示例#1
0
文件: cf.cs 项目: denpone/denpone
 public bool authenticate(string n, string p, bool r)
 {
     bool rtn = false;
     string hp = "";
     #region get user data
     DataTable dt = new DataTable();
     try
     {
         using (MySqlConnection conn = new MySqlConnection(ConfigurationManager.ConnectionStrings["denpone"].ToString()))
         {
             using (MySqlCommand comm = new MySqlCommand("SELECT * FROM users WHERE uname = @n", conn))
             {
                 conn.Open();
                 comm.Parameters.AddWithValue("@n", n);
                 //comm.Parameters.AddWithValue("@p", p);
                 using (MySqlDataReader sdr = comm.ExecuteReader())
                 {
                     dt.Load(sdr);
                 }
             }
         }
     }
     catch (Exception ex)
     {
         logError("authenticate", ex);
     }
     #endregion
     #region Authenticate and fill session
     if (dt.Rows.Count == 1)
     {
         foreach (DataRow dr in dt.Rows)
         {
             hp = dr["pwd"].ToString();
             bool v = BCrypt.Net.BCrypt.Verify(p, hp);
             if (v)
             {
                 try
                 {
                     int uid = int.Parse(dr["user_id"].ToString());
                     user u = new user();
                     u.set_uname(dr["uname"].ToString());
                     u.set_uid(uid);
                     //u.set_admin(adm);
                     HttpContext.Current.Session["user"] = u;
                     if (r)
                     {
                         writeCookie(uid);
                     }
                     rtn = true;
                 }
                 catch (Exception ex)
                 {
                     logError("authenticate/write cookie", ex);
                 }
             }
         }
     }
     #endregion
     return rtn;
 }
示例#2
0
文件: cf.cs 项目: denpone/denpone
 public bool getUserFromCookie(string cookieNme)
 {
     bool rtn = false;
     DataTable dt = new DataTable();
     string id = HttpContext.Current.Request.Cookies[cookieNme].Value;
     if (id != null)
     {
         try
         {
             using (MySqlConnection conn = new MySqlConnection(ConfigurationManager.ConnectionStrings["denpone"].ToString()))
             {
                 //do the select here based on the ID
                 //reconstitute the user session and move on
                 using (MySqlCommand comm = new MySqlCommand("Select * FROM users WHERE user_id = @uid", conn))
                 {
                     conn.Open();
                     comm.Parameters.AddWithValue("@uid", id);
                     using (MySqlDataReader sdr = comm.ExecuteReader())
                     {
                         dt.Load(sdr);
                     }
                 }
             }
         }
         catch (Exception ex)
         {
             logError("getUserFromCookie", ex);
         }
         if (dt.Rows.Count == 1)
         {
             foreach (DataRow dr in dt.Rows)
             {
                 //bool adm = false;
                 //if (dr["admin"].ToString() == "1" || dr["admin"].ToString().ToLower() == "true")
                 //{
                 //    adm = true;
                 //}
                 user u = new user();
                 u.set_uname(dr["uname"].ToString());
                 u.set_uid(tryInt(dr["user_id"].ToString()));
                 //u.set_admin(adm);
                 HttpContext.Current.Session["user"] = u;
             }
             rtn = true;
         }
     }
     return rtn;
 }