From b4b121007144ddcf92f88b0b798f424fb1e3cb99 Mon Sep 17 00:00:00 2001 From: Derek Holloway Date: Tue, 5 Aug 2025 21:55:19 -0700 Subject: [PATCH 1/3] Fix string acting like GUID in Mysql --- src/Server/Program.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Server/Program.cs b/src/Server/Program.cs index c6dd26f..b4435a7 100755 --- a/src/Server/Program.cs +++ b/src/Server/Program.cs @@ -37,7 +37,7 @@ string dbPass = !string.IsNullOrEmpty(_dbpass) ? _dbpass : "oasv34$8gpv023dd"; // Create the database serivice builder.Services.AddSingleton(sp => - new DatabaseService("server=" + dbserver + ";user=" + dbUser + ";database=" + dbdatabase + ";password=" + dbPass + ";port=3306;") + new DatabaseService("server=" + dbserver + ";user=" + dbUser + ";database=" + dbdatabase + ";password=" + dbPass + ";port=3306;OldGuids=true;") ); //////////////////////////////// -- 2.52.0 From 41e497730fbc2d8b6eec800ea39a047c0f8b6c0d Mon Sep 17 00:00:00 2001 From: Derek Holloway Date: Tue, 5 Aug 2025 21:55:32 -0700 Subject: [PATCH 2/3] Mask sensitive data --- src/Server/Controllers/EmployeeController.cs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/Server/Controllers/EmployeeController.cs b/src/Server/Controllers/EmployeeController.cs index 9a270b2..e5d4e7d 100644 --- a/src/Server/Controllers/EmployeeController.cs +++ b/src/Server/Controllers/EmployeeController.cs @@ -15,6 +15,9 @@ namespace BoredCareers.Controllers { if (isLoggedIn()) { if (await isLoggedInUserEmployeeOf(CompanyID)) { Employee[] employees = await _databaseService.GetEmployeesFromCompany(CompanyID); + foreach (Employee cur in employees) { + cur.Company.EmailToken = ""; + } return Ok(employees); } return NotFound("You are not an employee of company"); @@ -25,7 +28,10 @@ namespace BoredCareers.Controllers { [HttpGet] public async Task GetEmployee() { if (isLoggedIn()) { - Employee[] employees = await _databaseService.GetEmployeesFromAccount(getLoggedInUserID()); + Employee[] employees = await _databaseService.GetEmployeeOfCompanyByAccountID(getLoggedInUserID()); + foreach (Employee cur in employees) { + cur.Company.EmailToken = ""; + } return Ok(employees); } return NotFound("Not logged in"); -- 2.52.0 From 2d0fcaf98c98948cdc8590af4a6d1400bc322781 Mon Sep 17 00:00:00 2001 From: Derek Holloway Date: Tue, 5 Aug 2025 21:55:42 -0700 Subject: [PATCH 3/3] Update DB driver --- src/Server/Services/DatabaseService/Employee.cs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/Server/Services/DatabaseService/Employee.cs b/src/Server/Services/DatabaseService/Employee.cs index b3e926b..8c35c9c 100644 --- a/src/Server/Services/DatabaseService/Employee.cs +++ b/src/Server/Services/DatabaseService/Employee.cs @@ -29,6 +29,7 @@ namespace BoredCareers.Services.DatabaseService { string _name = reader.GetString("Name"); string _email = reader.GetString("Email"); bool _emailVerified = reader.GetBoolean("EmailVerified"); + string _emailtoken = reader.GetString("EmailToken"); string _websiteurl = reader.GetString("WebsiteURL"); string _logo = Encoding.UTF8.GetString((byte[])reader["Logo"]); string _phone = reader.GetString( "Phone" ); @@ -46,6 +47,7 @@ namespace BoredCareers.Services.DatabaseService { Name = _name, Email = _email, EmailVerified = _emailVerified, + EmailToken = _emailtoken, WebsiteURL = _websiteurl, Logo = _logo, Phone = _phone, @@ -84,6 +86,7 @@ namespace BoredCareers.Services.DatabaseService { string _name = reader.GetString("Name"); string _email = reader.GetString("Email"); bool _emailVerified = reader.GetBoolean("EmailVerified"); + string _emailtoken = reader.GetString("EmailToken"); string _websiteurl = reader.GetString("WebsiteURL"); string _logo = Encoding.UTF8.GetString((byte[])reader["Logo"]); string _phone = reader.GetString( "Phone" ); @@ -101,6 +104,7 @@ namespace BoredCareers.Services.DatabaseService { Name = _name, Email = _email, EmailVerified = _emailVerified, + EmailToken = _emailtoken, WebsiteURL = _websiteurl, Logo = _logo, Phone = _phone, @@ -117,7 +121,7 @@ namespace BoredCareers.Services.DatabaseService { return employees.ToArray(); } - public async Task GetEmployeesFromAccount(int AccountID) { + public async Task GetEmployeeOfCompanyByAccountID(int AccountID) { List employees = new List(); using (MySqlConnection connection = GetConnection()) { await connection.OpenAsync(); @@ -139,6 +143,7 @@ namespace BoredCareers.Services.DatabaseService { string _name = reader.GetString("Name"); string _email = reader.GetString("Email"); bool _emailVerified = reader.GetBoolean("EmailVerified"); + string _emailtoken = reader.GetString("EmailToken"); string _websiteurl = reader.GetString("WebsiteURL"); string _logo = Encoding.UTF8.GetString((byte[])reader["Logo"]); string _phone = reader.GetString( "Phone" ); @@ -156,6 +161,7 @@ namespace BoredCareers.Services.DatabaseService { Name = _name, Email = _email, EmailVerified = _emailVerified, + EmailToken = _emailtoken, WebsiteURL = _websiteurl, Logo = _logo, Phone = _phone, -- 2.52.0