Ejemplo n.º 1
0
    protected void btnAdd_Click(object sender, EventArgs e)
    {
        using (SqlConnection Rikka = new SqlConnection(Dekomori.GetConnection()))
        {
            Util    audlog = new Util();
            Cryptic cs     = new Cryptic();
            Rikka.Open();
            string Takanashi = @"INSERT INTO ADMIN_MAIN(Admin_PW, First_Name, Last_Name, Middle_Name, User_ID, UserType_ID)
                            VALUES(@Admin_PW, @First_Name, @Last_Name, @Middle_Name, @User_ID, @UserType_ID) ";



            using (SqlCommand WickedEye = new SqlCommand(Takanashi, Rikka))
            {
                WickedEye.Parameters.AddWithValue("@Admin_ID", Session["Admin_ID"].ToString());

                WickedEye.Parameters.AddWithValue("@First_Name", txtFN.Text);
                WickedEye.Parameters.AddWithValue("@Last_Name", txtLN.Text);
                WickedEye.Parameters.AddWithValue("@Middle_Name", txtMN.Text);
                WickedEye.Parameters.AddWithValue("@User_ID", txtUID.Text);
                WickedEye.Parameters.AddWithValue("@Admin_PW", txtPass.Text);
                WickedEye.Parameters.AddWithValue("@UserType_ID", ddlUsers.Text);
                WickedEye.ExecuteNonQuery();

                //Nathaniel Collins S. Ortiz V
                audlog.AuditLogAdmin(cs.Encrypt("Adding an Admin"), int.Parse(Session["user_id"].ToString()), cs.Encrypt("Added by IT Admin "
                                                                                                                         + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                Response.Redirect("ViewAdmin.aspx");
            }
        }
    }
Ejemplo n.º 2
0
    //void GetSection(string keyword)
    //{
    //    using (SqlConnection con = new SqlConnection(Util.GetConnection()))
    //    {
    //        string SQL =
    //    }
    //}

    protected void lvSection_ItemCommand(object sender, ListViewCommandEventArgs e)
    {
        Util    audlog      = new Util();
        Cryptic DE          = new Cryptic();
        Literal ltSectionID = (Literal)e.Item.FindControl("ltSectionID");

        if (e.CommandName == "delsec")
        {
            using (SqlConnection con = new SqlConnection(Util.GetConnection()))
            {
                con.Open();
                string DELETE = @"DELETE FROM SECTION WHERE Section_ID=@SecID";
                using (SqlCommand Nero = new SqlCommand(DELETE, con))
                {
                    Nero.Parameters.AddWithValue("@SecID", ltSectionID.Text);
                    Nero.ExecuteNonQuery();
                    audlog.AuditLogAdmin(DE.Encrypt("Delete Section"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Deleted by "
                                                                                                                            + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                }
            }
        }
        else if (e.CommandName == "updatesec")
        {
        }
        ViewSection();
    }
Ejemplo n.º 3
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection Rikka = new SqlConnection(Dekomori.GetConnection()))
        {
            Cryptic  DE     = new Cryptic();
            Dekomori audlog = new Dekomori();
            Rikka.Open();
            string Takanashi = @"UPDATE ADMIN_MAIN SET User_ID=@User_ID, UserType_ID=@UserType_ID, Admin_PW=@PW WHERE Admin_ID=@Admin_ID";

            using (SqlCommand WickedEye = new SqlCommand(Takanashi, Rikka))
            {
                WickedEye.Parameters.AddWithValue("@AID", Session["Admin_ID"].ToString());

                //Admin Access Level
                WickedEye.Parameters.AddWithValue("@User_ID", txtUID.Text);
                WickedEye.Parameters.AddWithValue("@UserType_ID", ddlUsers.Text);
                WickedEye.Parameters.AddWithValue("@PW", txtPass.Text);
                WickedEye.Parameters.AddWithValue("@Admin_ID", Request.QueryString["ID"].ToString());
                WickedEye.ExecuteNonQuery();
                //Nathaniel Collins S. Ortiz V
                audlog.AuditLogAdmin(DE.Encrypt("Editing an Admin"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Edited by IT Admin"
                                                                                                                          + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                Response.Redirect("ViewAdmin.aspx");
            }
        }
    }
Ejemplo n.º 4
0
        /// <summary>
        /// Encrypts the files generated
        /// </summary>
        /// <param name="C">Crypto engine</param>
        private static void EncryptFiles(Cryptic C)
        {
            Console.Clear();
            int i = 0;

