| public static DoEscapeString ( string input ) : string | ||
| input | string | |
| return | string | |
public static bool AccountExists(string username)
{
MySqlDataReader reader = null;
username = Database.DoEscapeString(username);
if (Database.Query(ref reader, "SELECT COUNT(accountID) FROM account WHERE accountName = '" + username + "'") == false)
{
return(false);
}
if (reader.FieldCount > 0)
{
reader.Close();
return(true);
}
reader.Close();
return(false);
}
public static bool LoginPlayer(string username, string password, ref long accountid, ref bool banned, ref long role)
{
MySqlDataReader reader = null;
if (Database.Query(ref reader, "SELECT accountID, password, banned, role FROM account WHERE accountName = '" + Database.DoEscapeString(username) + "' AND password=SHA1('" + Database.DoEscapeString(password) + "')") == false)
{
return(false);
}
if (reader.Read() == false)
{
reader.Close();
return(false);
}
accountid = reader.GetInt64(0);
banned = reader.GetBoolean(2);
role = reader.GetInt64(3);
SHA1 sha1 = SHA1.Create();
sha1.Initialize();
byte[] hash = sha1.ComputeHash(Encoding.ASCII.GetBytes(password));
byte[] outb = new byte[hash.Length];
reader.GetBytes(1, 0, outb, 0, outb.Length);
reader.Close();
return(true);
}
