//Login existing users public string loginExistingUser(string username, string password, string captcha) { //Check Captcha Status //If Captcha was not set if (CaptchaCompletionStatus == false) { MiscFunctions.LoginControls logincontrols = new MiscFunctions.LoginControls(); CaptchaCompletionStatus = logincontrols.checkRecaptcha(captcha); } try { if (CaptchaCompletionStatus == true) { //Get AWSDB info var configuration = GetConfiguration(); string connectionString = configuration.GetConnectionString("AWSMAINDB"); //Check for user info using (MySqlConnection conn = new MySqlConnection(connectionString)) { conn.Open(); MySqlCommand cmd = new MySqlCommand("SELECT * FROM loginTable WHERE username = @username AND usersPassword = @password", conn); cmd.Parameters.Add("@username", MySqlDbType.VarChar).Value = username; cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = password; MySqlDataReader reader = cmd.ExecuteReader(); string doesUserExist = "false"; while (reader.Read()) { HttpContext.Session.SetString("firstname", reader["firstName"].ToString()); HttpContext.Session.SetString("lastname", reader["lastName"].ToString()); HttpContext.Session.SetString("email", reader["email"].ToString()); HttpContext.Session.SetString("username", reader["username"].ToString()); HttpContext.Session.SetString("password", reader["usersPassword"].ToString()); doesUserExist = "true"; } return(doesUserExist); } } else { return("Captcha Required"); } } catch (Exception e) { EmailErrors emailErrors = new EmailErrors(); emailErrors.autoEmailDeveloperAboutIssue("Home Controller", "LoginExistingUser", e.ToString()); return("System Error"); } }
//Register new user public string RegisterNewUser(string firstName, string lastName, string email, string username, string password) { try { if (firstName.Length >= 2 && firstName.Length <= 12 && lastName.Length >= 2 && lastName.Length <= 12 && email.Length >= 7 && email.Length <= 35 && username.Length >= 5 && username.Length <= 12 && password.Length >= 5 && password.Length <= 12) { //Get AWSDB info var configuration = GetConfiguration(); string connectionString = configuration.GetConnectionString("AWSMAINDB"); //Open connection and add user registration data using (MySqlConnection conn = new MySqlConnection(connectionString)) { conn.Open(); //Check if username exists MySqlCommand cmdSearch = new MySqlCommand("SELECT COUNT(*) from loginTable WHERE username = @username", conn); cmdSearch.Parameters.Add("@username", MySqlDbType.VarChar).Value = username; long usernameCount = (long)cmdSearch.ExecuteScalar(); conn.Close(); //If username doesn't exist if (usernameCount < 1) { conn.Open(); MySqlCommand cmd = new MySqlCommand("INSERT INTO loginTable (firstName, lastName, email, username, usersPassword) VALUES (@firstName, @lastName, @email, @username, @usersPassword)", conn); cmd.Parameters.Add("@firstName", MySqlDbType.VarChar).Value = firstName; cmd.Parameters.Add("@lastName", MySqlDbType.VarChar).Value = lastName; cmd.Parameters.Add("@email", MySqlDbType.VarChar).Value = email; cmd.Parameters.Add("@username", MySqlDbType.VarChar).Value = username; cmd.Parameters.Add("@usersPassword", MySqlDbType.VarChar).Value = password; cmd.ExecuteNonQuery(); } else { return("username taken"); } } //Connection auto closed and return true return("true"); } else { return("false"); } } catch (Exception e) { EmailErrors emailErrors = new EmailErrors(); emailErrors.autoEmailDeveloperAboutIssue("EmailErrors.cs", "RegisterNewUser", e.ToString()); return("Fatal error: record not saved. The developer has been paged and will look into this issue"); } }