            Console.Error.Write("Encrypting the fake documents we made earlier...");
            while (true)
            {
                var FN = $"Document_{i++}.txt";
                if (File.Exists(FN))
                {
                    File.WriteAllBytes($"{FN}.crytest", C.Crypt(File.ReadAllBytes(FN)));
                    File.Delete(FN);
                }
                else
                {
                    //We are done
                    break;
                }
            }

            SC((int)ConsoleColor.Green);
            Console.Error.WriteLine("[DONE]");
            RC();
        }
Ejemplo n.º 5
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection con = new SqlConnection(Util.GetConnection()))
        {
            Cryptic DE     = new Cryptic();
            Util    audlog = new Util();
            string  sql    = @"UPDATE TEACHER_MAIN SET User_ID=@UID, Teacher_PW=@PW WHERE Teacher_ID = @SID";
            con.Open();

            using (SqlCommand com = new SqlCommand(sql, con))
            {   //Nathaniel Collins S. Ortiz
                com.Parameters.AddWithValue("@AID", Session["Admin_ID"].ToString());

                com.Parameters.AddWithValue("@UID", txtUID.Text);
                com.Parameters.AddWithValue("@PW", txtPass.Text);
                com.Parameters.AddWithValue("@SID", Request.QueryString["ID"].ToString());
                com.ExecuteNonQuery();

                //Nathaniel Collins S. Ortiz
                audlog.AuditLogAdmin(DE.Encrypt("Editing a Faculty's Password"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Edited by IT Admin"
                                                                                                                                      + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                Response.Redirect("FacultyList.aspx");
            }
        }
    }
Ejemplo n.º 6
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection fu = new SqlConnection(Util.GetConnection()))
        {
            Util    audlog = new Util();
            Cryptic DE     = new Cryptic();
            fu.Open();
            //string wai = "";
            //if (txtPassword.Text == "")
            //{
            //    wai = "@UPDATE TEACHER_MAIN SET Teacher_ID=@TID Teacher_FirstName=@TFN, Teacher_MiddleName=@TMN, Teacher_LastName=@TLN WHERE User_ID = @UID";
            //}
            //else
            //{
            string wai = @"UPDATE TEACHER_MAIN SET Teacher_PW=@TPW, Teacher_FirstName=@TFN, Teacher_MiddleName=@TMN, Teacher_LastName=@TLN, Department=@Department WHERE Teacher_ID = @Teacher_ID";
            //}
            using (SqlCommand best = new SqlCommand(wai, fu))
            {
                best.Parameters.AddWithValue("@Teacher_ID", Session["Teacher_ID"].ToString());
                best.Parameters.AddWithValue("@TPW", txtPassword.Text);
                best.Parameters.AddWithValue("@TFN", txtFN.Text);
                best.Parameters.AddWithValue("@TMN", txtMN.Text);
                best.Parameters.AddWithValue("@TLN", txtLN.Text);
                best.Parameters.AddWithValue("@Department", txtDept.Text);

                audlog.AuditLogAdmin(DE.Encrypt("Edit Faculty Profile"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Edited by Teacher "
                                                                                                                              + Session["teacher_firstname"].ToString() + " " + Session["teacher_middlename"].ToString() + Session["teacher_lastname"].ToString()));
                best.ExecuteNonQuery();
                Response.Redirect("Profile.aspx");
            }
            fu.Close();
        }
    }
Ejemplo n.º 7
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection con = new SqlConnection(Util.GetConnection()))
        {
            Util    audlog = new Util();
            Cryptic DE     = new Cryptic();
            string  sql    = @"UPDATE UPLOAD_LECTURE SET Title=@Title, Description=@Description WHERE UploadLecture_ID=@ID";
            con.Open();

            using (SqlCommand com = new SqlCommand(sql, con))
            {
                //audit
                com.Parameters.AddWithValue("@TeacherID", Session["Teacher_ID"].ToString());
                //
                com.Parameters.AddWithValue("@Title", txtTitle.Text);
                com.Parameters.AddWithValue("@Description", txtDescription.Text);
                com.Parameters.AddWithValue("@ID", Request.QueryString["ID"].ToString());
                com.ExecuteNonQuery();
                audlog.AuditLogAdmin(DE.Encrypt("Edited Lectures"), int.Parse(Session["teacher_id"].ToString()), DE.Encrypt("Edited Lectures by "
                                                                                                                            + Session["teacher_firstname"].ToString() + " " + Session["teacher_middlename"].ToString() + Session["teacher_lastname"].ToString()));
                //audlog.AuditLogTeacher("Edited Lectures", int.Parse(Session["teacher_id"].ToString()), "Edited Lectures by "
                //           + Session["teacher_firstname"].ToString() + " " + Session["teacher_middlename"].ToString() + Session["teacher_lastname"].ToString());
                Response.Redirect("ViewLectures.aspx");
            }
        }
    }
Ejemplo n.º 8
0
    protected void btnAdd_Click(object sender, EventArgs e)
    {
        using (SqlConnection sandwich = new SqlConnection(Util.GetConnection()))
        {
            Util    audlog = new Util();
            Cryptic DE     = new Cryptic();
            sandwich.Open();
            string cheese = @"INSERT INTO SECTION(Section_Name, Year_level)
                            VALUES(@Section_Name, @Year_level) ";



