Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Web;
- using System.Web.UI;
- using System.Web.UI.WebControls;
- using System.IO;
- using System.Data.SqlClient;
- using System.Text;
- using System.Security.Cryptography;
- using System.Net.Mail;
- using System.Net;
- public partial class pnas : System.Web.UI.Page {
- protected void Page_Load(object sender, EventArgs e) {
- SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder();
- builder.DataSource = @"(local)\sebastianlawe";
- builder.InitialCatalog = "SebastianLawe";
- builder.UserID = System.Web.Configuration.WebConfigurationManager.AppSettings["DatabaseName"];
- builder.Password = System.Web.Configuration.WebConfigurationManager.AppSettings["DatabasePassword"];
- using (BinaryReader reader = new BinaryReader(Request.InputStream)) {
- using (BinaryWriter writer = new BinaryWriter(Response.OutputStream)) {
- if (reader.BaseStream.Length > 0) {
- switch (reader.ReadByte()) {
- case 0:
- // Registration
- string nickname = reader.ReadString();
- string username = reader.ReadString();
- string password = reader.ReadString();
- string email = reader.ReadString();
- bool usernameExists = false;
- bool nicknameExists = false;
- bool emailExists = false;
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText =
- @"SELECT [Username], [Nickname], [Email] FROM [SebastianLawe].[dbo].[ProjectNORLogin]
- WHERE [Username] = @Username OR [Nickname] = @Nickname OR [Email] = @Email";
- command.Parameters.Add(new SqlParameter("@Username", username));
- command.Parameters.Add(new SqlParameter("@Nickname", nickname));
- command.Parameters.Add(new SqlParameter("@Email", email));
- using (SqlDataReader sqlReader = command.ExecuteReader()) {
- while (sqlReader.Read()) {
- if (!usernameExists) {
- usernameExists = username == (sqlReader.GetValue(0) as string);
- break;
- }
- if (!emailExists) {
- emailExists = email == (sqlReader.GetValue(1) as string);
- break;
- }
- if (!nicknameExists) {
- nicknameExists = nickname == (sqlReader.GetValue(2) as string);
- break;
- }
- }
- writer.Write(usernameExists || emailExists || nicknameExists);
- if (usernameExists) {
- writer.Write("Username Already Exists");
- }
- else if (emailExists) {
- writer.Write("Email Already Exists");
- }
- else if (nicknameExists) {
- writer.Write("Nickname Already Exists");
- }
- writer.Flush();
- }
- }
- connection.Close();
- }
- if (!usernameExists && !nicknameExists && !emailExists) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- Guid salt = Guid.NewGuid();
- Guid verificationKey = Guid.NewGuid();
- command.CommandText =
- @"insert into [SebastianLawe].[dbo].[ProjectNORLogin]
- values (NEWID(), @Nickname, @Username, @Password, @Salt, @Email,
- SYSUTCDATETIME(), SYSUTCDATETIME(), 0, @SecurityQuestion, @SecurityAnswer, @Verification, @PasswordResetKey, 0, 0, 0)";
- command.Parameters.Add(new SqlParameter("@Nickname", nickname));
- command.Parameters.Add(new SqlParameter("@Username", username));
- command.Parameters.Add(new SqlParameter("@Password", sha256_hash(password + salt.ToString())));
- command.Parameters.Add(new SqlParameter("@Salt", salt.ToString()));
- command.Parameters.Add(new SqlParameter("@Email", email));
- command.Parameters.Add(new SqlParameter("@SecurityQuestion", reader.ReadString()));
- command.Parameters.Add(new SqlParameter("@SecurityAnswer", reader.ReadString()));
- command.Parameters.Add(new SqlParameter("@Verification", verificationKey));
- command.Parameters.Add(new SqlParameter("@PasswordResetKey", Guid.Empty));
- try {
- command.ExecuteNonQuery();
- writer.Write("");
- MailMessage mail = new MailMessage("no-reply@projectnor.com", email);
- SmtpClient client = new SmtpClient();
- NetworkCredential cred = new NetworkCredential("no-reply@thavea.com", "1am1lwkr");
- client.EnableSsl = true;
- client.Port = 587;
- client.DeliveryMethod = SmtpDeliveryMethod.Network;
- client.UseDefaultCredentials = false;
- client.Host = "smtp.gmail.com";
- client.Credentials = cred;
- mail.Subject = "Project NOR Verification";
- mail.Body = "Thank you for registering to Project NOR!\r\n"
- + "Before you can start playing, you will need enter the following activation key within the game.\r\n\r\n"
- + verificationKey.ToString()
- + "\r\n\r\nThis message is auto generated, any messages received will not get a response.";
- client.Send(mail);
- }
- catch {
- writer.Write("Server Error");
- }
- }
- }
- }
- break;
- case 1:
- // Authenticate
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt], [Nickname], [Paid]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username";
- command.Parameters.AddWithValue("@Username", reader.ReadString());
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(reader.ReadString()
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))) {
