public UserResult UpdateProfile(HttpPostedFileBase file)
{
UserResult result = ValidUser(file, false);
if (result.Status == UserResult.Statuses.Success)
{
//all good
try
{
string connectionString = string.Format("DataSource={0}", HttpContext.Current.Server.MapPath(@"~\Sqlite\db.sqlite"));
using (var m_dbConnection = new SQLiteConnection(connectionString))
{
m_dbConnection.Open();
using (SQLiteCommand updateUser = new SQLiteCommand("update users set firstName = @firstname, lastName = @lastname, email = @email, phone = @phone, pictureUrl = @pictureurl where userName = @username", m_dbConnection))
{
updateUser.Parameters.Add(new SQLiteParameter("username", ((User)HttpContext.Current.Session["myUser"]).UserName));
updateUser.Parameters.Add(new SQLiteParameter("pictureurl", this.PictureUrl));
updateUser.Parameters.Add(new SQLiteParameter("firstname", this.FirstName));
updateUser.Parameters.Add(new SQLiteParameter("lastname", this.LastName));
updateUser.Parameters.Add(new SQLiteParameter("email", this.Email));
updateUser.Parameters.Add(new SQLiteParameter("phone", this.Phone));
updateUser.ExecuteNonQuery();
}
if (file != null)
{
file.SaveAs(Path.Combine(HttpContext.Current.Server.MapPath(@"~\ProfileImages\"), Path.GetFileName(this.PictureUrl)));
}
((User)HttpContext.Current.Session["myUser"]).FirstName = this.FirstName;
((User)HttpContext.Current.Session["myUser"]).LastName = this.LastName;
((User)HttpContext.Current.Session["myUser"]).Email = this.Email;
((User)HttpContext.Current.Session["myUser"]).Phone = this.Phone;
}
}
catch (SQLiteException)
{
Logger.WriteToLog(Logger.SQLLiteMsg);
throw;
}
catch (Exception exception)
{
Logger.WriteToLog(exception);
throw;
}
}
return(result);
}
public UserResult Register(HttpPostedFileBase file)
{
UserResult result = ValidUser(file, true);
if (result.Status == UserResult.Statuses.Success)
{
//all good
try
{
string connectionString = string.Format("DataSource={0}", HttpContext.Current.Server.MapPath(@"~\Sqlite\db.sqlite"));
using (var m_dbConnection = new SQLiteConnection(connectionString))
{
m_dbConnection.Open();
using (SQLiteCommand createUser = new SQLiteCommand("insert into users (userName, password, salt, firstName, lastName, email, phone, pictureUrl, isAdmin, loginCounts, lastAttempt) values (@username, @password, @salt, @firstname, @lastname, @email, @phone, @pictureurl, 0, 0, datetime('now', 'localtime'))", m_dbConnection))
{
string salt = GenerateRandomSalt();
this.Password = Sha256(this.Password + salt);
createUser.Parameters.Add(new SQLiteParameter("username", this.UserName));
createUser.Parameters.Add(new SQLiteParameter("password", this.Password));
createUser.Parameters.Add(new SQLiteParameter("salt", salt));
createUser.Parameters.Add(new SQLiteParameter("pictureurl", this.PictureUrl));
createUser.Parameters.Add(new SQLiteParameter("firstname", this.FirstName));
createUser.Parameters.Add(new SQLiteParameter("lastname", this.LastName));
createUser.Parameters.Add(new SQLiteParameter("email", this.Email));
createUser.Parameters.Add(new SQLiteParameter("phone", this.Phone));
createUser.ExecuteNonQuery();
}
if (file != null)
{
file.SaveAs(Path.Combine(HttpContext.Current.Server.MapPath(@"~\ProfileImages\"), Path.GetFileName(this.PictureUrl)));
}
}
}
catch (SQLiteException)
{
Logger.WriteToLog(Logger.SQLLiteMsg);
throw;
}
catch (Exception exception)
{
Logger.WriteToLog(exception);
throw;
}
}
return(result);
}
