Ejemplo n.º 1
0
        public static string complite_transaction(AccessControl.AccessManager mgr, Guid tr_idx, Decimal money, string url_template)
        {
            Shop.shop_transaction ds = new Shop.shop_transaction();
            Shop.shop_transactionTableAdapters.shop_transactionTableAdapter ta = new Shop.shop_transactionTableAdapters.shop_transactionTableAdapter();
            ta.Connection = (System.Data.SqlClient.SqlConnection)mgr.Connection;
            ta.FillByIdx(ds._shop_transaction, tr_idx);
            if (ds._shop_transaction.Rows.Count == 0)
            {
                throw new System.Exception("No such transaction: " + tr_idx.ToString());
            }
            if (ds._shop_transaction[0].amount != money)
            {
                throw new System.Exception("You pay - " + money.ToString() + " but must - " + ds._shop_transaction[0].amount.ToString());
            }
            ds._shop_transaction[0].complited = DateTime.Now;
            ds._shop_transaction[0].state     = 1;
            ta.Update(ds._shop_transaction[0]);

            String type = ds._shop_transaction[0].type.Trim();

            purchase(mgr, ds._shop_transaction[0].idx, type, ds._shop_transaction[0].package_idx, ds._shop_transaction[0].amount);

            return(String.Format(url_template, ds._shop_transaction[0].idx, type, ds._shop_transaction[0].package_idx));
        }
Ejemplo n.º 2
0
        public static string show_user_basket(System.Data.SqlClient.SqlConnection conn, System.Web.HttpRequest req, AccessControl.AccessManager access_manager, System.Data.SqlClient.SqlTransaction tr)
        {
            System.Guid guididix = new System.Guid(req["guididx"]);

            Shop.shop_sold_item sold_items = new Shop.shop_sold_item();
            Shop.shop_sold_itemTableAdapters.shop_sold_itemTableAdapter ta = new Shop.shop_sold_itemTableAdapters.shop_sold_itemTableAdapter();
            ta.Connection = (System.Data.SqlClient.SqlConnection)access_manager.Connection;
            ta.FillByOwner(sold_items._shop_sold_item, guididix);

            Shop.shop_sold_item sold_items_sorted = sort_sold_items(sold_items);

            string left = "<form name='to_delete_items'><table border=0 cellpadding=0 cellspacing=0>";

            left += "<tr><td colspan='5'>Bought items</td></tr>";


            foreach (Shop.shop_sold_item.shop_sold_itemRow r in sold_items_sorted._shop_sold_item)
            {
                left += "<tr>";
                left += String.Format("<td><input type='checkbox' class='itt' style='border: none;' value='{0}' name='to_del_idx_{0}'/></td>", r.idx);
                left += String.Format("<td><img width='16' height='16' src='i/{0}'/></td>", (r.is_expired() || r.is_depleted())?"expired.gif":"blank.gif");
                string img = String.Format("<img width='16' height='16' src='i/{0}'/>", ((r.type == 1) ? "package.gif":(r.type == 2?"test.gif":"pdf.gif")));

                if (r.type != 1 && r.parent != -1)
                {
                    left += "<td width='10'>&nbsp;</td><td>" + img + r.name + "</td>";
                }
                else
                {
                    left += "<td colspan='2'>" + img + r.name + "</td>";
                }
                left += "</tr>";
            }
            if (sold_items_sorted._shop_sold_item.Rows.Count != 0)
            {
                left += "<tr><td colspan='5'><input value='Delete' type='button' style='itt' onclick='javascript:delete_bought_items();'></td></tr>";
            }

            left += "<tr><td colspan='5'><input type='hidden' name='guididx' value='" + guididix.ToString() + "'/></td></tr>";
            left += "</table></form>";

            //////////////////////////////////////////////////////////////////////////////////////////////

            string right = "<form name='to_purchase_items'><table border=0 cellpadding=0 cellspacing=0>";

            right += "<tr><td colspan='2'>Shop items</tr>";
            Shop.binded_tests bt = new Shop.binded_tests();
            Shop.binded_testsTableAdapters.binded_testsTableAdapter bta = new Shop.binded_testsTableAdapters.binded_testsTableAdapter();
            bta.Connection = conn;
            bta.Fill(bt._binded_tests);

