); myDB.Query = "select count(*) from person where email=@email;"; myDB.addParam("@email", email); int k = Convert.ToInt32(myDB.scalar()); if (k == 1) { return(true); } return(false); }
/// <summary> /// Verify that a username exists in the database /// </summary> /// <param name="userName">the username to verify</param> /// <returns>true if it exists, false if it doesn't</returns> static public bool verifyUserNameExists(string userName, bool isNew) { DBDriver myDB = new DBDriver(); myDB.Query = "select count(*) from users where userName=@name;"; myDB.addParam("@name", userName); int k = Convert.ToInt32(myDB.scalar()); if (k != 1) { if (isNew) { myDB.Query = "select count(*) from newUsers where userName=@name;"; myDB.addParam("@name", userName); k = Convert.ToInt32(myDB.scalar()); } } if (k == 1) { return(true); } return(false); }
/// <summary> /// Create a new User /// </summary> /// <param name="un">The username</param> /// <param name="pwd">the Password</param> /// <param name="r">the security/role</param> /// <param name="fn">the first name</param> /// <param name="ln">the last name</param> /// <param name="em">the email address</param> /// <param name="ph">the phone number</param> /// <param name="ad">the address</param> /// <param name="c">the city</param> /// <param name="s">the state</param> /// <param name="z">thezip code</param> public User(string un, string pwd, string r, string fn, string ln, string em, string ph, string ad, string c, string s, string z) { this.userName = un; this.password = Encryption.encrypt(pwd); //this.id = id; this.role = r; this.firstName=fn; this.lastName=ln; this.email=em; this.phone=ph; this.address=ad; this.city=c; this.state=s; this.zip=z; myDB=new DBDriver(); myDB.Query = "insert into person (firstName, lastName, address, city, state, zip, phoneNumber, email) " + "values (@first,@last,@address,@city,@state,@zip,@phone,@email);"; myDB.addParam("@first", firstName); myDB.addParam("@last", lastName); myDB.addParam("@address", address); myDB.addParam("@city", city); myDB.addParam("@state", state); myDB.addParam("@zip", zip); myDB.addParam("@phone", phone); myDB.addParam("@email", email); myDB.nonQuery(); //get the user id from the person table to satisfy the user tables foreign constraint myDB.Query="select id from person where email=@email;"; myDB.addParam("@email", email); this.id=myDB.scalar().ToString(); // TODO: when administrator approves, this is transferred to the users table // for now, this is stored in the newUsers table myDB.Query = "insert into newUsers (ID, password, userName, security)\n" + "values (@id, @pwd,@username,@sec);"; myDB.addParam("@id", id); myDB.addParam("@pwd", this.password); myDB.addParam("@username", this.userName); myDB.addParam("@sec", this.role); myDB.nonQuery(); }
/// <summary> /// Create a new User /// </summary> /// <param name="un">The username</param> /// <param name="pwd">the Password</param> /// <param name="r">the security/role</param> /// <param name="fn">the first name</param> /// <param name="ln">the last name</param> /// <param name="em">the email address</param> /// <param name="ph">the phone number</param> /// <param name="ad">the address</param> /// <param name="c">the city</param> /// <param name="s">the state</param> /// <param name="z">thezip code</param> public User(string un, string pwd, string r, string fn, string ln, string em, string ph, string ad, string c, string s, string z) { this.userName = un; this.password = Encryption.encrypt(pwd); //this.id = id; this.role = r; this.firstName = fn; this.lastName = ln; this.email = em; this.phone = ph; this.address = ad; this.city = c; this.state = s; this.zip = z; myDB = new DBDriver(); myDB.Query = "insert into person (firstName, lastName, address, city, state, zip, phoneNumber, email) " + "values (@first,@last,@address,@city,@state,@zip,@phone,@email);"; myDB.addParam("@first", firstName); myDB.addParam("@last", lastName); myDB.addParam("@address", address); myDB.addParam("@city", city); myDB.addParam("@state", state); myDB.addParam("@zip", zip); myDB.addParam("@phone", phone); myDB.addParam("@email", email); myDB.nonQuery(); //get the user id from the person table to satisfy the user tables foreign constraint myDB.Query = "select id from person where email=@email;"; myDB.addParam("@email", email); this.id = myDB.scalar().ToString(); // TODO: when administrator approves, this is transferred to the users table // for now, this is stored in the newUsers table myDB.Query = "insert into newUsers (ID, password, userName, security)\n" + "values (@id, @pwd,@username,@sec);"; myDB.addParam("@id", id); myDB.addParam("@pwd", this.password); myDB.addParam("@username", this.userName); myDB.addParam("@sec", this.role); myDB.nonQuery(); }
/// <summary> /// Verify that a username exists in the database /// </summary> /// <param name="userName">the username to verify</param> /// <returns>true if it exists, false if it doesn't</returns> public static bool verifyUserNameExists(string userName, bool isNew) { DBDriver myDB=new DBDriver(); myDB.Query="select count(*) from users where userName=@name;"; myDB.addParam("@name", userName); int k=Convert.ToInt32(myDB.scalar()); if(k!=1) if(isNew) { myDB.Query="select count(*) from newUsers where userName=@name;"; myDB.addParam("@name", userName); k=Convert.ToInt32(myDB.scalar()); } if(k==1) return true; return false; }
/// <summary> /// Verify that an email address exists in the database /// </summary> /// <param name="email">email address to verify</param> /// <returns>true if it exists, false if it doesn't</returns> public static bool verifyEmailExists(string email) { DBDriver myDB=new DBDriver(); myDB.Query="select count(*) from person where email=@email;"; myDB.addParam("@email", email); int k=Convert.ToInt32(myDB.scalar()); if(k==1) return true; return false; }