Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SQLiteHelper sqlite = new SQLiteHelper();
- if (!sqlite.CheckAdmin())
- {
- [...]
- }
- User login = sqlite.Login(Loginname, HelperClass.MD5Hash(Password));
- class SQLiteHelper
- {
- private SQLiteConnection sqlConn;
- private static string sqliteFile = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + "/database.db"; // set folder for database
- private static string sqlitePw = "databasepw"; // set password for database
- public SQLiteHelper()
- {
- // check if database file exist when not create with password
- if (!File.Exists(sqliteFile))
- {
- sqlConn = new SQLiteConnection("Data Source=" + sqliteFile);
- sqlConn.SetPassword(sqlitePw);
- }
- sqlConn = new SQLiteConnection("Data Source=" + sqliteFile + ";Password=" + sqlitePw); // connect to database
- // create tables, when not exist
- string query =
- "CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY AUTOINCREMENT, 'login' TEXT, 'firstname' TEXT, 'lastname' TEXT, 'persid' TEXT, 'password' Text, 'role' INTEGER, 'first' INTEGER, 'active' INTEGER);" +
- "CREATE TABLE IF NOT EXISTS userRigths (id INTEGER PRIMARY KEY, 'lwe' INTEGER, 'lwa' INTEGER, 'lwb' INTEGER, 'lwi' INTEGER, 'mwe' INTEGER, 'mwa' INTEGER, 'mwb' INTEGER, 'mwi' INTEGER, 'vacc' INTEGER, 'vadr' INTEGER);" +
- "CREATE TABLE IF NOT EXISTS admin ('password' Text);";
- queryNon(query);
- }
- // check if admin password exist
- public bool CheckAdmin()
- {
- sqlConn.Open();
- var command = sqlConn.CreateCommand();
- command.CommandText = "SELECT * FROM admin";
- SQLiteDataReader reader = command.ExecuteReader();
- bool rows = reader.HasRows;
- sqlConn.Close();
- return rows;
- }
- // login user
- // if login doesnt match return an empty user
- public User Login(string login, string pw)
- {
- User user = new User();
- sqlConn.Open();
- if (!login.Equals("Admin"))
- {
- var command = sqlConn.CreateCommand();
- command.CommandText = "SELECT * FROM user LEFT JOIN userRigths ON user.id = userRigths.id WHERE user.login = '" + login + "' AND user.password = '" + pw + "'";
- SQLiteDataReader reader = command.ExecuteReader();
- if (reader.HasRows)
- {
- while (reader.Read())
- {
- user.Id = reader.GetInt32(0);
- user.Login = reader.GetString(1);
- user.Role = reader.GetInt16(6);
- break;
- }
- }
- }
- else
- {
- var command = sqlConn.CreateCommand();
- command.CommandText = "SELECT * FROM admin WHERE admin.password = '" + pw + "'";
- SQLiteDataReader reader = command.ExecuteReader();
- if (reader.HasRows)
- {
- user.Id = 0;
- user.Login = "Admin";
- user.Role = -1;
- }
- }
- sqlConn.Close();
- return user;
- }
- // methode for querys without response
- private void queryNon(string query)
- {
- sqlConn.Open();
- var command = sqlConn.CreateCommand();
- command.CommandText = query;
- command.ExecuteNonQuery();
- sqlConn.Close();
- }
- }
- command.CommandText = "SELECT * FROM user LEFT JOIN userRigths ON user.id = userRigths.id WHERE user.login = '"
- + login + "' AND user.password = '" + pw + "'";
- command.CommandText = "SELECT * FROM user LEFT JOIN userRigths ON user.id = userRigths.id"
- + "WHERE user.login = @login AND user.password = @password";
- command.Parameters.AddWithValue("@login", login);
- command.Parameters.AddWithValue("@password", pw);
- SQLiteDataReader reader = command.ExecuteReader();
- ApplicationDatabase database = new ApplicationDatabase();
- if (!database.CheckAdmin())
- {
- [...]
- }
- User login = database.Login(Loginname, HelperClass.MD5Hash(Password));
- public ApplicationDatabase()
- {
- if (!DatabaseExists())
- {
- CreateDatabase(databaseFile, databasePassword);
- CreateTables();
- }
- ConnectToDatabase();
- }
- public User Login(string login, string password)
- {
- if (!login.Equals("Admin"))
- {
- user = GetUser(login, password);
- }
- else
- {
- user = GetAdmin(login, password);
- }
- return user;
- }
- public bool AdminPasswordExists(){}
- private void QueryWithoutResponse(string query){}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement