using System; using System.Data; using System.Data.SqlClient; using System.Configuration; using System.Security.Cryptography; // ****** using System.Text; // ****** using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; /// /// Summary description for KasutajaProvider /// public class KasutajaProvider : MembershipProvider { private byte[] Krypt(string tekst) { SHA1 sha = new SHA1CryptoServiceProvider(); return sha.ComputeHash(Encoding.Unicode.GetBytes(tekst)); } public override string ApplicationName { get { throw new Exception("The method or operation is not implemented."); } set { throw new Exception("The method or operation is not implemented."); } } public override bool ChangePassword(string username, string oldPassword, string newPassword) { SqlConnection conn = new SqlConnection( ConfigurationManager.ConnectionStrings["yhendusTekst"].ConnectionString); SqlCommand cmd = new SqlCommand( "UPDATE Kasutaja_tbl SET paroolSHA = @pwd WHERE KasutajaNimi = @kasutaja AND paroolSHA = @vanaPwd", conn); cmd.Parameters.AddWithValue("@pwd", Krypt(newPassword)); cmd.Parameters.AddWithValue("@kasutaja", username.ToUpper()); cmd.Parameters.AddWithValue("@vanaPwd", Krypt(oldPassword)); conn.Open(); int tulemus = cmd.ExecuteNonQuery(); conn.Close(); return tulemus > 0; } public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { throw new Exception("The method or operation is not implemented."); } public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { MembershipUser kasutaja = null; SqlConnection conn = new SqlConnection( ConfigurationManager.ConnectionStrings["yhendusTekst"].ConnectionString); SqlCommand cmd = new SqlCommand( "SELECT 1 AS olemas FROM Kasutaja_tbl WHERE KasutajaNimi = @kasutaja", conn); cmd.Parameters.AddWithValue("@kasutaja", username.ToUpper()); conn.Open(); object ok = cmd.ExecuteScalar(); if ( ok == null ) { // sellise nimega kasutajat veel ei ole -- tekitame cmd.CommandText = "INSERT Kasutaja_tbl (Nimi, KasutajaNimi, ParoolSHA) VALUES (@Nimi, @kasutaja, @Pwd)"; cmd.Parameters.AddWithValue("@Nimi", username); cmd.Parameters.AddWithValue("@Pwd", Krypt(password)); int tulemus = cmd.ExecuteNonQuery(); if (tulemus == 0) { status = MembershipCreateStatus.ProviderError; } else { status = MembershipCreateStatus.Success; kasutaja = new MembershipUser(this.Name, username, null, "", "", "", true, false, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now); } } else { // kasutaja on juba olemas status = MembershipCreateStatus.DuplicateUserName; } conn.Close(); return kasutaja; } public override bool DeleteUser(string username, bool deleteAllRelatedData) { throw new Exception("The method or operation is not implemented."); } public override bool EnablePasswordReset { get { throw new Exception("The method or operation is not implemented."); } } public override bool EnablePasswordRetrieval { get { throw new Exception("The method or operation is not implemented."); } } public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) { throw new Exception("The method or operation is not implemented."); } public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) { throw new Exception("The method or operation is not implemented."); } public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) { throw new Exception("The method or operation is not implemented."); } public override int GetNumberOfUsersOnline() { throw new Exception("The method or operation is not implemented."); } public override string GetPassword(string username, string answer) { throw new Exception("The method or operation is not implemented."); } public override MembershipUser GetUser(string username, bool userIsOnline) { SqlConnection conn = new SqlConnection( ConfigurationManager.ConnectionStrings["yhendusTekst"].ConnectionString); SqlCommand cmd = new SqlCommand("SELECT KasutajaNimi FROM Kasutaja_tbl WHERE KasutajaNimi = @kasutaja", conn); cmd.Parameters.AddWithValue("@kasutaja", username.ToUpper()); conn.Open(); string kasutaja = cmd.ExecuteScalar() as string; conn.Close(); return new MembershipUser(this.Name, kasutaja, null, "", "", "", true, false, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now); } public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) { throw new Exception("The method or operation is not implemented."); } public override string GetUserNameByEmail(string email) { throw new Exception("The method or operation is not implemented."); } public override int MaxInvalidPasswordAttempts { get { throw new Exception("The method or operation is not implemented."); } } public override int MinRequiredNonAlphanumericCharacters { get { return 0; } } public override int MinRequiredPasswordLength { get { return 2; } } public override int PasswordAttemptWindow { get { throw new Exception("The method or operation is not implemented."); } } public override MembershipPasswordFormat PasswordFormat { get { throw new Exception("The method or operation is not implemented."); } } public override string PasswordStrengthRegularExpression { get { throw new Exception("The method or operation is not implemented."); } } public override bool RequiresQuestionAndAnswer { get { return false; } } public override bool RequiresUniqueEmail { get { throw new Exception("The method or operation is not implemented."); } } public override string ResetPassword(string username, string answer) { throw new Exception("The method or operation is not implemented."); } public override bool UnlockUser(string userName) { throw new Exception("The method or operation is not implemented."); } public override void UpdateUser(MembershipUser user) { throw new Exception("The method or operation is not implemented."); } public override bool ValidateUser(string username, string password) { bool tulemus = false; SqlConnection conn = new SqlConnection( ConfigurationManager.ConnectionStrings["yhendusTekst"].ConnectionString); SqlCommand cmd = new SqlCommand( "SELECT 1 AS ok FROM Kasutaja_tbl WHERE KasutajaNimi = @nimi AND ParoolSHA = @pwd", conn); cmd.Parameters.AddWithValue("@nimi", username.ToUpper()); cmd.Parameters.AddWithValue("@pwd", Krypt(password)); conn.Open(); object ok = cmd.ExecuteScalar(); conn.Close(); tulemus = ok != null; return tulemus; } public int KysiKasutajaID(string KasutajaNimi) { SqlConnection conn = new SqlConnection( ConfigurationManager.ConnectionStrings["yhendusTekst"].ConnectionString); SqlCommand cmd = new SqlCommand( "SELECT KasutajaID FROM Kasutaja_tbl "+ "WHERE KasutajaNimi = @nimi", conn); cmd.Parameters.AddWithValue("@nimi", KasutajaNimi.ToUpper()); conn.Open(); object vastus = cmd.ExecuteScalar(); conn.Close(); if (vastus == null) { return -1; } return Convert.ToInt32(vastus); } }