public bool SetVisibleRecord(long uniqueId, bool visible, DodoSession s) { bool ret = false; HttpContext context = DodoApplication.CurrentContext; int retErr = 0; int userId = ((DodoSession)context.Session).userId; using (var conn = CreateConnection()) { using (var cmd = conn.CreateCommand()) { cmd.CommandText = "update poweq1 set " + "visible = @visible, " + "modified = CURRENT_TIMESTAMP " + "where uniqueId = @uniqueId"; cmd.Parameters.AddWithValue("visible", visible); cmd.Parameters.AddWithValue("uniqueId", uniqueId); retErr = cmd.ExecuteNonQuery(); ret = true; } } return(ret); }
public override void OnAddSession(HttpContext context) { DodoSession session = null; if (context.Request.Form["email"] != null) { session = CurrentDb.CheckEmail( context.Request.Form["email"]); if (session == null) { throw new Exception("Email is not correct"); } } else { session = CurrentDb.CheckUserAndPwd( context.Request.Form["user"], context.Request.Form["pwd"]); if (session == null) { throw new Exception("User or Password is not correct"); } } Sessions.AddSession(session); SetSessionState(context, session); }
public List <DodoItem> GetFolders(DodoSession session, long folderId) { var ret = new List <DodoItem>(); using (var conn = CreateConnection()) { using (var cmd = conn.CreateCommand()) { cmd.CommandText = "select uniqueId, keywords, userId " + "from poweq1 " + "where userId = @userId and type = 'folder' and folderId = @folderid " + "order by keywords"; cmd.Parameters.AddWithValue("userId", session.userId); cmd.Parameters.AddWithValue("folderid", folderId); using (var reader = cmd.ExecuteReader()) { while (reader.Read()) { ret.Add(DodoItemBase.GetItem <DodoItem>( app, reader.GetInt64(reader.GetOrdinal("uniqueId")))); } } } } return(ret); }
public DodoSession CheckUserAndPwd(string user, string pwd) { DodoSession ret = null; using (MySqlConnection conn = CreateConnection()) { using (MySqlCommand cmd = conn.CreateCommand()) { cmd.CommandText = "select userid, username, fullname from powequsers where username = ?user and password = ?pwd"; // cmd.Parameters.Add("user", user); // cmd.Parameters.Add("user", pwd); cmd.Parameters.AddWithValue("user", user); cmd.Parameters.AddWithValue("pwd", pwd); using (MySqlDataReader reader = cmd.ExecuteReader()) { if (reader.Read()) { ret = new DodoSession(app, reader.GetInt32("userid"), reader.GetString("username"), reader.GetString("fullname")); } } } } return(ret); }
public DodoItem GetFolder(string id, DodoSession s) { DodoItem ret = null; if (id.CompareTo("-1") == 0) { // objeto nuevo ret = new DodoItem(); ret.UniqueId = -1; ret.UserId = s.userId; } else { using (var conn = CreateConnection()) using (var cmd = conn.CreateCommand()) { cmd.CommandText = "select uniqueId from poweq1 where uniqueId = @uniqueId"; cmd.Parameters.AddWithValue("uniqueId", id); using (var reader = cmd.ExecuteReader()) { if (reader.Read()) { ret = DodoItemBase.GetItem <DodoItem>( app, reader.GetInt64(reader.GetOrdinal("uniqueId"))); } } } } return(ret); }
public void WriteGlobalVars() { HttpContext context = DodoApplication.CurrentContext; DodoSession session = (DodoSession)context.Session; context.Reply.Write("<script type=\"text/javascript\">"); context.Reply.Write("var currentUserId = '{0}';", session.userId); context.Reply.Write("var currentUserName = '******';", session.userName); context.Reply.Write("var currentSession = '{0}';", session.Auth); context.Reply.Write("</script>"); }
