public int InsertUserToDatabase()
{
registrationDate = DateTime.Now;
salt = SHA2.GenerateSALT();
hash = SHA2.GenerateSHA256String(password, salt);
if (id > 0)
{
LogManager.Report("trying to insert a user with a valid ID", this);
}
DateTime sqlMinDate = new DateTime(1800, 1, 1);
if (BirthDate < sqlMinDate)
{
bdate = sqlMinDate;
}
if (RegistrationDate < sqlMinDate)
{
registrationDate = DateTime.Now;
}
int rowsEffected = db.InsertUser(this);
foreach (var item in Articles)
{
db.FullArticleInsert(item);
}
return(rowsEffected);
}
public void UpdateUserPasswords()
{
foreach (var item in db.GetAllUsers())
{
if (item.Id >= 6) //All users that are not soccerDB
{
string email = item.FirstName.ToLower() + "@ruppin.ac.il";
string salt = SHA2.GenerateSALT();
string password = "******";
string hash = SHA2.GenerateSHA256String(password, salt);
db.UpdateEmail(item.Id, email);
db.UpdatePassword(item.Id, salt, hash);
}
}
}
//Encryption demo
private void GenerateHashDemo()
{
string messi = SHA2.GenerateSHA256String("messi123", "20E6494B4207A90D");
string neymar = SHA2.GenerateSHA256String("neymar123", "3C3C58961451D04");
string hazan = SHA2.GenerateSHA256String("hazan123", "66C26C8D58996B8F");
string ronaldo = SHA2.GenerateSHA256String("ronaldo123", "7EE9BB521CE704BA");
string bale = SHA2.GenerateSHA256String("bale123", "2813B5F0BA1E74");
string res = "messi: " + messi + "\r\n";
res += "neymar: " + neymar + "\r\n";
res += "hazan: " + hazan + "\r\n";
res += "ronaldo: " + ronaldo + "\r\n";
res += "bale: " + bale + "\r\n";
Response.Write(res);
}
public int InsertUserToDatabase()
{
registrationDate = DateTime.Now;
salt = SHA2.GenerateSALT();
hash = SHA2.GenerateSHA256String(password, salt);
if (id > 0)
{
LogManager.Report("trying to insert a user with a valid ID", this);
}
DateTime sqlMinDate = new DateTime(1800, 1, 1);
if (BirthDate < sqlMinDate)
{
bdate = sqlMinDate;
}
if (RegistrationDate < sqlMinDate)
{
registrationDate = DateTime.Now;
}
return(db.InsertUser(this));
}
/// <summary>
/// Validates users credentials based on email and password
/// </summary>
/// <param name="email">Users login string, usually the email address</param>
/// <param name="password">Users password</param>
/// <returns>User if true, null if false</returns>
public User Login(string email, string password)
{
string cmdStr = "select * from users where email=@email";
con = new SqlConnection(connectionString);
cmd = new SqlCommand(cmdStr, con);
cmd.Parameters.AddWithValue("@email", email.ToLower());
//cmd.Parameters.AddWithValue("@hash", hash);
try
{
cmd.Connection.Open();
reader = cmd.ExecuteReader();
while (reader.Read())
{
string hash = SHA2.GenerateSHA256String(password, reader["uSALT"].ToString());
if (hash != reader["uHash"].ToString())
{
continue;
}
else
{
return(CurrentLineUser(reader));
}
}
return(null);
}
catch (Exception ex)
{
LogManager.Report(ex);
return(null);
}
finally
{
cmd.Connection.Close();
}
}