public HttpResponseMessage Post_login([FromBody] Token token, string username, string pass) { string json = ""; var res = Request.CreateResponse(HttpStatusCode.OK); User_token c_user = new User_token(); MySqlConnection conn = new MySqlConnection(ConnnectData.connectionString); string sql = ""; sql = " SELECT id,level,urlavatar,count_video from t_user t0" + " where name='" + username + "' and pass='******'"; MySqlCommand cmd = new MySqlCommand(sql, conn); MySqlDataAdapter adap = new MySqlDataAdapter(cmd); DataSet ds = new DataSet(); adap.Fill(ds); if (ds.Tables[0].Rows.Count == 1) { User us = new User(); us.id = Convert.ToInt32(ds.Tables[0].Rows[0]["id"].ToString()); us.level = Convert.ToInt32(ds.Tables[0].Rows[0]["level"].ToString()); us.urlavatar = ds.Tables[0].Rows[0]["urlavatar"].ToString(); us.count_video = Convert.ToInt32(ds.Tables[0].Rows[0]["count_video"].ToString()); c_user.user = us; long re = UsingFunction.creat_token(c_user.user.id, token); if (re == -1) { res = Request.CreateResponse(HttpStatusCode.BadRequest); c_user.status = -1; c_user.content = "BadRequest"; } else { c_user.token = re; c_user.status = 0; c_user.content = ""; json = JsonConvert.SerializeObject(c_user); res.Content = new StringContent(json.ToString(), Encoding.UTF8, "application/json"); } return(res); } else { c_user.status = 1; c_user.content = "Tài khoản hoặc mật khẩu không đúng"; json = JsonConvert.SerializeObject(c_user); res.Content = new StringContent(json.ToString(), Encoding.UTF8, "application/json"); } return(res); }
public HttpResponseMessage Post_token([FromBody] Token token, int gettoken, int iduser) { var res = Request.CreateResponse(HttpStatusCode.OK); RETURN_TOKEN xx = new RETURN_TOKEN(); if (gettoken == 1) { return(res = Request.CreateResponse(HttpStatusCode.BadRequest)); } MySqlConnection conn = new MySqlConnection(ConnnectData.connectionString); conn.Open(); bool isgetotken = false; string sql = ""; MySqlCommand cmd = new MySqlCommand(); if (iduser > 0 && token.id > 0) { sql = "select * from t_user_temp where datediff(CURRENT_DATE,createtime)<=7 and id= '" + iduser + "' and token='" + token.id + "'"; cmd = new MySqlCommand(sql, conn); MySqlDataAdapter adap = new MySqlDataAdapter(cmd); DataSet ds = new DataSet(); adap.Fill(ds); if (ds.Tables[0].Rows.Count > 0) { xx.token = token.id; xx.t_user = iduser; return(res = Request.CreateResponse(HttpStatusCode.OK, xx));; } ; } long re = UsingFunction.creat_token(0, token); if (re == -1) { res = Request.CreateResponse(HttpStatusCode.BadRequest); } else { while (!isgetotken) { try { sql = ""; sql = " SELECT AUTO_INCREMENT as id FROM information_schema.TABLES WHERE TABLE_SCHEMA = 'xemphim' AND TABLE_NAME = 't_user_temp'"; cmd = new MySqlCommand(sql, conn); MySqlDataAdapter adap = new MySqlDataAdapter(cmd); DataSet ds = new DataSet(); adap.Fill(ds); long id = Convert.ToInt32(ds.Tables[0].Rows[0]["id"].ToString()); string name_te = UsingFunction.randomname(); string url_te = UsingFunction.random_urlavatar(); sql = " insert into t_user_temp(id,name,createtime,urlavatar,token) values(" + id + ",'" + name_te + "',NOW(),'" + url_te + "'," + re + ")"; cmd = new MySqlCommand(sql, conn); int i = cmd.ExecuteNonQuery(); xx.token = re; xx.t_user = id; isgetotken = true; } catch (MySqlException e) { if (e.Number != 1062) { isgetotken = true; } } catch (Exception e) { isgetotken = true; } finally { if (conn.State == ConnectionState.Open) { conn.Clone(); } } } res = Request.CreateResponse(HttpStatusCode.OK, xx); } return(res); }