public UserResult UpdateProfile(HttpPostedFileBase file) { UserResult result = ValidUser(file, false); if (result.Status == UserResult.Statuses.Success) { //all good try { string connectionString = string.Format("DataSource={0}", HttpContext.Current.Server.MapPath(@"~\Sqlite\db.sqlite")); using (var m_dbConnection = new SQLiteConnection(connectionString)) { m_dbConnection.Open(); using (SQLiteCommand updateUser = new SQLiteCommand("update users set firstName = @firstname, lastName = @lastname, email = @email, phone = @phone, pictureUrl = @pictureurl where userName = @username", m_dbConnection)) { updateUser.Parameters.Add(new SQLiteParameter("username", ((User)HttpContext.Current.Session["myUser"]).UserName)); updateUser.Parameters.Add(new SQLiteParameter("pictureurl", this.PictureUrl)); updateUser.Parameters.Add(new SQLiteParameter("firstname", this.FirstName)); updateUser.Parameters.Add(new SQLiteParameter("lastname", this.LastName)); updateUser.Parameters.Add(new SQLiteParameter("email", this.Email)); updateUser.Parameters.Add(new SQLiteParameter("phone", this.Phone)); updateUser.ExecuteNonQuery(); } if (file != null) { file.SaveAs(Path.Combine(HttpContext.Current.Server.MapPath(@"~\ProfileImages\"), Path.GetFileName(this.PictureUrl))); } ((User)HttpContext.Current.Session["myUser"]).FirstName = this.FirstName; ((User)HttpContext.Current.Session["myUser"]).LastName = this.LastName; ((User)HttpContext.Current.Session["myUser"]).Email = this.Email; ((User)HttpContext.Current.Session["myUser"]).Phone = this.Phone; } } catch (SQLiteException) { Logger.WriteToLog(Logger.SQLLiteMsg); throw; } catch (Exception exception) { Logger.WriteToLog(exception); throw; } } return(result); }
public UserResult Register(HttpPostedFileBase file) { UserResult result = ValidUser(file, true); if (result.Status == UserResult.Statuses.Success) { //all good try { string connectionString = string.Format("DataSource={0}", HttpContext.Current.Server.MapPath(@"~\Sqlite\db.sqlite")); using (var m_dbConnection = new SQLiteConnection(connectionString)) { m_dbConnection.Open(); using (SQLiteCommand createUser = new SQLiteCommand("insert into users (userName, password, salt, firstName, lastName, email, phone, pictureUrl, isAdmin, loginCounts, lastAttempt) values (@username, @password, @salt, @firstname, @lastname, @email, @phone, @pictureurl, 0, 0, datetime('now', 'localtime'))", m_dbConnection)) { string salt = GenerateRandomSalt(); this.Password = Sha256(this.Password + salt); createUser.Parameters.Add(new SQLiteParameter("username", this.UserName)); createUser.Parameters.Add(new SQLiteParameter("password", this.Password)); createUser.Parameters.Add(new SQLiteParameter("salt", salt)); createUser.Parameters.Add(new SQLiteParameter("pictureurl", this.PictureUrl)); createUser.Parameters.Add(new SQLiteParameter("firstname", this.FirstName)); createUser.Parameters.Add(new SQLiteParameter("lastname", this.LastName)); createUser.Parameters.Add(new SQLiteParameter("email", this.Email)); createUser.Parameters.Add(new SQLiteParameter("phone", this.Phone)); createUser.ExecuteNonQuery(); } if (file != null) { file.SaveAs(Path.Combine(HttpContext.Current.Server.MapPath(@"~\ProfileImages\"), Path.GetFileName(this.PictureUrl))); } } } catch (SQLiteException) { Logger.WriteToLog(Logger.SQLLiteMsg); throw; } catch (Exception exception) { Logger.WriteToLog(exception); throw; } } return(result); }