- writer.Write(true);
- writer.Write(dataReader.GetValue(3) as string);
- writer.Write((bool)dataReader.GetValue(4));
- }
- else {
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- }
- break;
- case 2:
- // Verify Key
- bool authenticated = false;
- username = reader.ReadString();
- password = reader.ReadString();
- string verification = reader.ReadString();
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt], [Paid], [Verification]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username and [Verification] = @Verification";
- command.Parameters.Add(new SqlParameter("@Username", username));
- command.Parameters.Add(new SqlParameter("@Verification", new Guid(verification.Replace("-", null))));
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(password
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))
- && ((Guid)dataReader.GetValue(4))
- == new Guid(verification)) {
- authenticated = true;
- break;
- }
- }
- }
- }
- }
- if (authenticated) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"update [ProjectNORLogin] set [Paid] = 1 where [Verification] = @Verification";
- command.Parameters.AddWithValue("@Username", username);
- command.Parameters.AddWithValue("@Verification", verification);
- writer.Write((byte)command.ExecuteNonQuery());
- }
- }
- }
- else {
- writer.Write((byte)2);
- }
- break;
- case 3:
- // Get Security Question
- email = reader.ReadString();
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Email], [SecurityQuestion]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Email] = @Email";
- command.Parameters.Add(new SqlParameter("@Email", email));
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- writer.Write(dataReader.GetValue(1) as string);
- }
- }
- writer.Write("This name does not exist.");
- }
- }
- break;
- case 4:
- // Check security answer.
- email = reader.ReadString();
- bool securityQuestionAnswered = false;
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [SecurityAnswer], [Email]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Email] = @Email and [SecurityAnswer] = @SecurityAnswer";
- command.Parameters.Add(new SqlParameter("@Email", email));
- command.Parameters.Add(new SqlParameter("@SecurityAnswer", reader.ReadString()));
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- writer.Write(true);
- securityQuestionAnswered = true;
- break;
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- if (securityQuestionAnswered) {
- Guid passwordResetKey = Guid.NewGuid();
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"update [ProjectNORLogin] set [PasswordResetKey] = @NewKey where [Email] = @Email";
- command.Parameters.Add(new SqlParameter("@Email", email));
- command.Parameters.Add(new SqlParameter("@NewKey", passwordResetKey));
- command.ExecuteNonQuery();
- MailMessage mail = new MailMessage("no-reply@projectnor.com", email);
- SmtpClient client = new SmtpClient();
- NetworkCredential cred = new NetworkCredential("no-reply@thavea.com", "1am1lwkr");
- client.EnableSsl = true;
- client.Port = 587;
- client.DeliveryMethod = SmtpDeliveryMethod.Network;
- client.UseDefaultCredentials = false;
- client.Host = "smtp.gmail.com";
- client.Credentials = cred;
- mail.Subject = "Project NOR Password Reset";
- mail.Body = "Forgot your password? No worries.\r\n"
- + "To reset your password, copy and paste the following code into the games password reset menu.\r\n\r\n"
- + passwordResetKey.ToString()
- + "\r\n\r\nThis message is auto generated, any messages received will not get a response.";
- client.Send(mail);
- }
- }
- }
- break;
- case 5:
- // Reset Password
- Guid passwordKey = new Guid(reader.ReadString());
- string passwordSalt = "";
- bool properResetKeyEntered = false;
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [PasswordResetKey], [Salt]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [PasswordResetKey] = @PasswordResetKey";
- command.Parameters.Add(new SqlParameter("@PasswordResetKey", passwordKey));
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- writer.Write(true);
- properResetKeyEntered = true;
- passwordSalt = dataReader.GetValue(1) as string;
- break;
- }
- }
- writer.Write(false);
- }
- }
- if (properResetKeyEntered) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"update [ProjectNORLogin] set [Password] = @Password, [PasswordResetKey] = @NewResetKey
- where [PasswordResetKey] = @PasswordResetKey";
- command.Parameters.AddWithValue("@PasswordResetKey", passwordKey);
- command.Parameters.AddWithValue("@Password", sha256_hash(reader.ReadString() + passwordSalt));
- command.Parameters.AddWithValue("@NewResetKey", Guid.NewGuid());
- writer.Write((byte)command.ExecuteNonQuery());
- }
- }
- }
- break;
- case 6:
- // Get customization data.