            using (SqlCommand bread = new SqlCommand(cheese, sandwich))
            {
                //Audit Session
                bread.Parameters.AddWithValue("@Admin_ID", Session["Admin_ID"].ToString());
                //
                //bread.Parameters.AddWithValue("@Section_ID",int.Parse(txtSectionID.Text));
                bread.Parameters.AddWithValue("@Section_Name", txtSectionName.Text);
                //bread.Parameters.AddWithValue("@Time_Stamp", DateTime.Now);
                bread.Parameters.AddWithValue("@Year_level", int.Parse(txtYL.Text));
                bread.ExecuteNonQuery();
                audlog.AuditLogAdmin(DE.Encrypt("Adding a Section"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Added by Registrar "
                                                                                                                          + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                Response.Redirect("ViewSection.aspx");
            }
        }
    }
Ejemplo n.º 9
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection con = new SqlConnection(Util.GetConnection()))
        {
            string sql = @"UPDATE ANNOUNCEMENT SET Title=@Title, Description=@Description WHERE Announcement_ID=@Announcement_ID";
            con.Open();

            using (SqlCommand com = new SqlCommand(sql, con))
            {
                Cryptic DE     = new Cryptic();
                Util    audlog = new Util();
                //audit
                com.Parameters.AddWithValue("@TID", Session["Teacher_ID"].ToString());
                //
                com.Parameters.AddWithValue("@Title", txtTitle.Text);
                com.Parameters.AddWithValue("@Description", txtDescription.Text);
                com.Parameters.AddWithValue("@Announcement_ID", Request.QueryString["ID"].ToString());
                com.ExecuteNonQuery();
                audlog.AuditLogAdmin(DE.Encrypt("Announcements Details"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Edited by Teacher "
                                                                                                                               + Session["teacher_firstname"].ToString() + " " + Session["teacher_middlename"].ToString() + Session["teacher_lastname"].ToString()));
                //audlog.AuditLogTeacher("Announcement Details", int.Parse(Session["teacher_id"].ToString()), "Edited by "
                //          + Session["teacher_firstname"].ToString() + " " + Session["teacher_middlename"].ToString() + Session["teacher_lastname"].ToString());

                Response.Redirect("ViewAnnouncement.aspx");
            }
        }
    }
Ejemplo n.º 10
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection Rikka = new SqlConnection(Dekomori.GetConnection()))
        {
            Util    audlog = new Util();
            Cryptic DE     = new Cryptic();
            Rikka.Open();
            string Takanashi = @"UPDATE ENCODING_STATUS SET Quarter_ID=@QID, SY_ID=@SY WHERE
                                EncodingStat_ID=1";


            using (SqlCommand WickedEye = new SqlCommand(Takanashi, Rikka))
            {
                WickedEye.Parameters.AddWithValue("@Admin_ID", Session["Admin_ID"].ToString());

                //Subject
                WickedEye.Parameters.AddWithValue("@QID", ddlQT.Text);
                WickedEye.Parameters.AddWithValue("@SY", ddlSY.Text);


                WickedEye.ExecuteNonQuery();


                //Nathaniel Collins S. Ortiz
                audlog.AuditLogAdmin(DE.Encrypt("Assigned SY and Quarter"), int.Parse(Session["admin_id"].ToString()), DE.Encrypt("School Year and Quarter assigned by "
                                                                                                                                  + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));

