public Verify ( string uuid, string password ) : Account | ||
uuid | string | |
password | string | |
return | Account |
public Account Verify(string uuid, string password)
{
MySqlCommand cmd = CreateQuery();
cmd.CommandText =
"SELECT id, name, rank, namechosen, verified, guild, guildRank, guildFame, banned, locked, ignored, bonuses, tags FROM accounts WHERE uuid=@uuid AND password=SHA1(@password);";
cmd.Parameters.AddWithValue("@uuid", uuid);
cmd.Parameters.AddWithValue("@password", password);
Account ret;
using (MySqlDataReader rdr = cmd.ExecuteReader())
{
if (!rdr.HasRows) return null;
rdr.Read();
ret = new Account
{
Name = rdr.GetString(UppercaseFirst("name")),
AccountId = rdr.GetInt32("id"),
Admin = rdr.GetInt32("rank") >= 2,
Rank = rdr.GetInt32("rank"),
Banned = rdr.GetBoolean("banned"),
BeginnerPackageTimeLeft = 0,
Converted = false,
Guild = new Guild
{
Id = rdr.GetInt32("guild"),
Rank = rdr.GetInt32("guildRank"),
Fame = rdr.GetInt32("guildFame")
},
NameChosen = rdr.GetBoolean("namechosen"),
NextCharSlotPrice = 5000,
VerifiedEmail = true, //rdr.GetBoolean("verified")
Locked = Utils.StringListToIntList(rdr.GetString("locked").Split(',').ToList()),
Ignored = Utils.StringListToIntList(rdr.GetString("ignored").Split(',').ToList()),
Bonuses = Utils.FromCommaSepString16(rdr.GetString("bonuses")).ToList(),
Tags = rdr.GetString("tags")
};
}
ReadStats(ret);
ret.Guild.Name = GetGuildName(ret.Guild.Id);
return ret;
}
protected override void HandleRequest() { using (Database db = new Database()) { Account acc = db.Verify(Query["guid"], Query["password"], Program.GameData); if (CheckAccount(acc, db)) { if (acc.VerifiedEmail || !Program.Settings.GetValue<bool>("verifyEmail")) return; string authKey = Database.GenerateRandomString(128); var cmd = db.CreateQuery(); cmd.CommandText = "UPDATE accounts SET uuid=@newGuid, authToken=@newAuthToken WHERE uuid=@oldGuid;"; cmd.Parameters.AddWithValue("@newGuid", Query["newGuid"]); cmd.Parameters.AddWithValue("@newAuthToken", authKey); cmd.Parameters.AddWithValue("@oldGuid", Query["guid"]); cmd.Parameters.AddWithValue("@password", Query["password"]); cmd.ExecuteNonQuery(); MailMessage message = new MailMessage(); message.To.Add(Query["newGuid"]); message.IsBodyHtml = true; message.Subject = "Please verify your account."; message.From = new MailAddress(Program.Settings.GetValue<string>("serverEmail", "")); message.Body = "<center>Please verify your email via this <a href=\"" + Program.Settings.GetValue<string>("serverDomain", "localhost") + "/account/validateEmail?authToken=" + authKey + "\" target=\"_blank\">link</a>.</center>"; Program.SendEmail(message, true); } } }