- int visorWorn = 0;
- int pledge = 0;
- int currency = 0;
- Guid identification = Guid.Empty;
- authenticated = false;
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt], [Visor], [Pledge], [Id], [Currency]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username";
- command.Parameters.AddWithValue("@Username", reader.ReadString());
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(reader.ReadString()
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))) {
- visorWorn = (int)dataReader.GetValue(3);
- pledge = (int)dataReader.GetValue(4);
- identification = (Guid)dataReader.GetValue(5);
- currency = (int)dataReader.GetValue(6);
- authenticated = true;
- writer.Write(true);
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- }
- if (authenticated) {
- List<int> visorIndexes = new List<int>();
- List<string> visorNames = new List<string>();
- List<string> visorDescriptions = new List<string>();
- List<int> visorCosts = new List<int>();
- List<bool> purchasedVisors = new List<bool>();
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [VisorIndex], [Name], [Description],
- [Cost], [PledgeCost], [ExclusiveUserID]
- from CustomVisors where @Pledge >= [PledgeCost] or @Id = [ExclusiveUserID]";
- command.Parameters.AddWithValue("@Pledge", pledge);
- command.Parameters.AddWithValue("@Id", identification);
- using (SqlDataReader sqlReader = command.ExecuteReader()) {
- while (sqlReader.Read()) {
- visorIndexes.Add((int)sqlReader.GetValue(0));
- visorNames.Add(sqlReader.GetValue(1) as string);
- visorDescriptions.Add(sqlReader.GetValue(2) as string);
- visorCosts.Add((int)sqlReader.GetValue(3));
- purchasedVisors.Add(false);
- }
- }
- }
- }
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [ItemID], [VisorIndex], [Owner] from ProjectNOROwnedVisors where [Owner] = @Id";
- command.Parameters.AddWithValue("@Id", identification);
- using (SqlDataReader sqlReader = command.ExecuteReader()) {
- while (sqlReader.Read()) {
- purchasedVisors[(int)sqlReader.GetValue(1)] = true;
- }
- }
- }
- }
- writer.Write(visorWorn);
- writer.Write(visorIndexes.Count);
- for (int i = 0; i < visorIndexes.Count; i++) {
- writer.Write(purchasedVisors[i]);
- writer.Write(visorCosts[i]);
- writer.Write(visorDescriptions[i]);
- writer.Write(visorNames[i]);
- writer.Write(visorIndexes[i]);
- }
- writer.Write(currency);
- writer.Flush();
- }
- break;
- case 7:
- // Check if can afford
- authenticated = false;
- currency = 0;
- int itemIndex = 0;
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt], [Currency]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username";
- command.Parameters.AddWithValue("@Username", reader.ReadString());
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(reader.ReadString()
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))) {
- currency = (int)dataReader.GetValue(3);
- itemIndex = reader.ReadInt32();
- authenticated = true;
- writer.Write(true);
- }
- else {
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- }
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [VisorIndex], [Cost] from CustomVisors where @VisorIndex = [VisorIndex]";
- command.Parameters.AddWithValue("@VisorIndex", itemIndex);
- using (SqlDataReader sqlReader = command.ExecuteReader()) {
- while (sqlReader.Read()) {
- writer.Write((int)sqlReader.GetValue(1) > currency);
- }
- }
- }
- }
- break;
- case 8:
- // Check for currency payment.
- authenticated = false;
- currency = 0;
- itemIndex = 0;
- identification = Guid.Empty;
- int itemCost = 0;
- bool canAfford = false;
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt], [Currency], [Id]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username";
- command.Parameters.AddWithValue("@Username", reader.ReadString());
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(reader.ReadString()
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))) {
- currency = (int)dataReader.GetValue(3);
- itemIndex = reader.ReadInt32();
- identification = (Guid)dataReader.GetValue(4);
- authenticated = true;
- writer.Write(true);
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- }
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [VisorIndex], [Cost] from CustomVisors where @VisorIndex = [VisorIndex]";
- command.Parameters.AddWithValue("@VisorIndex", itemIndex);
- using (SqlDataReader sqlReader = command.ExecuteReader()) {
- while (sqlReader.Read()) {
- itemCost = (int)sqlReader.GetValue(1);
- canAfford = itemCost <= currency;
- }
- }
- }
- }
- if (canAfford) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"insert into [ProjectNOROwnedVisors] values(NEWID(), @VisorIndex, @Owner)";
- command.Parameters.AddWithValue("@VisorIndex", itemIndex);
- command.Parameters.AddWithValue("@Owner", identification);
- command.ExecuteNonQuery();
- }
- }
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"update [ProjectNORLogin] set [Currency] = [Currency] - @Cost where [Id] = @Id";
- command.Parameters.AddWithValue("@Cost", itemCost);
- command.Parameters.AddWithValue("@Id", identification);
- command.ExecuteNonQuery();
- }
- }
- }
- break;
- case 9:
- authenticated = false;
- identification = Guid.Empty;
- itemIndex = 0;