                Response.Redirect("EnableEncoding.aspx");
            }
        }
    }
Ejemplo n.º 11
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        Util    audlog = new Util();
        Cryptic DE     = new Cryptic();

        using (SqlConnection con = new SqlConnection(Util.GetConnection()))
        {
            string sql = @"UPDATE STUDENT_MAIN SET User_ID=@UID, Studnet_PW=@PW WHERE Student_ID=@SID";
            con.Open();

            using (SqlCommand com = new SqlCommand(sql, con))
            {
                com.Parameters.AddWithValue("@UID", txtUID.Text);
                com.Parameters.AddWithValue("@PW", txtPWD.Text);


                com.Parameters.AddWithValue("@SID", Request.QueryString["ID"].ToString());
                com.ExecuteNonQuery();
                audlog.AuditLogAdmin(DE.Encrypt("Editing a Student's Password"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Edited by IT Admin "
                                                                                                                                      + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));

                Response.Redirect("IDStudentList.aspx");
            }
        }
    }
Ejemplo n.º 12
0
        public async Task <AppWrapper <User> > AuthenticateAsync(string username, string password)
        {
            var encodedPass   = Cryptic.Encrypt(password, this._secretKey);
            var queryResponse = await _repo.GetUserAsync(username);

            if (!queryResponse.Success)
            {
                return(queryResponse);
            }

            var user = queryResponse.Data;

            if (user == null)
            {
                return(new AppWrapper <User>(null));
            }

            if (user.Password != encodedPass)
            {
                Console.WriteLine($"DB PASS: {user.Password}");
                Console.WriteLine($"LOGIN PASS: {encodedPass}");
                return(new AppWrapper <User>(
                           new ArgumentException("Password does not match the one found on file"), "Bad credentials"));
            }

            return(new AppWrapper <User>(user));
        }
Ejemplo n.º 13
0
    void GetSections()
    {
        int statID = HomeroomStatID(int.Parse(Request.QueryString["ID"].ToString()));

        using (SqlConnection Rikka = new SqlConnection(Dekomori.GetConnection()))
        {
            Rikka.Open();
            Cryptic DE = new Cryptic();

            if (statID == 2)
            {
                string Takanashi = @"SELECT Section_ID, Section_Name + ' - ' + Year_Level AS 'Section Name' FROM SECTION WHERE HomeStat!=1";
                using (SqlCommand WickedEye = new SqlCommand(Takanashi, Rikka))
                {
                    using (SqlDataReader Chuu2 = WickedEye.ExecuteReader())
                    {
                        ddlSection.DataSource     = Chuu2;
                        ddlSection.DataTextField  = "Section Name";
                        ddlSection.DataValueField = "Section_ID";
                        ddlSection.DataBind();

                        ddlSection.Items.Insert(0, new ListItem("Select a Section.", ""));
                    }
                }
            }
            else
            {
                ddlSection.Items.Insert(0, new ListItem("Cannot select a section.", ""));
            }
        }
    }
Ejemplo n.º 14
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection Rikka = new SqlConnection(Dekomori.GetConnection()))
        {
            Util    audlog = new Util();
            Cryptic DE     = new Cryptic();
            Rikka.Open();
            string Takanashi = @"UPDATE TEACHER_MAIN SET Section_ID=@Section_ID, HomeroomStat_ID=@HID WHERE
                                Teacher_ID=@Teacher_ID

                                UPDATE SECTION SET HomeStat=@HomeID WHERE Section_ID=@Sec_ID";


            using (SqlCommand WickedEye = new SqlCommand(Takanashi, Rikka))
            {
                WickedEye.Parameters.AddWithValue("@Admin_ID", Session["Admin_ID"].ToString());

                //Subject
                WickedEye.Parameters.AddWithValue("@Section_ID", ddlSection.Text);
                WickedEye.Parameters.AddWithValue("@HID", 1);

                WickedEye.Parameters.AddWithValue("@Teacher_ID", Request.QueryString["ID"].ToString());

                WickedEye.Parameters.AddWithValue("@HomeID", 1);
                WickedEye.Parameters.AddWithValue("@Sec_ID", ddlSection.Text);

                WickedEye.ExecuteNonQuery();

                //Nathaniel Collins S. Ortiz
                audlog.AuditLogAdmin(DE.Encrypt("Assigning Faculty with Homeroom Adviser"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Faculty assigned by Principal "
                                                                                                                                                 + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                Response.Redirect("FacultyList.aspx");
            }
        }
    }
Ejemplo n.º 15
0
    protected void lvFaculty_ItemCommand(object sender, ListViewCommandEventArgs e)
    {
        Literal ltTeacherID = (Literal)e.Item.FindControl("ltTeacherID");
        Cryptic DE          = new Cryptic();
        Util    audlog      = new Util();

