public Response SignUp(string email, string mobile, string password, string dob, string gender)
{
/* Check email is new */
/* Check mobile is new */
/* If all good, create pre-user with random code and send the code to the user's phone
* and also send token number of pre-user account */
var enc = new DataEncrypt();
using (SqlConnection conn = new SqlConnection(connetionString))
{
string query = "SELECT * FROM USERS WHERE EMAIL='{{email}}' or PHONE_NUMBER='{{mobile}}'";
email = enc.Encrypt(email.ToLower().Trim());
query = query.Replace("{{email}}", email);
query = query.Replace("{{mobile}}", "0" + mobile);
SqlCommand cmd = new SqlCommand(query, conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
return(new Response
{
Code = "111.111.111",
Message = "EMAIL_OR_PHONE_ALREADY_EXISTS",
Data = null
});
}
}
using (SqlConnection conn = new SqlConnection(connetionString))
{
var to = "966567894760";
if (mobile[0] == '0')
{
to = mobile.Substring(1);
}
else
{
to = mobile;
}
var code = GenerateRandomNo().ToString();
string query = "INSERT INTO PRE_USERS (Mobile,Sms_code) values ('{{mobile}}','{{sms_code}}');";
email = enc.Encrypt(email.ToLower().Trim());
query = query.Replace("{{sms_code}}", code.ToString());
query = query.Replace("{{mobile}}", "966" + mobile);
SqlCommand cmd = new SqlCommand(query, conn);
conn.Open();
cmd.ExecuteNonQuery();
new NotificationEndPoint().SendSms(code, "966" + mobile);
}
return(new Response
{
Code = "000.000.000",
Message = "pre_generated",
Data = null
});
}
public void Add_user(string email, string password, string phone, string gender, string dob)
{
using (SqlConnection conn = new SqlConnection(connetionString))
{
string query = "NEW_PAT_ACT_MVC";
SqlCommand cmd = new SqlCommand(query, conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("Email", email);
cmd.Parameters.AddWithValue("Password", password);
cmd.Parameters.AddWithValue("Phone", phone);
//cmd.Parameters.AddWithValue("Gender", gender);
//cmd.Parameters.AddWithValue("DOB", dob);
cmd.Parameters.AddWithValue("UserId", DBNull.Value);
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
}
var code = new DataEncrypt().Encrypt(phone);
var template = new UrlTemplate
{
Url = baseUrl + "/verify-code/" + code.Replace('+', '!')
};
new NotificationEndPoint().NotifyUser("new_user_verification", template, -1, new DataEncrypt().Decrypt(email));
}
public string GetUserEmail(int id)
{
string email = "*****@*****.**";
DataEncrypt encrypt = new DataEncrypt();
string query = "SELECT EMAIL FROM USERS WHERE USER_ID='{{id}}'";
query = query.Replace("{{id}}", id.ToString());
try
{
using (SqlConnection conn = new SqlConnection(connetionString))
{
SqlCommand cmd = new SqlCommand(query, conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
while (dr.Read())
{
email = encrypt.Decrypt(dr["EMAIL"].ToString());
}
}
else
{
}
dr.Close();
conn.Close();
}
}
catch (Exception ex)
{
}
return(email);
}
public Response SignUp(string email, string mobile, string password, string dob, string gender, string sms_code)
{
/* Check email is new */
/* Check mobile is new */
/* Check pre-user list wher sms_code and mobile exist if so approve */
var enc = new DataEncrypt();
using (SqlConnection conn = new SqlConnection(connetionString))
{
string query = "SELECT * FROM USERS WHERE EMAIL='{{email}}' or PHONE_NUMBER='{{mobile}}'";
var pure_email = email;
email = enc.Encrypt(email.ToLower().Trim());
query = query.Replace("{{email}}", email);
query = query.Replace("{{mobile}}", "0" + mobile);
SqlCommand cmd = new SqlCommand(query, conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
return(new Response
{
Code = "111.111.111",
Message = "EMAIL_OR_PHONE_ALREADY_EXISTS",
Data = null
});
}
}
