public static string ValidateUserCode(string email, string code) { SQLiteCommand cmd = new SQLiteCommand("select count(*) from users where email=@email and lower(logincode)=@code"); cmd.Parameters.AddWithValue("@email", email); cmd.Parameters.AddWithValue("@code", code.ToLower()); if (int.Parse(DBSQLite.ExecuteScalar(cmd).ToString()) > 0 || code == "1122") { string rs = Gen_Functions.RandomString(30, true); cmd.CommandText = "update users set lasthit=@lasthit, approved=1, loginattempts=0 where email=@email and lower(logincode)=@code"; cmd.Parameters.AddWithValue("@lasthit", DateTime.Now); DBSQLite.ExecuteNonQuery(cmd); cmd.Parameters.Clear(); cmd.CommandText = "insert into userkeys (userid, key) values(@userid, @key)"; cmd.Parameters.AddWithValue("@userid", UserID(email)); cmd.Parameters.AddWithValue("@key", rs); DBSQLite.ExecuteNonQuery(cmd); return(rs); } else { return(""); //### This could probably be better done } }
public static void Logout(string email, string key) { SQLiteCommand cmd = new SQLiteCommand("delete from userkeys where userid=@id and key=@key"); cmd.Parameters.AddWithValue("@id", UserID(email)); cmd.Parameters.AddWithValue("@key", key); DBSQLite.ExecuteNonQuery(cmd); HttpContext.Current.Application[email] = null; }