Beispiel #1
0
        protected void HigherButton_Click(object sender, EventArgs e)
        {
            Int16 ID = -1;

            if (Request.Cookies["user"] != null)
            {
                if (Request.Cookies["user"]["id"] != null)
                {
                    ID = Int16.Parse(Request.Cookies["user"]["id"]);
                }
            }
            Int32 CurrentNumber = Int32.Parse(this.NumberLabel.Text);

            this.NumberLabel.Text = ((Random)Session["higherorlowerrandom"]).Next().ToString();
            SqlConnection SQLConnection = new SqlConnection(VulnApp.Properties.Settings.Default.DatabaseConnectionString);

            SQLConnection.Open();
            SqlCommand    SQLCommand    = new SqlCommand("SELECT * from users WHERE id=" + ID.ToString(), SQLConnection);
            SqlDataReader SQLDataReader = SQLCommand.ExecuteReader();

            if (SQLDataReader.HasRows)
            {
                SQLDataReader.Read();
                Int64 CurrentScore = SQLDataReader.GetInt64(5);
                if (CurrentNumber < Int32.Parse(this.NumberLabel.Text))
                {
                    SQLConnection.Close();
                    SQLConnection.Open();
                    SQLCommand = new SqlCommand("UPDATE users SET score=" + (CurrentScore + 100) + " WHERE id=" + ID.ToString(), SQLConnection);
                    SQLCommand.ExecuteNonQuery();
                    VulnService VulnService = new VulnService();
                    this.ScoreLabel.Text = VulnService.GetScore(ID.ToString()) + " points; You said Higher (Old: " + CurrentNumber.ToString() + " < New: " + this.NumberLabel.Text + ") #winning";
                }
                else
                {
                    SQLConnection.Close();
                    SQLConnection.Open();
                    SQLCommand = new SqlCommand("UPDATE users SET score=" + (CurrentScore - 100) + " WHERE id=" + ID.ToString(), SQLConnection);
                    SQLCommand.ExecuteNonQuery();
                    VulnService VulnService = new VulnService();
                    this.ScoreLabel.Text = VulnService.GetScore(ID.ToString()) + " points; You said Higher (Old: " + CurrentNumber.ToString() + " > New: " + this.NumberLabel.Text + ") :(";
                }
            }
            else
            {
                ID = -1;
                Response.Cookies["user"]["id"] = ID.ToString();
                SQLConnection.Close();
                SQLConnection.Dispose();
                Response.Redirect("Default.aspx?returnurl=HigherOrLower.aspx&error=Please+log+in", true);
            }
            SQLConnection.Close();
            SQLConnection.Dispose();
        }
Beispiel #2
0
        protected void Page_Load(object sender, EventArgs e)
        {
            Int16 ID = -1;

            if (Request.Cookies["user"] != null)
            {
                if (Request.Cookies["user"]["id"] != null)
                {
                    ID = Int16.Parse(Request.Cookies["user"]["id"]);
                }
            }
            SqlConnection SQLConnection = new SqlConnection(VulnApp.Properties.Settings.Default.DatabaseConnectionString);

            SQLConnection.Open();
            SqlCommand    SQLCommand    = new SqlCommand("SELECT * from users WHERE id=" + ID.ToString(), SQLConnection);
            SqlDataReader SQLDataReader = SQLCommand.ExecuteReader();

            if (SQLDataReader.HasRows)
            {
                if (Session["higherorlowerrandom"] == null)
                {
                    Random HigherOrLowerRandom = new Random(ID);
                    Session["higherorlowerrandom"] = HigherOrLowerRandom;
                    this.NumberLabel.Text          = ((Random)Session["higherorlowerrandom"]).Next().ToString();
                }
                VulnService VulnService = new VulnService();
                this.ScoreLabel.Text = VulnService.GetScore(ID.ToString()) + " points";
            }
            else
            {
                ID = -1;
                Response.Cookies["user"]["id"] = ID.ToString();
                SQLConnection.Close();
                SQLConnection.Dispose();
                Response.Redirect("Default.aspx?returnurl=HigherOrLower.aspx&error=Please+log+in", true);
            }
            SQLConnection.Close();
            SQLConnection.Dispose();
        }