            Shop.shop_item sh = new Shop.shop_item();
            Shop.shop_itemTableAdapters.shop_itemTableAdapter sha = new Shop.shop_itemTableAdapters.shop_itemTableAdapter();
            sha.Connection = conn;
            sha.Fill(sh._shop_item);

            foreach (shop_item.shop_itemRow r in sh._shop_item.Rows)
            {
                right += build_pdescr(r, bt);
            }


            right += "<tr><td colspan='2'><input value='Add to user' type='button' style='itt' onclick='javascript:add_selected_items();'></td></tr>";
            if (sh._shop_item.Rows.Count != 0)
            {
                right += "<tr><td colspan='2'><input type='hidden' name='guididx' value='" + guididix.ToString() + "'/></td></tr>";
            }
            right += "</table></form>";
            //////////////////////////////////////////////////////////////////////////////////////////////
            return("<table width='100%' border=0><tr><td valign='top' width='50%'>" + left + "</td><td width='50%' valign='top'>" + right + "</td></tr></table>");
        }
Ejemplo n.º 3
0
        public static string purchase_items(System.Data.SqlClient.SqlConnection conn, System.Web.HttpRequest req, AccessControl.AccessManager access_manager, System.Data.SqlClient.SqlTransaction tr)
        {
            Guid guididx = new Guid(req["guididx"]);

            foreach (string key in req.Params.AllKeys)
            {
                if (key.IndexOf("buy_it_") != 0)
                {
                    continue;
                }
                //lst.Add(Int32.Parse(req[key]));
                String[] spl = req[key].Split('_');

                purchase_(access_manager, access_manager.Connection, guididx, Int32.Parse(spl[0]), code2type(Int32.Parse(spl[1])), Int32.Parse(spl[2]), 0);
            }
            return(show_user_basket(conn, req, access_manager, tr));
        }
Ejemplo n.º 4
0
        public static void check_sold_item(AccessControl.AccessManager mgr, int idx, string type, int package_idx)
        {
            shop_itemTableAdapters.shop_itemTableAdapter ta = new shop_itemTableAdapters.shop_itemTableAdapter();
            ta.SqlConnection = (System.Data.SqlClient.SqlConnection)mgr.Connection;

            Shop.shop_sold_itemTableAdapters.shop_sold_itemTableAdapter si_ta = new Shop.shop_sold_itemTableAdapters.shop_sold_itemTableAdapter();
            si_ta.SqlConnection = (System.Data.SqlClient.SqlConnection)mgr.Connection;


            shop_item.shop_itemDataTable p = ta.GetRowByIdx(package_idx);
            if (0 == p.Rows.Count)
            {
                throw new System.Exception("Has no such package");
            }

            Shop.shop_sold_item.shop_sold_itemDataTable psi = si_ta.GetByItt(package_idx, type2code("group"), mgr.UserGuid);
            if (psi.Rows.Count == 0 && "group" == type)
            {
                throw new System.Exception("Package was not bought");
            }

            if (type != "group")
            {
                Shop.shop_sold_item.shop_sold_itemDataTable csi = si_ta.GetByItt(idx, type2code(type), mgr.UserGuid);
                // let's merge

                foreach (Shop.shop_sold_item.shop_sold_itemRow r in csi)
                {
                    if (r.sold_at == r.expires_at)
                    {
                        csi[0].sold_at = csi[0].expires_at;
                    }
                }

                if (p[0].limit != 0)
                {
                    if (psi.Rows.Count == 0)
                    {
                        throw new System.Exception("Unexpected condition");
                    }
                    bool has_nb = false;
                    if (csi.Rows.Count != 0)
                    {
                        foreach (Shop.shop_sold_item.shop_sold_itemRow i in csi)
                        {
                            if (i.parent == psi[0].idx)
                            {
                                has_nb = true;
                            }
                        }
                    }

                    if (!has_nb)
                    {
                        // item is selected from the limited package
                        if (psi[0].use_count == psi[0].sold_count)
                        {
                            throw new System.Exception("Limit reached");
                        }
                        purchase(mgr, idx, type, package_idx, 0);
                        psi[0].use_count++;
                        si_ta.Update(psi);
                        return;
                    }
                }
                if (csi.Rows.Count == 0)
                {
                    throw new System.Exception("Item was not bought");
                }

                if (csi[0].expires_at < DateTime.Now && csi[0].expires_at != csi[0].sold_at)
                {
                    mgr.revoke_access_to_function(String.Format("item_{0}_{1}", type, idx));
                    throw new System.Exception("Access time was expired");
                }
            }
        }
Ejemplo n.º 5
0
        public static string delete_bought_items(System.Data.SqlClient.SqlConnection conn, System.Web.HttpRequest req, AccessControl.AccessManager access_manager, System.Data.SqlClient.SqlTransaction tr)
        {
            System.Collections.Generic.List <int> lst = new System.Collections.Generic.List <int>();

            foreach (string key in req.Params.AllKeys)
            {
                if (key.IndexOf("to_del_idx_") != 0)
                {
                    continue;
                }
                lst.Add(Int32.Parse(req[key]));
            }
            if (lst.Count != 0)
            {
                SqlCommand cmd = conn.CreateCommand();
                cmd.Transaction = tr;
                foreach (int idx in lst)
                {
                    cmd.CommandText += String.Format("delete from shop_sold_item where idx={0};", idx);
                }
                cmd.ExecuteNonQuery();
            }

            return(show_user_basket(conn, req, access_manager, tr));
        }
Ejemplo n.º 6
0
        protected static void purchase_(AccessControl.AccessManager mgr, IDbConnection conn, Guid guididx, int idx, string type, int package_idx, decimal payed)
        {
            string s = String.Format("item_{0}_{1}", type, idx);


            shop_itemTableAdapters.shop_itemTableAdapter sh_it_ta = new shop_itemTableAdapters.shop_itemTableAdapter();
            sh_it_ta.SqlConnection = (System.Data.SqlClient.SqlConnection)(conn);

            shop_sold_itemTableAdapters.shop_sold_itemTableAdapter sh_sit_ta = new shop_sold_itemTableAdapters.shop_sold_itemTableAdapter();
            sh_sit_ta.SqlConnection = (System.Data.SqlClient.SqlConnection)(conn);

            shop_item.shop_itemDataTable p = sh_it_ta.GetRowByIdx(package_idx);
            if (p.Rows.Count == 0)
            {
                throw new System.Exception("No such item to purchase");
            }

            shop_sold_item.shop_sold_itemDataTable sh_sit = sh_sit_ta.GetData();
            shop_sold_item.shop_sold_itemDataTable p_sit  = sh_sit_ta.GetByItt(package_idx, 1, guididx);
            int prnt_idx = -1;

            // if item bought from a package we must select a package idx to bind to
            if (p_sit.Rows.Count != 0)
            {
                prnt_idx = p_sit[0].idx;
            }

            string name = "";

            if ("group" == type)
            {
                name = "Access to package: " + get_package_name_id_((System.Data.SqlClient.SqlConnection)conn, null, idx);

                int pidx_ = -1;

                if (p[0]["parent_idx"].GetType() != typeof(System.DBNull))
                {
                    pidx_ = p[0].parent_idx;
                }

                sh_sit.Addshop_sold_itemRow(p[0].idx, DateTime.Now, DateTime.Now.AddMinutes(p[0].expires_after), 0, p[0].limit, guididx, (int)1, 0, p[0].name, pidx_, payed);
                payed = 0;

                int prn = sh_sit[sh_sit.Rows.Count - 1].idx;

                {
                    mgr.check_function_and_group(s, "Access to " + name);
                    mgr.grant_access_to_function(s);
                }

                // for unlimited package we must grant access to all it's contents
                if (p[0].limit == 0)
                {
                    System.Collections.ArrayList arr = get_item_cont_by_idx((System.Data.SqlClient.SqlConnection)(conn), null, idx);
                    foreach (System.Collections.Hashtable i in arr)
                    {
                        if (i["bound"] == null)
                        {
                            continue;
                        }
                        if (i["bound"].GetType() == typeof(System.DBNull))
                        {
                            continue;
                        }
                        if ((int)i["bound"] != idx)
                        {
                            continue;
                        }
                        if ((int)i["type"] == 2)
                        {
                            name = "Test: " + get_test_name_by_id_((System.Data.SqlClient.SqlConnection)conn, null, (int)i["idx"]);
                            string f = String.Format("item_{0}_{1}", "test", i["idx"]);
                            mgr.check_function_and_group(f, name);
                            mgr.grant_access_to_function(f);
                            //LogManager.GetLogger("Shop.purchase").WarnFormat("Access granted for '{0}' to {1}", mgr.UserLogin, name);
                            sh_sit.Addshop_sold_itemRow((int)i["idx"], DateTime.Now, DateTime.Now.AddMinutes(p[0].expires_after), 0, 0, guididx, (int)2, prn, i["name"].ToString(), p[0].idx, 0);
                        }
                        if ((int)i["type"] == 3)
                        {
                            name = "Download: " + get_download_name_by_id_((System.Data.SqlClient.SqlConnection)conn, null, (int)i["idx"]);
                            string f = String.Format("item_{0}_{1}", "download", i["idx"]);
                            mgr.check_function_and_group(f, name);
                            mgr.grant_access_to_function(f);
                            sh_sit.Addshop_sold_itemRow((int)i["idx"], DateTime.Now, DateTime.Now.AddMinutes(p[0].expires_after), 0, 0, guididx, (int)3, prn, i["name"].ToString(), p[0].idx, 0);
                            //LogManager.GetLogger("Shop.purchase").WarnFormat("Access granted for '{0}' to {1}", mgr.UserLogin, name);
                        }
                    }
                }
            }

            else if ("test" == type)
            {
                string nme = get_test_name_by_id_((System.Data.SqlClient.SqlConnection)conn, null, idx);
                sh_sit.Addshop_sold_itemRow(idx, DateTime.Now, DateTime.Now.AddMinutes(p[0].expires_after), 0, 0, guididx, (int)2, prnt_idx, nme, p[0].idx, payed);

                name = "Test: " + nme;
                mgr.check_function_and_group(s, name);
                mgr.grant_access_to_function(s);
            }
            else if ("download" == type)
            {
                string nme = get_download_name_by_id_((System.Data.SqlClient.SqlConnection)conn, null, idx);
                sh_sit.Addshop_sold_itemRow(idx, DateTime.Now, DateTime.Now.AddMinutes(p[0].expires_after), 0, 0, guididx, (int)3, prnt_idx, nme, p[0].idx, payed);
                name = "Download: " + nme;
                mgr.check_function_and_group(s, name);
                mgr.grant_access_to_function(s);
            }
            else
            {
                throw new System.Exception(String.Format("Unknown type: '{0}'", type));
            }

            sh_sit_ta.Update(sh_sit);
        }
Ejemplo n.º 7
0
 public static void purchase(AccessControl.AccessManager mgr, int idx, string type, int package_idx, decimal payed)
 {
     purchase_(mgr, mgr.Connection, mgr.UserGuid, idx, type, package_idx, payed);
 }
Ejemplo n.º 8
0
        public static string apply_contents(System.Data.SqlClient.SqlConnection conn, System.Web.HttpRequest req, AccessControl.AccessManager access_manager, System.Data.SqlClient.SqlTransaction tr)
        {
            System.Guid guididx = new System.Guid(req["guididx"]);
            SqlCommand  cmd     = conn.CreateCommand();

            cmd.Transaction = tr;

            cmd.CommandText = String.Format(
                @"
            delete from shop_item_tests where idx=(select idx from shop_item where guididx='{0}');
            delete from shop_item_pdfs where idx=(select idx from shop_item where guididx='{0}');
            update shop_item set parent_idx=null where parent_idx=(select idx from shop_item where guididx='{0}');
            
         "
                , guididx);
            System.Collections.Generic.List <int> tests = new System.Collections.Generic.List <int> ();
            for (int i = 0; i < req.Params.Keys.Count; ++i)
            {
                string key = req.Params.Keys[i];
                if (key.IndexOf("idx_", 0) == 0)
                {
                    string[] a = key.Substring(4).Split('_');
                    if (a[0] == "1")
                    {
                        cmd.CommandText += String.Format("update shop_item set parent_idx=(select idx from shop_item where guididx='{0}') where idx={1};\n", guididx, a[1]);
                    }
                    if (a[0] == "2")
                    {
                        cmd.CommandText += String.Format("insert into shop_item_tests (test_idx,idx) select {1},idx from shop_item where guididx='{0}';\n", guididx, a[1]);
                        tests.Add(Int32.Parse(a[1]));
                    }
                    if (a[0] == "3")
                    {
                        cmd.CommandText += String.Format("insert into shop_item_pdfs (pdf_idx,idx) select {1},idx from shop_item where guididx='{0}';\n", guididx, a[1]);
                        tests.Add(Int32.Parse(a[1]));
                    }
                }
            }

            cmd.ExecuteNonQuery();


            /*foreach(int testid in tests)
             * {
             * access_manager.check_function_and_group(String.Format("test_{0}",testid), get_test_name_by_id_(conn,tr,testid));
             * } */

            return(show_item_cont(conn, req, tr));
        }
Ejemplo n.º 9
0
        public static string item_click(System.Data.SqlClient.SqlConnection conn, System.Web.HttpRequest req, AccessControl.AccessManager access_manager, System.Data.SqlClient.SqlTransaction tr, string success_url, string fail_url)
        {
            int    idx  = Int32.Parse(req["idx"]);
            string type = req["type"];
            int    pkg  = Int32.Parse(req["pkg_idx"]);

            if (pkg == -1)
            {
                pkg = idx;
            }

            try
            {
                check_sold_item(access_manager, idx, type, pkg);
                return(String.Format(success_url, idx, type, pkg));
            }
            catch (System.Exception)
            {
                return(String.Format(fail_url, idx, type, pkg));
            }
        }
Ejemplo n.º 10
0
        public void ProcessRequest(HttpContext context)
        {
            //   Global.init_managers(session);
            System.Data.SqlClient.SqlTransaction tr = null;

            AccessControl.AccessManager am = null;
            try
            {
                if (null == context.Session["access_manager"])
                {
                    throw new System.Exception("Session must be started first...");
                }
                am = ((AccessControl.AccessManager)context.Session["access_manager"]);
            }
            catch (System.Exception ee)
            {
                context.Response.Write("error: " + ee.Message);
            }
            try
            {
                if (null == context.Request.Params["handler_name"])
                {
                    throw new System.Exception("Need function name to execute");
                }

                string function = context.Request.Params["handler_name"];

                System.Data.SqlClient.SqlConnection conn_ = (System.Data.SqlClient.SqlConnection)am.Connection;

                //tr=conn_.BeginTransaction();

                if (function != "StatisticCollector::updateResults")
                {
                    am.can_do(function);
                }
                //am.Transaction=tr;

                bool processed = false;
                if ("UserManager::reset_pwd" == function)
                {
                    context.Response.Write(AccessControl.UserManager.reset_pwd(am, context.Request));
                    processed = true;
                }
                if ("UserManager::check_login" == function)
                {
                    context.Response.Write(AccessControl.UserManager.check_login(am, context.Request));
                    processed = true;
                }

                if ("UserManager::show_user_info_" == function)
                {
                    context.Response.Write(AccessControl.UserManager.build_user_info_(am, context.Request));
                    processed = true;
                }
                if ("UserManager::apply_props_" == function)
                {
                    context.Response.Write(AccessControl.UserManager.apply_props_(am, context.Request));
                    processed = true;
                }
                if ("UserManager::apply_groups_" == function)
                {
                    context.Response.Write(AccessControl.UserManager.apply_groups_(am, context.Request));
                    processed = true;
                }
                if ("UserManager::show_group_info_" == function)
                {
                    context.Response.Write(AccessControl.UserManager.show_group_info_(am, context.Request));
                    processed = true;
                }
                if ("UserManager::apply_grants_" == function)
                {
                    context.Response.Write(AccessControl.UserManager.apply_grants_(am, context.Request));
                    processed = true;
                }

                if ("ShopManager::edit_item_descr" == function)
                {
                    context.Response.Write(Shop.ShopManager.show_item_descr(conn_, context.Request, tr));
                    processed = true;
                }
                if ("ShopManager::save_item_descr" == function)
                {
                    context.Response.Write(Shop.ShopManager.save_item_descr(conn_, context.Request, tr));
                    processed = true;
                }
                if ("ShopManager::show_item_cont" == function)
                {
                    context.Response.Write(Shop.ShopManager.show_item_cont(conn_, context.Request, tr));
                    processed = true;
                }
                if ("ShopManager::apply_contents" == function)
                {
                    context.Response.Write(Shop.ShopManager.apply_contents(conn_, context.Request, am, tr));
                    processed = true;
                }
                if ("ShopManager::item_click" == function)
                {
                    context.Response.Write(Shop.ShopManager.item_click(conn_, context.Request, am, tr, "StartTest.aspx?idx={0}&type={1}&pkg_idx={2}", "ajax:PayItem.aspx?idx={0}&type={1}&pkg_idx={2}"));
                    processed = true;
                }
                if ("UserManager::show_user_basket" == function)
                {
                    context.Response.Write(Shop.ShopManager.show_user_basket(conn_, context.Request, am, tr));
                    processed = true;
                }

                if ("ShopManager::delete_bought_items" == function)
                {
                    context.Response.Write(Shop.ShopManager.delete_bought_items(conn_, context.Request, am, tr));
                    processed = true;
                }
                if ("ShopManager::purchase_items" == function)
                {
                    context.Response.Write(Shop.ShopManager.purchase_items(conn_, context.Request, am, tr));
                    processed = true;
                }
                if ("CustomTestsLogic::list_types" == function)
                {
                    context.Response.ContentType = "text/xml";
                    context.Response.Write(GmatClubTest.BusinessLogic.CustomTestsLogic.list_types(conn_));
                    processed = true;
                }
                if ("CustomTestsLogic::list_subtypes" == function)
                {
                    context.Response.ContentType = "text/xml";
                    context.Response.Write(GmatClubTest.BusinessLogic.CustomTestsLogic.list_subtypes(conn_));
                    processed = true;
                }

                if ("CustomTestsLogic::list_questions" == function)
                {
                    context.Response.ContentType = "text/xml";
                    context.Response.Write(GmatClubTest.BusinessLogic.CustomTestsLogic.list_tests(conn_));
                    processed = true;
                }
                if ("CustomTestsLogic::list_q_in_test" == function)
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.Write(GmatClubTest.BusinessLogic.CustomTestsLogic.list_q_in_test(conn_, context.Request));
                    processed = true;
                }
                if ("CustomTestsLogic::create_test" == function)
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.Write(GmatClubTest.BusinessLogic.CustomTestsLogic.create_test(conn_, context.Request, am));
                    processed = true;
                }
                if ("StatisticCollector::updateResults" == function)
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.Write(GmatClubTest.BusinessLogic.StatisticCollector.updateResults((SqlConnection)conn_));
                    processed = true;
                }
                if ("StatisticCollector::rate_it" == function)
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.Write(GmatClubTest.BusinessLogic.StatisticCollector.rate_it((SqlConnection)conn_, context.Request));
                    processed = true;
                }

                am.Transaction = null;
                if (!processed)
                {
                    throw new System.Exception("No such handler:" + function);
                }
            }
            catch (System.Exception ee)
            {
                if (null != tr)
                {
                    tr.Rollback();
                }
                am.Transaction = null;
                context.Response.ContentType = "text/plain";
                context.Response.Write("error: " + ee.Message);
            }
        }