using MistoxWebsite.Server.Entities; using MySql.Data.MySqlClient; using System.Data; using System.Data.Common; namespace MistoxWebsite.Server.Services.DatabaseService { public partial class DatabaseService { public async Task GetAccount( string UserNameOrEmail ) { Account? account = null; using( MySqlConnection connection = GetConnection() ) { connection.Open(); string command = @" SELECT * FROM Account Left Join WebsiteData On Account.ID = WebsiteData.AccountID WHERE UserName = @UorE OR Email = @UorE; "; MySqlCommand cmd = new MySqlCommand(command, connection); cmd.Parameters.AddWithValue("@UorE", UserNameOrEmail); using( DbDataReader reader = await cmd.ExecuteReaderAsync() ) { while( await reader.ReadAsync() ) { if( reader == null ) { break; } int _id = reader.GetInt32("ID"); string _username = reader.GetString("UserName"); string _email = reader.GetString("Email"); bool _emailVerified = reader.GetBoolean("EmailVerified"); string _passwordhash = reader.GetString("PasswordHash"); bool _failedpasswordlock = reader.GetBoolean( "FailedPasswordLock" ); int _passwordattempts = reader.GetInt32( "PasswordAttempts" ); int _curpasswordattempts = reader.GetInt32( "CurrentPasswordAttempts" ); string _role = reader.GetString( "Role" ); string _emailtoken = reader.GetString( "EmailToken" ); account = new Account() { ID = _id, UserName = _username, Email = _email, EmailVerified = _emailVerified, PasswordHash = _passwordhash, SiteData = new WebSiteData() { AccountID = _id, CurrentPasswordAttempts = _curpasswordattempts, PasswordAttempts = _passwordattempts, EmailToken = _emailtoken, FailedPasswordLock = _failedpasswordlock, Role = _role, } }; } } } return account; } public async Task GetAccountByID( int ID ) { Account? account = null; using( MySqlConnection connection = GetConnection() ) { connection.Open(); string command = @" SELECT * FROM Account Left Join WebsiteData On Account.ID = WebsiteData.AccountID WHERE ID = @ID; "; MySqlCommand cmd = new MySqlCommand(command, connection); cmd.Parameters.AddWithValue("@ID", ID); using( DbDataReader reader = await cmd.ExecuteReaderAsync() ) { while( await reader.ReadAsync() ) { if( reader == null ) { break; } int _id = reader.GetInt32("ID"); string _username = reader.GetString("UserName"); string _email = reader.GetString("Email"); bool _emailVerified = reader.GetBoolean("EmailVerified"); string _passwordhash = reader.GetString("PasswordHash"); bool _failedpasswordlock = reader.GetBoolean( "FailedPasswordLock" ); int _passwordattempts = reader.GetInt32( "PasswordAttempts" ); int _curpasswordattempts = reader.GetInt32( "CurrentPasswordAttempts" ); string _role = reader.GetString( "Role" ); string _emailtoken = reader.GetString( "EmailToken" ); account = new Account() { ID = _id, UserName = _username, Email = _email, EmailVerified = _emailVerified, PasswordHash = _passwordhash, SiteData = new WebSiteData() { AccountID = _id, CurrentPasswordAttempts = _passwordattempts, PasswordAttempts = _passwordattempts, EmailToken = _emailtoken, FailedPasswordLock = _failedpasswordlock, Role = _role, } }; } } } return account; } public async Task SetAccount( Account Update ) { using( MySqlConnection connection = GetConnection() ) { connection.Open(); string command = @" UPDATE Account SET UserName = @UserName, Email = @Email, EmailVerified = @EmailVerified, PasswordHash = @PasswordHash WHERE ID = @ID; "; MySqlCommand cmd = new MySqlCommand(command, connection); cmd.Parameters.AddWithValue("@UserName", Update.UserName); cmd.Parameters.AddWithValue("@Email", Update.Email); cmd.Parameters.AddWithValue("@EmailVerified", Update.EmailVerified); cmd.Parameters.AddWithValue("@PasswordHash", Update.PasswordHash); cmd.Parameters.AddWithValue("@ID", Update.ID); await cmd.ExecuteNonQueryAsync(); await UpdateWebsiteData( Update, Update.SiteData ); } } public async Task NewAccount( Account Profile ) { using( MySqlConnection connection = GetConnection() ) { connection.Open(); int EmailVer = Profile.EmailVerified ? 1 : 0; string command = @" INSERT INTO Account (UserName,Email,EmailVerified,PasswordHash) VALUES (@UserName,@Email,@EmailVerified,@PasswordHash); SELECT ID FROM Account WHERE UserName = @UserName; "; MySqlCommand cmd = new MySqlCommand( command , connection); cmd.Parameters.AddWithValue("@UserName", Profile.UserName); cmd.Parameters.AddWithValue("@Email", Profile.Email); cmd.Parameters.AddWithValue("@EmailVerified", Profile.EmailVerified); cmd.Parameters.AddWithValue("@PasswordHash", Profile.PasswordHash); using( DbDataReader reader = await cmd.ExecuteReaderAsync() ) { while( await reader.ReadAsync() ) { if( reader == null ) { break; } int _id = reader.GetInt32("ID"); Profile.ID = _id; } } await NewWebsiteData( Profile, Profile.SiteData ); } } public async Task DeleteAccount( Account Profile ) { using( MySqlConnection connection = GetConnection() ) { MySqlCommand cmd; connection.Open(); string command = @" DELETE FROM Account WHERE ID = @ID; DELETE FROM AccountInventory WHERE AccountID = @ID; DELETE FROM ProjectMistData WHERE AccountID = @ID; DELETE FROM Cart WHERE AccountID = @ID; DELETE FROM WebsiteData WHERE AccountID = @ID; "; cmd = new MySqlCommand( command, connection ); cmd.Parameters.AddWithValue("@ID", Profile.ID); await cmd.ExecuteNonQueryAsync(); } } } }