//Login existing users
public string loginExistingUser(string username, string password, string captcha)
{
//Check Captcha Status
//If Captcha was not set
if (CaptchaCompletionStatus == false)
{
MiscFunctions.LoginControls logincontrols = new MiscFunctions.LoginControls();
CaptchaCompletionStatus = logincontrols.checkRecaptcha(captcha);
}
try
{
if (CaptchaCompletionStatus == true)
{
//Get AWSDB info
var configuration = GetConfiguration();
string connectionString = configuration.GetConnectionString("AWSMAINDB");
//Check for user info
using (MySqlConnection conn = new MySqlConnection(connectionString))
{
conn.Open();
MySqlCommand cmd = new MySqlCommand("SELECT * FROM loginTable WHERE username = @username AND usersPassword = @password", conn);
cmd.Parameters.Add("@username", MySqlDbType.VarChar).Value = username;
cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = password;
MySqlDataReader reader = cmd.ExecuteReader();
string doesUserExist = "false";
while (reader.Read())
{
HttpContext.Session.SetString("firstname", reader["firstName"].ToString());
HttpContext.Session.SetString("lastname", reader["lastName"].ToString());
HttpContext.Session.SetString("email", reader["email"].ToString());
HttpContext.Session.SetString("username", reader["username"].ToString());
HttpContext.Session.SetString("password", reader["usersPassword"].ToString());
doesUserExist = "true";
}
return(doesUserExist);
}
}
else
{
return("Captcha Required");
}
}
catch (Exception e)
{
EmailErrors emailErrors = new EmailErrors();
emailErrors.autoEmailDeveloperAboutIssue("Home Controller", "LoginExistingUser", e.ToString());
return("System Error");
}
}
//Register new user
public string RegisterNewUser(string firstName, string lastName, string email, string username, string password)
{
try
{
if (firstName.Length >= 2 && firstName.Length <= 12 && lastName.Length >= 2 && lastName.Length <= 12 && email.Length >= 7 && email.Length <= 35 && username.Length >= 5 && username.Length <= 12 && password.Length >= 5 && password.Length <= 12)
{
//Get AWSDB info
var configuration = GetConfiguration();
string connectionString = configuration.GetConnectionString("AWSMAINDB");
//Open connection and add user registration data
using (MySqlConnection conn = new MySqlConnection(connectionString))
{
conn.Open();
//Check if username exists
MySqlCommand cmdSearch = new MySqlCommand("SELECT COUNT(*) from loginTable WHERE username = @username", conn);
cmdSearch.Parameters.Add("@username", MySqlDbType.VarChar).Value = username;
long usernameCount = (long)cmdSearch.ExecuteScalar();
conn.Close();
//If username doesn't exist
if (usernameCount < 1)
{
conn.Open();
MySqlCommand cmd = new MySqlCommand("INSERT INTO loginTable (firstName, lastName, email, username, usersPassword) VALUES (@firstName, @lastName, @email, @username, @usersPassword)", conn);
cmd.Parameters.Add("@firstName", MySqlDbType.VarChar).Value = firstName;
cmd.Parameters.Add("@lastName", MySqlDbType.VarChar).Value = lastName;
cmd.Parameters.Add("@email", MySqlDbType.VarChar).Value = email;
cmd.Parameters.Add("@username", MySqlDbType.VarChar).Value = username;
cmd.Parameters.Add("@usersPassword", MySqlDbType.VarChar).Value = password;
cmd.ExecuteNonQuery();
}
else
{
return("username taken");
}
}
//Connection auto closed and return true
return("true");
}
else
{
return("false");
}
}
catch (Exception e)
{
EmailErrors emailErrors = new EmailErrors();
emailErrors.autoEmailDeveloperAboutIssue("EmailErrors.cs", "RegisterNewUser", e.ToString());
return("Fatal error: record not saved. The developer has been paged and will look into this issue");
}
}
