protected bool isTopicCorrect()
{
bool correct = true;
CheckErrors errors = new CheckErrors();
//check if id contains a special character:
if (!errors.isDigit(topicId))
{
correct = false;
}
//check if id contains an id that does not exist in DB:
else if (errors.ContainsSpecialChars(topicId))
{
correct = false;
}
if (correct)
{
connect.Open();
SqlCommand cmd = connect.CreateCommand();
//Count the existance of the topic:
cmd.CommandText = "select count(*) from Topics where topicId = '" + topicId + "' ";
int count = Convert.ToInt32(cmd.ExecuteScalar());
if (count > 0)//if count > 0, then the topic ID exists in DB.
{
cmd.CommandText = "select topic_createdBy from Topics where topicId = '" + topicId + "' ";
string creatorId = cmd.ExecuteScalar().ToString();
cmd.CommandText = "select userId from Users where loginId = '" + loginId + "' ";
string userId = cmd.ExecuteScalar().ToString();
cmd.CommandText = "select topic_isDeleted from Topics where topicId = '" + topicId + "' ";
int isDeleted = Convert.ToInt32(cmd.ExecuteScalar());
//check if id belongs to a different user:
//if (!userId.Equals(creatorId))
// correct = false;
//else
if (isDeleted == 1)
{
correct = false;
}
}
else
{
correct = false; // means that the topic ID does not exists in DB.
}
connect.Close();
}
return(correct);
}
protected static bool isTestCaseCorrect(string testCaseId, string creatorId)
{
bool correct = true;
CheckErrors errors = new CheckErrors();
//check if id contains a special character:
if (!errors.isDigit(testCaseId))
{
correct = false;
}
//check if id contains an id that does not exist in DB:
else if (errors.ContainsSpecialChars(testCaseId))
{
correct = false;
}
if (correct)
{
Configuration config = new Configuration();
SqlConnection connect = new SqlConnection(config.getConnectionString());
SqlCommand cmd = connect.CreateCommand();
connect.Open();
//Count the existance of the topic:
cmd.CommandText = "select count(*) from TestCases where testCaseId = '" + testCaseId + "' ";
int count = Convert.ToInt32(cmd.ExecuteScalar());
if (count > 0)//if count > 0, then the project ID exists in DB.
{
cmd.CommandText = "select testCase_createdBy from TestCases where testCaseId = '" + testCaseId + "' ";
string actual_creatorId = cmd.ExecuteScalar().ToString();
cmd.CommandText = "select testCase_isDeleted from TestCases where testCaseId = '" + testCaseId + "' ";
int isDeleted = Convert.ToInt32(cmd.ExecuteScalar());
if (isDeleted == 1)
{
correct = false;
}
}
else
{
correct = false; // means that the project ID does not exists in DB.
}
connect.Close();
}
return(correct);
}
protected bool isUserCorrect()
{
bool correct = true;
CheckErrors errors = new CheckErrors();
//check if id contains a special character:
if (!errors.isDigit(profileId))
{
correct = false;
}
//check if id contains an id that does not exist in DB:
else if (errors.ContainsSpecialChars(profileId))
{
correct = false;
}
if (correct)
{
connect.Open();
SqlCommand cmd = connect.CreateCommand();
//Count the existance of the user:
cmd.CommandText = "select count(*) from Users where userId = '" + profileId + "' ";
int count = Convert.ToInt32(cmd.ExecuteScalar());
if (count > 0)//if count > 0, then the user ID exists in DB.
{
//Get the current user's ID who is trying to access the profile:
cmd.CommandText = "select userId from Users where loginId = '" + loginId + "' ";
string current_userId = cmd.ExecuteScalar().ToString();
//Maybe later use the current user's ID to check if the current user has access to view the selected profile.
}
else
{
correct = false; // means that the user ID does not exists in DB.
}
connect.Close();
}
return(correct);
}
protected static bool isAccountCorrect(string in_profileId, int terminateOrUnlock)
{
Configuration config = new Configuration();
SqlConnection connect = new SqlConnection(config.getConnectionString());
bool correct = true;
CheckErrors errors = new CheckErrors();
//check if id contains a special character:
if (!errors.isDigit(in_profileId))
{
correct = false;
}
//check if id contains an id that does not exist in DB:
else if (errors.ContainsSpecialChars(in_profileId))
{
correct = false;
}
if (correct)
{
connect.Open();
SqlCommand cmd = connect.CreateCommand();
//Count the existance of the user:
cmd.CommandText = "select count(*) from Users where userId = '" + in_profileId + "' ";
int count = Convert.ToInt32(cmd.ExecuteScalar());
if (count > 0)//if count > 0, then the user ID exists in DB.
{
//Get the current user's ID who is trying to access the profile:
cmd.CommandText = "select userId from Users where loginId = '" + g_loginId + "' ";
string current_userId = cmd.ExecuteScalar().ToString();
cmd.CommandText = "select loginId from users where userId = '" + in_profileId + "' ";
string account_loginId = cmd.ExecuteScalar().ToString();
cmd.CommandText = "select login_isActive from Logins where loginId = '" + account_loginId + "' ";
int isActive = Convert.ToInt32(cmd.ExecuteScalar());
if (terminateOrUnlock == 1)// if the command was to terminate:
{
if (isActive == 0)
{
correct = false;
}
else if (terminateOrUnlock == 2)// if the command was to unlock:
{
if (isActive == 1)
{
correct = false;
}
}
}
//Maybe later use the current user's ID to check if the current user has access to view the selected profile.
if (account_loginId == g_loginId)
{
correct = false;
}
}
else
{
correct = false; // means that the user ID does not exists in DB.
}
connect.Close();
}
return(correct);
}
