private bool InsertNewUser(UserSignupObject request) { const string SQLSTATEMENT = @" INSERT INTO user (id,username,password,creation,email,verified) VALUES(NULL,@username,@password,now(),@email,1); INSERT INTO profile (uid,nickname,avatar) VALUES(LAST_INSERT_ID(),@nickname,'');"; bool worked = false; int result = DBHelper.ExecuteQuery(SQLSTATEMENT, new Dictionary <string, object>() { { "@username", request.username }, { "@password", HashPassword(request.password) }, { "@email", request.email }, { "@nickname", request.nickname } }); worked = (result > 0); if (RequireInvite) { int uid = HashStringToInt(request.username); // using (MySqlConnection conn = Program.GetMysqlConnection()) // { // MySqlCommand cmd = conn.CreateCommand(); // cmd.CommandText = "USE webPlatform;UPDATE inviteCode SET uid = LAST_INSERT_ID() WHERE uid = @uid;"; // cmd.Parameters.AddWithValue("@uid", uid); // cmd.Prepare(); // cmd.ExecuteNonQuery(); // } } if (worked) { //Send mail. } return(worked); }
private bool CreateUserRequest(HttpListenerContext con, out UserSignupObject obj) { string data = ""; bool dataAvaliable = true; obj = new UserSignupObject(); while (dataAvaliable) { char c = (char)con.Request.InputStream.ReadByte(); if (c != (char)UInt16.MaxValue) { data += c; } else { dataAvaliable = false; con.Request.InputStream.Close(); } } try { obj = JsonConvert.DeserializeObject <UserSignupObject>(data); } catch (JsonSerializationException) { return(false); } if (obj.username != null && obj.password != null && obj.email != null) { if (obj.username.Length < 6 || obj.email.Length < 6 || obj.password.Length < 6 || new System.Net.Mail.MailAddress(obj.email).Address != obj.email || obj.nickname.Length < 1) { return(false); } if (CheckUsernameExists(obj.username)) { return(false); } } else { return(false); } if (obj.username.Length > 128 || obj.password.Length > 128 || obj.email.Length > 128 || obj.nickname.Length > 32) { return(false); } if (RequireInvite) { if (obj.invite != null) { if (obj.invite.Length > 30) { return(false); } //Create a temp uid int uid = HashStringToInt(obj.username); bool inviteAccepted = false; //Check invite // using (MySqlConnection conn = Program.GetMysqlConnection()) // { // MySqlCommand cmd = conn.CreateCommand(); // cmd.CommandText = "UPDATE inviteCode SET uid = @uid WHERE code = @code AND uid = -1"; // cmd.Parameters.AddWithValue("@code", obj.invite); // cmd.Parameters.AddWithValue("@uid", uid); // cmd.Prepare(); // inviteAccepted = (cmd.ExecuteNonQuery() > 0); // } // return(inviteAccepted); } } return(true); }