public bool Verify(string email, string firstname, string lastname, string code)
{
if (code == null) return false;
code = code.Replace("-", "");
if (string.IsNullOrEmpty(email)) {
if (string.IsNullOrEmpty(firstname) || string.IsNullOrEmpty(lastname)) return false;
}
if (string.IsNullOrEmpty(firstname) != string.IsNullOrEmpty(lastname)) return false;
Db db = new DigDb();
db.CommandText = @"
UPDATE `keys` k
INNER JOIN users u ON k.user = u.id
SET k.valid = 0 WHERE k.code = ?code AND k.valid = 1 ";
db.Parameters.Add("code", code);
if (!string.IsNullOrEmpty(firstname) && !string.IsNullOrEmpty(lastname)) {
db.CommandText += " AND u.fname = ?fname AND u.lname = ?lname ";
db.Parameters.Add("fname", firstname);
db.Parameters.Add("lname", lastname);
}
if (!string.IsNullOrEmpty(email)) {
db.CommandText += " AND u.email = ?email ";
db.Parameters.Add("email", email);
}
bool verified = db.ExecuteNonQuery() > 0;
if (verified) Updates.AddUpdate(new VoidUpdate(email, code));
return verified;
}
public bool TryGetKey(string code, out Key key)
{
Db db = new DigDb();
db.CommandText = @"
SELECT * FROM `keys` WHERE code = ?code";
db.Parameters.Add("code", code);
return db.TryGetResult(ConvertResult, out key);
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
Db db = new DigDb();
db.CommandText = @"TRUNCATE TABLE `keys`";
db.ExecuteNonQuery();
Response.Redirect(Urls.KeyChain());
}
public List<Key> GetKeysForUser(User user)
{
Db db = new DigDb();
db.CommandText = @"
SELECT * FROM `keys`
WHERE user = ?user
ORDER BY created DESC";
db.Parameters.Add("user", user.Id);
return db.GetResults(ConvertResult);
}
public bool TryGetKey(string code, string email, out Key key)
{
Db db = new DigDb();
db.CommandText = @"
SELECT * FROM `keys` k
INNER JOIN users u ON k.user = u.id
WHERE k.code = ?code AND u.email = ?email";
db.Parameters.Add("code", code);
db.Parameters.Add("email", email);
return db.TryGetResult(ConvertResult, out key);
}
void Insert(string code, User user)
{
Db db = new DigDb();
db.CommandText = @"
INSERT INTO `keys` (code,user,valid) VALUES (?code,?user,1)";
db.Parameters.Add("code", code);
db.Parameters.Add("user", user.Id);
db.ExecuteNonQuery();
Updates.AddUpdate(new GenerateUpdate(user.Email, code));
}
bool Exists(string code)
{
Db db = new DigDb();
db.CommandText = @"
SELECT * FROM `keys` WHERE code = ?code";
db.Parameters.Add("code", code);
return db.HasResults();
}
public void VoidAll(User user)
{
Db db = new DigDb();
db.CommandText = @"
UPDATE `keys` SET valid = 0 WHERE user = ?user";
db.Parameters.Add("user", user.Id);
db.ExecuteNonQuery();
}
public void Void(Key key)
{
Db db = new DigDb();
db.CommandText = @"
UPDATE `keys` SET valid = 0 WHERE code = ?code";
db.Parameters.Add("code", key.Code);
db.ExecuteNonQuery();
Updates.AddUpdate(new VoidUpdate(key.User.Email, key.Code));
}