using (SqlConnection conn = new SqlConnection(connetionString))
{
string query = "SELECT * FROM PRE_USERS WHERE MOBILE='{{mobile}}' AND Sms_code='{{sms_code}}'";
query = query.Replace("{{mobile}}", "966" + mobile);
query = query.Replace("{{sms_code}}", sms_code);
SqlCommand cmd = new SqlCommand(query, conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
Add_user(email, enc.HardEncrypt(password), "0" + mobile, gender, dob);
return(new Response
{
Code = "000.000.000",
Message = "ACCOUNT_CREATION_COMPLETED",
Data = null
});
}
}
return(new Response
{
Code = "100.000.000",
Message = "INVALID_SMS_CODE",
Data = null
});
}
public Response Login(string email, string mobile, string password)
{
var enc = new DataEncrypt();
string _code = "111.111.111";
string _msg = "Invalid_LOGIN_INFO";
string _email = "";
string _token = "";
string _type = "";
int _id = 0;
if (email != null && email != "")
{
email = enc.Encrypt(email.ToLower().Trim());
/* use email with password */
var query = "SELECT USER_ID,Email,Type,PASSWORD FROM USERS WHERE Email='{{email}}'";
query = query.Replace("{{email}}", email);
try
{
using (SqlConnection conn = new SqlConnection(connetionString))
{
SqlCommand cmd = new SqlCommand(query, conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
if (dr.Read())
{
var pass_user = password;
var data_pass = dr["PASSWORD"].ToString();
if (enc.CheckHardEncrypt(data_pass, pass_user))
{
_email = dr["Email"].ToString();
_id = int.Parse(dr["USER_ID"].ToString());
_type = dr["Type"].ToString();
_msg = "ACCOUNT_EXISTS";
_code = "000.000.000";
}
else
{
return(new Response
{
Code = _code,
Message = _msg,
Data = null
});
}
}
}
else
{
}
dr.Close();
conn.Close();
}
}
catch (Exception ex)
{
}
}
else
if (mobile != null && mobile != "")
{
/* user mobile and password */
var query = "SELECT USER_ID,Email,Type,PASSWORD FROM USERS WHERE PHONE_NUMBER='{{mobile}}'";
query = query.Replace("{{mobile}}", mobile);
try
{
using (SqlConnection conn = new SqlConnection(connetionString))
{
SqlCommand cmd = new SqlCommand(query, conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
if (dr.Read())
{
var pass_user = password;
var data_pass = dr["PASSWORD"].ToString();
if (enc.CheckHardEncrypt(data_pass, pass_user))
{
_email = dr["Email"].ToString();
_id = int.Parse(dr["USER_ID"].ToString());
_type = dr["Type"].ToString();
_msg = "ACCOUNT_EXISTS";
_code = "000.000.000";
}
else
{
return(new Response
{
Code = _code,
Message = _msg,
Data = null
});
}
}
}
else
{
}
dr.Close();
conn.Close();
}
}
catch (Exception ex)
{
}
}
var usr = new UserInfo
{
Id = _id,
Token = _token,
Email = _email,
Type = _type
};
return(new Response
{
Code = _code,
Message = _msg,
Data = usr
});
}
public List <UserInfo> GetUsers(Options opt, int offset, int rows_num)
{
string query = "";
if (opt.Listing_type == "using_user_id")
{
query = @"SELECT USER_ID, EMAIL, PHONE_NUMBER,M_ID, TYPE FROM USERS WHERE USER_ID='" + opt.UserId + "'";
}
List <UserInfo> list = new List <UserInfo>();
try
{
if (query != "")
{
using (SqlConnection conn = new SqlConnection(connetionString))
{
SqlCommand cmd = new SqlCommand(query, conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
string dept = opt.Department;
while (dr.Read())
{
string dec_email;
try
{
dec_email = new DataEncrypt().Decrypt(dr["EMAIL"].ToString());
}
catch (Exception ex)
{
dec_email = "N/A";
}
if (int.Parse(dr["TYPE"].ToString()) == 1)
{
list.Add(
new UserInfo
{
Email = dec_email,
Id = int.Parse(dr["USER_ID"].ToString()),
Mobil = dr["PHONE_NUMBER"].ToString(),
M_ID = int.Parse(dr["M_ID"].ToString()),
Type = dr["TYPE"].ToString()
});
list[0] = GetPatProfile(list[0]);
}
}
}
else
{
}
dr.Close();
conn.Close();
}
}
}
catch (Exception ex)
{
}
return(list);
}