        if (e.CommandName == "delTeach")
        {
            using (SqlConnection con = new SqlConnection(Util.GetConnection()))
            {
                con.Open();
                string DELETE = @"DELETE FROM TEACHER_MAIN WHERE Teacher_ID=@TID";
                using (SqlCommand Nero = new SqlCommand(DELETE, con))
                {
                    Nero.Parameters.AddWithValue("@TID", ltTeacherID.Text);
                    Nero.ExecuteNonQuery();
                    audlog.AuditLogAdmin(DE.Encrypt("Deleting a Faculty"), int.Parse(Session["admin_id"].ToString()), DE.Encrypt("Deleted by IT Admin "
                                                                                                                                 + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                }
            }
        }
        else if (e.CommandName == "updateTeach")
        {
        }
        GetFaculty();
    }
Ejemplo n.º 16
0
    protected void btnUpload_Click(object sender, EventArgs e)
    {
        Util    audlog = new Util();
        Cryptic DE     = new Cryptic();

        using (SqlConnection con = new SqlConnection(Util.GetConnection()))
        {
            con.Open();
            string SQL = @"UPDATE GRADE_INFO SET Grade_Value=@GV WHERE Grade_ID=@GID";

            using (SqlCommand cmd = new SqlCommand(SQL, con))
            {
                cmd.Parameters.AddWithValue("@GID", Request.QueryString["ID"].ToString());

                cmd.Parameters.AddWithValue("@TID", Session["Teacher_ID"].ToString());

                cmd.Parameters.AddWithValue("@GV", txtGrade.Text);

                cmd.ExecuteNonQuery();
                audlog.AuditLogAdmin(DE.Encrypt("Edit Grade"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Edited by Teacher "
                                                                                                                    + Session["teacher_firstname"].ToString() + " " + Session["teacher_middlename"].ToString() + Session["teacher_lastname"].ToString()));
                Response.Redirect("ViewGrade.aspx");
            }
        }
    }
Ejemplo n.º 17
0
    //WickedEye.CommandText = "SELECT COUNT(*) from SUBJECT_MAIN ";
    //          Int32 count = (Int32)WickedEye.ExecuteScalar();

    //void Count()
    //{
    //    using (SqlConnection con = new SqlConnection(Util.GetConnection()))
    //    {
    //        con.Open();
    //        string pleasefortheloveofgodwok = "SELECT COUNT(*) from SUBJECT_MAIN where Teacher_ID=@TID";
    //        using (SqlCommand com = new SqlCommand(pleasefortheloveofgodwok, con))
    //        {
    //            com.Parameters.AddWithValue("@TID", ddlTeacher.Text);
    //            com.ExecuteNonQuery();

    //        }

    //    }

    //}

    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection Rikka = new SqlConnection(Dekomori.GetConnection()))
        {
            Util    audlog = new Util();
            Cryptic DE     = new Cryptic();
            Rikka.Open();
            string     Takanashi = @"UPDATE SUBJECT_MAIN SET Teacher_ID=@Teacher_ID WHERE
                                Subject_ID=@Subject_ID";
            string     gg        = "SELECT COUNT(Teacher_ID) from SUBJECT_MAIN where Teacher_ID= '" + ddlTeacher.Text + "'";
            SqlCommand com       = new SqlCommand(gg, Rikka);
            int        count     = Convert.ToInt32(com.ExecuteScalar().ToString());

            using (SqlCommand WickedEye = new SqlCommand(Takanashi, Rikka))
            {
                WickedEye.Parameters.AddWithValue("@Admin_ID", Session["Admin_ID"].ToString());
                //Subject
                WickedEye.Parameters.AddWithValue("@Teacher_ID", ddlTeacher.Text);
                WickedEye.Parameters.AddWithValue("@Subject_ID", Request.QueryString["ID"].ToString());


                if (count == 2)
                {
                    error.Visible = true;
                }
                else
                {
                    WickedEye.ExecuteNonQuery();
                    Rikka.Close();
                    audlog.AuditLogAdmin(DE.Encrypt("Assigning Faculty with Subject"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Faculty assigned by Principal "
                                                                                                                                            + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));

                    Session["add"] = add.Text;
                    Response.Redirect("ViewSubject.aspx");
                }
                //SqlDataReader dr = WickedEye.ExecuteReader();
                //int count=2;
                //if (dr.HasRows)
                //{
                //    while (dr.Read())
                //    {
                //    }
                //}
                //else
                //{
                //    error.Visible = true;
                //}



                //Nathaniel Collins S. Ortiz
            }
        }
    }
Ejemplo n.º 18
0
 protected void lvAudit_ItemDataBound(object sender, ListViewItemEventArgs e)
 {
     if (e.Item.ItemType == ListViewItemType.DataItem)
     {
         Cryptic cs      = new Cryptic();
         Label   Title   = (Label)e.Item.FindControl("Title");
         Label   Desc    = (Label)e.Item.FindControl("Description");
         String  dcTitle = cs.Decrypt(Title.Text);
         String  dcDesc  = cs.Decrypt(Desc.Text);
         Title.Text = dcTitle;
         Desc.Text  = dcDesc;
     }
 }
Ejemplo n.º 19
0
    protected void lvFaculty_ItemCommand(object sender, ListViewCommandEventArgs e)
    {
        Literal ltTeacherID = (Literal)e.Item.FindControl("ltTeacherID");
        Literal ltSectionID = (Literal)e.Item.FindControl("ltSectionID");


        Cryptic DE     = new Cryptic();
        Util    audlog = new Util();

        if (e.CommandName == "delTeach")
        {
            using (SqlConnection con = new SqlConnection(Util.GetConnection()))
            {
                con.Open();
                string DELETE = @"DELETE FROM TEACHER_MAIN WHERE Teacher_ID=@TID";
                using (SqlCommand Nero = new SqlCommand(DELETE, con))
                {
                    Nero.Parameters.AddWithValue("@TID", ltTeacherID.Text);
                    Nero.ExecuteNonQuery();
                    audlog.AuditLogAdmin(DE.Encrypt("Deleting a Faculty"), int.Parse(Session["admin_id"].ToString()), DE.Encrypt("Deleted by Principal "
                                                                                                                                 + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                }
            }
        }
        else if (e.CommandName == "delAdv")
        {
            using (SqlConnection con = new SqlConnection(Util.GetConnection()))
            {
                con.Open();
                string UPDATE = @"UPDATE SECTION SET HomeStat=@HomeID WHERE Section_ID=@Sec_ID
                                  
                                UPDATE TEACHER_MAIN SET Section_ID=@Section_ID, HomeroomStat_ID=@HID WHERE
                                Teacher_ID=@TID";

                using (SqlCommand Nero = new SqlCommand(UPDATE, con))
                {
                    Nero.Parameters.AddWithValue("@TID", ltTeacherID.Text);
                    Nero.Parameters.AddWithValue("@HomeID", 2);

                    Nero.Parameters.AddWithValue("@Sec_ID", ltSectionID.Text);
                    Nero.Parameters.AddWithValue("@Section_ID", 21);
                    Nero.Parameters.AddWithValue("@HID", 2);

                    Nero.ExecuteNonQuery();
                    audlog.AuditLogAdmin(DE.Encrypt("Removed adviser status"), int.Parse(Session["admin_id"].ToString()), DE.Encrypt("Removed by "
                                                                                                                                     + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));
                }
            }
        }
        GetFaculty();
    }
Ejemplo n.º 20
0
        public async Task <IActionResult> Create(User user)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest());
            }

            user.password = Cryptic.GetHash(user.password);
            _context.Users.Add(user);
            await _context.SaveChangesAsync();

            user.password = "";
            return(CreatedAtAction(nameof(GetById), new { id = user.Id }, user));
        }
Ejemplo n.º 21
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        using (SqlConnection Rikka = new SqlConnection(Dekomori.GetConnection()))
        {
            Util    audlog = new Util();
            Cryptic DE     = new Cryptic();
            Rikka.Open();
            string Takanashi = @"UPDATE SCHEDULE SET Subject_ID=@Subject_ID WHERE
                                ScheduleID=@ScheduleID";

            string time = @"UPDATE SCHEDULE SET Timeslot_ID=@Timeslot_ID WHERE
                                 ScheduleID=@ScheduleID";

            string     validate = @"SELECT COUNT (Section_ID) FROM SCHEDULE WHERE Timeslot_ID = '" + ddlTime.Text + "' ";
            SqlCommand con      = new SqlCommand(validate, Rikka);
            int        count    = Convert.ToInt32(con.ExecuteScalar().ToString());

            using (SqlCommand WickedEye = new SqlCommand(Takanashi, Rikka))
            {   //Nathaniel Collins S. Ortiz
                WickedEye.Parameters.AddWithValue("@Admin_ID", Session["Admin_ID"].ToString());

                //Subject
                WickedEye.Parameters.AddWithValue("@Subject_ID", ddlSubject.Text);
                WickedEye.Parameters.AddWithValue("@ScheduleID", Request.QueryString["ID"].ToString());
                WickedEye.ExecuteNonQuery();
            }
            using (SqlCommand cmd = new SqlCommand(time, Rikka))
            {
                //Time
                cmd.Parameters.AddWithValue("@Timeslot_ID", ddlTime.Text);
                cmd.Parameters.AddWithValue("@ScheduleID", Request.QueryString["ID"].ToString());

                if (count == 1)
                {
                    error.Visible = true;
                }
                else
                {
                    cmd.ExecuteNonQuery();
                    //Nathaniel Collins S. Ortiz V
                    audlog.AuditLogAdmin(DE.Encrypt("Edit Schedule"), int.Parse(Session["admin_id"].ToString()), DE.Encrypt("Schedule has been Edited by "
                                                                                                                            + Session["first_name"].ToString() + " " + Session["middle_name"].ToString() + " " + Session["last_name"].ToString()));

                    Session["addsub"] = error.Text;
                    Response.Redirect("Schedule.aspx");
                }
            }
        }
    }
Ejemplo n.º 22
0
        public async Task <ActionResult <User> > Validate(User user)
        {
            //Ideally this should be in different controller

            if (!ModelState.IsValid)
            {
                return(BadRequest());
            }
            var founduser = await _context.Users.Where(o => o.Name == user.Name).FirstOrDefaultAsync();

            if (founduser != null && (Cryptic.GetHash(user.password) == founduser.password))
            {
                user.password = "";
                return(user);
            }

            return(NotFound());
        }
Ejemplo n.º 23
0
    protected void btnUpload_Click(object sender, EventArgs e)
    {
        int gradeStatus = GradeStatus();
        int sy          = SY();
        int quarter     = Quarter();

        if (gradeStatus == 1)
        {
            using (SqlConnection con = new SqlConnection(Util.GetConnection()))
            {
                Util    audlog = new Util();
                Cryptic DE     = new Cryptic();
                con.Open();
                string SQL = @"INSERT INTO GRADE_INFO(Student_ID, Teacher_ID, Grade_Value, SY, Quarter, Subject_ID) 
                            VALUES (@SID, @TID, @Grade_Value, @SY, @Quarter, @Subject_ID)";

                using (SqlCommand cmd = new SqlCommand(SQL, con))
                {
                    cmd.Parameters.AddWithValue("@SID", Request.QueryString["ID"].ToString());

                    cmd.Parameters.AddWithValue("@TID", Session["Teacher_ID"].ToString());

                    cmd.Parameters.AddWithValue("@Grade_Value", txtGrade.Text);


                    cmd.Parameters.AddWithValue("@SY", sy);

                    cmd.Parameters.AddWithValue("@Quarter", quarter);
                    cmd.Parameters.AddWithValue("@Subject_ID", ddlSubject.Text);


                    cmd.ExecuteNonQuery();
                    audlog.AuditLogAdmin(DE.Encrypt("Add Grade"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Added by Teacher "
                                                                                                                       + Session["teacher_firstname"].ToString() + " " + Session["teacher_middlename"].ToString() + Session["teacher_lastname"].ToString()));
                    Response.Redirect("StudentList.aspx");
                }
            }
        }

        else
        {
            error.Visible = true;
        }
    }
Ejemplo n.º 24
0
        /// <summary>
        /// Creates an encryption key and ensures we can't access the decryption key
        /// </summary>
        /// <returns>Crypto engine</returns>
        private static Cryptic CreateEncryptKey()
        {
            Console.Clear();
            Console.Error.Write("Create new encryption key...");
            Cryptic C = new Cryptic();

            C.CreateKey();
            //Export public as-is. You can't decrypt with this
            File.WriteAllBytes("public.bin", C.ExportKey(false));
            Cryptic Temp = new Cryptic();

            Temp.ImportKey(File.ReadAllBytes("master.bin"));
            //Export the private key encrypted. You can't decrypt with this either because the key itself is encrypted.
            File.WriteAllBytes("private.bin", Temp.Crypt(C.ExportKey(true)));
            SC((int)ConsoleColor.Green);
            Console.Error.WriteLine("[DONE]");
            RC();
            return(C);
        }
Ejemplo n.º 25
0
    //Nathaniel Collins S. Ortiz
    public void AuditLogAdmin(string Title, int AdminID, string Description)
    {
        Cryptic cs = new Cryptic();