- username = reader.ReadString();
- bool owned = false;
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt], [Id]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username";
- command.Parameters.AddWithValue("@Username", username);
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(reader.ReadString()
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))) {
- identification = (Guid)dataReader.GetValue(3);
- itemIndex = reader.ReadInt32();
- authenticated = true;
- writer.Write(true);
- }
- else {
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- }
- if (authenticated) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [VisorIndex]from [ProjectNOROwnedVisors] where @VisorIndex = [VisorIndex]";
- command.Parameters.AddWithValue("@VisorIndex", itemIndex);
- using (SqlDataReader sqlReader = command.ExecuteReader()) {
- while (sqlReader.Read()) {
- owned = true;
- }
- }
- }
- }
- if (owned) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"update [ProjectNORLogin] set [Visor] = @VisorIndex where [Id] = @Id";
- command.Parameters.AddWithValue("@VisorIndex", itemIndex);
- command.Parameters.AddWithValue("@Id", identification);
- command.ExecuteNonQuery();
- }
- }
- }
- }
- break;
- case 10:
- // Register Match
- authenticated = false;
- Guid id = Guid.Empty;
- username = reader.ReadString();
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt],
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username";
- command.Parameters.AddWithValue("@Username", username);
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(reader.ReadString()
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))) {
- id = new Guid(reader.ReadString());
- authenticated = true;
- writer.Write(true);
- }
- else {
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- }
- if (authenticated) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"insert into [ProjectNORMatches] values(@MatchId, SYSUTCDATETIME())";
- command.Parameters.AddWithValue("@MatchId", id);
- command.ExecuteNonQuery();
- }
- }
- }
- break;
- case 11:
- // Mark Finished Match
- authenticated = false;
- id = Guid.Empty;
- bool winningTeam = false;
- username = reader.ReadString();
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt],
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username";
- command.Parameters.AddWithValue("@Username", username);
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(reader.ReadString()
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))) {
- id = new Guid(reader.ReadString());
- winningTeam = reader.ReadBoolean();
- authenticated = true;
- writer.Write(true);
- }
- else {
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- }
- if (authenticated) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"update [ProjectNORMatches] set [MatchEnd] = SYSUTCDATETIME(), [WinningTeam] = @WinningTeam, [PointsAwarded] = 1";
- command.Parameters.AddWithValue("@MatchId", id);
- command.Parameters.AddWithValue("@WinningTeam", winningTeam);
- command.ExecuteNonQuery();
- }
- }
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"update login
- set login.Currency = login.Currency + 2
- from [ProjectNORLogin] login
- inner join [ProjectNORMatchParticipants]
- participants on login.Id = participants.PlayerId
- and participants.MatchId = @MatchId
- and participants.Team = @WinningTeam";
- command.Parameters.AddWithValue("@MatchId", id);
- command.Parameters.AddWithValue("@WinningTeam", winningTeam);
- command.ExecuteNonQuery();
- }
- }
- }
- break;
- case 12:
- // Register Participant
- authenticated = false;
- identification = Guid.Empty;
- id = Guid.Empty;
- username = reader.ReadString();
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"select [Username], [Password], [Salt],[Id]
- from [SebastianLawe].[dbo].[ProjectNORLogin] where [Username] = @Username";
- command.Parameters.AddWithValue("@Username", username);
- using (SqlDataReader dataReader = command.ExecuteReader()) {
- while (dataReader.Read()) {
- if ((sha256_hash(reader.ReadString()
- + (dataReader.GetValue(2) as string))
- == (dataReader.GetValue(1) as string))) {
- identification = (Guid)dataReader.GetValue(3);
- id = new Guid(reader.ReadString());
- authenticated = true;
- writer.Write(true);
- }
- else {
- }
- }
- writer.Write(false);
- writer.Flush();
- }
- }
- }
- if (authenticated) {
- using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) {
- connection.Open();
- using (SqlCommand command = connection.CreateCommand()) {
- command.CommandText = @"insert into [ProjectNORMatchParticipants] values(NEWID(), @PlayerId, @MatchId)";
- command.Parameters.AddWithValue("@PlayerId", identification);
- command.Parameters.AddWithValue("@MatchId", id);
- command.ExecuteNonQuery();
- }
- }
- }
- break;
- }
- }
- else {
- writer.Write("Access Denied.");
- }
- }
- }
- }
- public static string sha256_hash(string value) {
- StringBuilder Sb = new StringBuilder();
- using (SHA256 hash = SHA256Managed.Create()) {
- Encoding enc = Encoding.UTF8;
- byte[] result = hash.ComputeHash(enc.GetBytes(value));
- foreach (byte b in result)
- Sb.Append(b.ToString("x2"));
- }
- return Sb.ToString();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement