Example #1
0
 public Startup(IConfiguration configuration)
 {
     Configuration    = configuration;
     uid              = MysqlLogins.getMySqlUser();
     pwd              = MysqlLogins.getMySqlPass();
     connectionString = "server=localhost; uid=" + uid + "; pwd=" + pwd + ";";
 }
        public void OnGet()
        {
            DBHandler       db     = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass()));
            string          query  = "SELECT * FROM counselors;";
            MySqlDataReader reader = db.performQuery(query);

            counselers = new List <Database_Tables_Classes.Counselers>();
            while (reader.Read())
            {
                counselers.Add(new Database_Tables_Classes.Counselers(reader.GetInt32("counselorID"), reader.GetInt32("userID")));
            }
        }
Example #3
0
        public IActionResult OnPostLogin(string user, string pass)
        {
            string          query = "SELECT username, password, userID, roleID FROM user WHERE username='******' AND password='******';";
            DBHandler       db    = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass())); // change to username and password later
            MySqlDataReader reader;

            try
            {
                reader = db.performQuery(query);
                if (reader == null)
                {
                    Error = "Could not Query. reader is null";

                    return(Page());
                }
                else if (!reader.HasRows)
                {
                    Error = "Could not Login. Bad username or password";

                    return(Page());
                }
                else
                {
                    reader.Read();
                    CurrentLogged.login(reader.GetString("username"), reader.GetInt32("userID"), reader.GetInt32("roleID"));
                    return(Redirect("Account"));
                }
            }
            catch (Exception e)
            {
                Error = "Error Querying Database" + db.getError();
                return(Page());
            }
        }
Example #4
0
        public IActionResult OnPostDonation(string name, string description, string quantity)
        {
            int quantityValue;

            if (!int.TryParse(quantity, out quantityValue))
            {
                Error = "Quantity needs to be a number value";
                return(Page());
            }
            if (name == null || description == null || quantityValue == null)
            {
                Error = "error, no fields can be left blank";
                return(Page());
            }
            else
            {
                DBHandler       db    = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass()));
                string          query = "INSERT INTO transactions(name, description, userID, time, roleID, QUANTITY) VALUES ('" + name + "', '" + description + "', '" + CurrentLogged.getID() + "', '" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "', '" + CurrentLogged.getRole() + "', '" + quantityValue + "');";
                MySqlDataReader reader;

                try
                {
                    reader = db.performQuery(query);
                    if (reader == null)
                    {
                        Error = "can not perform query";
                        return(Page());
                    }
                }
                catch (Exception e)
                {
                    Error = "Could not perform query";
                    return(Page());
                }
            }


            return(Redirect("Account"));
        }
Example #5
0
        public Tutors(int tID, int uID, string subject)
        {
            this.tutorID = tID;
            this.userID  = uID;
            this.subject = subject;
            DBHandler       db     = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass()));
            string          query  = "SELECT user.name, user.email FROM user INNER JOIN tutors ON user.userID=tutors.userID WHERE tutors.userID='" + uID + "';";
            MySqlDataReader reader = db.performQuery(query);

            reader.Read();
            name  = reader.GetString("name");
            email = reader.GetString("email");
        }
Example #6
0
        private bool emailValidation(string email)
        {
            Error = "Not valid email";
            if (email == null)
            {
                Error = "Email is null";
                return(false);
            }

            bool validEmailCheck = false;

            for (int i = 0; i < email.Length; i++)
            {
                if (email[i] == '@')
                {
                    validEmailCheck = true;
                    Error           = "The Valid email";
                }
            }

            if (!validEmailCheck)
            {
                return(false);
            }

            string          query = "SELECT email FROM user WHERE email='" + email + "';";
            DBHandler       db    = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass()));
            MySqlDataReader reader;

            try
            {
                reader = db.performQuery(query);
                if (reader.HasRows)
                {
                    Error = "Username already in use";

                    return(false);
                }
            }
            catch (Exception e)
            {
                Error = "could not query DB";
                return(false);
            }


            Error = "Valid email";
            return(true);
        }
        public Counselers(int cID, int uID)
        {
            this.counselerID = cID;
            this.userID      = uID;
            DBHandler       db     = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass()));
            string          query  = "SELECT user.name, user.email FROM user INNER JOIN counselors ON user.userID=counselors.userID WHERE counselors.userID='" + uID + "';";
            MySqlDataReader reader = db.performQuery(query);

            reader.Read();
            name  = reader.GetString("name");
            email = reader.GetString("email");
        }
Example #8
0
        public IActionResult OnPostPromote(string user)
        {
            if (CurrentLogged.getRole() == 1)
            {
                Error = "You are not authorized to promote users";
                return(Page());
            }
            DBHandler       db     = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass()));
            string          query  = "SELECT username FROM user WHERE username='******';";
            MySqlDataReader reader = db.performQuery(query);

            Error = "Unknown error occured";
            if (!reader.HasRows)
            {
                Error = "No user found";
            }
            else
            {
                query  = "UPDATE user SET roleID = '" + CurrentLogged.getRole() + "' WHERE username='******';";
                reader = db.performQuery(query);
                Error  = "Update successful";
            }

            username = CurrentLogged.getUsername();
            return(Page());
        }
        public static string getPassword()
        {
            string[] splited;
            splited = getLoginInfo().Split(',');
            DBHandler db = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass()));

            splited = null;
            string          query  = "SELECT password FROM user WHERE userID='" + userID + "';";
            MySqlDataReader reader = db.performQuery(query);

            reader.Read();
            return(reader.GetString("password"));
        }