        SqlConnection con = new SqlConnection(GetConnection());
        string        SQL = @"INSERT INTO AUDIT_LOG_ADMIN VALUES(@UserID,@TimeStamp,@Title,@Description)";

        con.Open();

        using (SqlCommand com = new SqlCommand(SQL, con))
        {
            com.Parameters.AddWithValue("@UserID", AdminID);
            com.Parameters.AddWithValue("@TimeStamp", DateTime.Now);
            com.Parameters.AddWithValue("@Title", Title);
            com.Parameters.AddWithValue("@Description", Description);
            com.ExecuteNonQuery();
        }
        con.Close();
    }
Ejemplo n.º 26
0
        /// <summary>
        /// Decrypts the first encrypted file again as a proof of concept
        /// </summary>
        /// <param name="C">Crypto engine</param>
        private static void DecryptFirstFile(Cryptic C)
        {
            Console.Clear();
            Console.Error.Write("Decrypting first file...");
            if (File.Exists("Document_0.txt.crytest"))
            {
                File.WriteAllBytes("Docuemnt_0.txt", C.Decrypt(File.ReadAllBytes("Document_0.txt.crytest")));
            }
            else
            {
                SC((int)ConsoleColor.Red);
                Console.Error.WriteLine(@"[ERR]
The encrypted file was deleted already.");
                RC();
                return;
            }
            SC((int)ConsoleColor.Green);
            Console.Error.WriteLine("[DONE]");
            RC();
        }
Ejemplo n.º 27
0
    void GetAuditAdmin()
    {
        Cryptic cs = new Cryptic();

        using (SqlConnection con = new SqlConnection(Util.GetConnection()))
        {
            con.Open();
            string Audit = @"Select Audit_ID,Time_Stamp,Title,Description FROM AUDIT_LOG_ADMIN";
            using (SqlCommand com = new SqlCommand(Audit, con))
            {
                using (SqlDataAdapter da = new SqlDataAdapter(com))
                {
                    DataSet ds = new DataSet();
                    da.Fill(ds, "AuditStudent");
                    lvAudit.DataSource = ds;
                    lvAudit.DataBind();
                }
            }
        }
    }
Ejemplo n.º 28
0
        public static void Initialize(UserContext context)
        {
            if (!context.Users.Any())
            {
                context.Users.AddRange(
                    new User
                {
                    Name     = "Madison",
                    password = Cryptic.GetHash("Secret")
                },
                    new User
                {
                    Name     = "Randy",
                    password = Cryptic.GetHash("Secret2")
                }
                    );;;;

                context.SaveChanges();
            }
        }
Ejemplo n.º 29
0
    void GetStatus()
    {
        using (SqlConnection Rikka = new SqlConnection(Dekomori.GetConnection()))
        {
            Rikka.Open();
            Cryptic DE = new Cryptic();

            string Takanashi = @"SELECT Grade_StatusID, Description FROM GRADE_INPUT_STAT ";
            using (SqlCommand WickedEye = new SqlCommand(Takanashi, Rikka))
            {
                using (SqlDataReader Chuu2 = WickedEye.ExecuteReader())
                {
                    ddlStatus.DataSource     = Chuu2;
                    ddlStatus.DataTextField  = "Description";
                    ddlStatus.DataValueField = "Grade_StatusID";
                    ddlStatus.DataBind();

                    ddlStatus.Items.Insert(0, new ListItem("Enable or Disable Grade Encoding.", ""));
                }
            }
        }
    }
Ejemplo n.º 30
0
    protected void lvAnnouncement_ItemCommand(object sender, ListViewCommandEventArgs e)
    {
        Util    audlog            = new Util();
        Cryptic DE                = new Cryptic();
        Literal ltAnnouncement_ID = (Literal)e.Item.FindControl("ltAnnouncement_ID");

        if (e.CommandName == "delfile")
        {
            using (SqlConnection con = new SqlConnection(Util.GetConnection()))
            {
                con.Open();
                string DELETE = @"DELETE FROM ANNOUNCEMENT WHERE Announcement_ID=@Announcement_ID";
                using (SqlCommand Nero = new SqlCommand(DELETE, con))
                {
                    Nero.Parameters.AddWithValue("@Announcement_ID", ltAnnouncement_ID.Text);
                    Nero.ExecuteNonQuery();
                    audlog.AuditLogAdmin(DE.Encrypt("Delete Announcements"), int.Parse(Session["user_id"].ToString()), DE.Encrypt("Delete by Student "
                                                                                                                                  + Session["teacher_firstname"].ToString() + " " + Session["teacher_middlename"].ToString() + Session["teacher_lastname"].ToString()));
                }
            }
        }
    }