/// <summary> /// añadir y modificar registro /// </summary> /// <param name="record"></param> public void ModifyFolder(ref DodoItem folder, DodoSession s) { int retErr = 0; using (var conn = CreateConnection()) { using (var cmd = conn.CreateCommand()) { if (folder.UniqueId == -1) { cmd.CommandText = "insert into poweq1 " + "(uniqueId, userId, folderId, keywords, type, visible, weight, registered, modified) values " + "(@uniqueId, " + "@userId, " + "@folderId, " + "@keywords, " + "'folder', " + "@visible, " + "100, " + "CURRENT_TIMESTAMP, CURRENT_TIMESTAMP);"; // cmd.CommandText += "SELECT @@IDENTITY"; folder.UniqueId = GetCounter(); cmd.Parameters.AddWithValue("uniqueId", folder.UniqueId); cmd.Parameters.AddWithValue("userId", folder.UserId); cmd.Parameters.AddWithValue("keywords", folder.Keywords); cmd.Parameters.AddWithValue("visible", folder.Visible); cmd.Parameters.AddWithValue("folderId", folder.FolderId); retErr = cmd.ExecuteNonQuery(); } else { cmd.CommandText = "update poweq1 set " + "keywords = @keywords, " + "folderId = @folderId, " + "modified = CURRENT_TIMESTAMP, " + "visible = @visible " + "where uniqueId = @uniqueId"; cmd.Parameters.AddWithValue("uniqueId", folder.UniqueId); cmd.Parameters.AddWithValue("keywords", folder.Keywords); cmd.Parameters.AddWithValue("folderId", folder.FolderId); cmd.Parameters.AddWithValue("visible", folder.Visible); retErr = cmd.ExecuteNonQuery(); } folder = GetFolder(folder.UniqueId.ToString(), s); } } }
public DodoSession CheckEmail(string email) { DodoSession ret = null; using (MySqlConnection conn = CreateConnection()) { using (MySqlCommand cmd = conn.CreateCommand()) { cmd.CommandText = "select userid, username, fullname from powequsers where email = ?email"; cmd.Parameters.AddWithValue("email", email); using (MySqlDataReader reader = cmd.ExecuteReader()) { if (reader.Read()) { ret = new DodoSession(app, reader.GetInt32("userid"), reader.GetString("username"), reader.GetString("fullname")); } } } } return(ret); }
public void Interpret() { string method = Path.GetFileNameWithoutExtension(request.Url); object answer = null; StringBuilder sb = new StringBuilder(); StringWriter writer = new StringWriter(sb); string idcall = ""; try { idcall = request.UriArgs["id"]; DodoSession s = null; if (request.UriArgs["auth"] != null) { s = app.Sessions[(WebAuth)request.UriArgs["auth"]] as DodoSession; } switch (method) { case "getFolders": int folderId_0 = 0; int.TryParse(request.UriArgs["f"], out folderId_0); var tmpGetFolders = app.CurrentDb.GetFolders(s, folderId_0); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(tmpGetFolders) + ");"); /* * if (tmpGetFolders.Count > 0) * * else * writer.WriteLine("var reply = new dbapi.async(" + idcall + ", new Array());"); */ // writer.WriteLine("dbapi.cb(reply);"); break; case "setVisibleRecord": string _code = request.UriArgs["code"]; long code = Convert.ToInt64(_code); string _show = request.UriArgs["show"]; bool show = Convert.ToBoolean(_show); answer = app.CurrentDb.SetVisibleRecord(code, show, s); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(answer) + ");"); break; case "getRecord": string c = request.UriArgs["code"]; answer = app.CurrentDb.GetRecord(c, s); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(answer) + ");"); // writer.WriteLine("dbapi.cb(reply);"); break; case "getItem": answer = app.CurrentDb.GetItem(app.CalcUniqueId(request.UriArgs["code"])); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(answer) + ");"); // writer.WriteLine("dbapi.cb(reply);"); break; case "getContenPreview": DodoItem previewContent = app.CurrentDb.GetItem(app.CalcUniqueId(request.UriArgs["code"])); var dodoContent = new DodoContent() { Content = previewContent.GetContent() }; writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(dodoContent) + ");"); // writer.WriteLine("dbapi.cb(reply);"); break; case "searchRecords": string search = request.UriArgs["s"]; int folderId_1 = 0; int.TryParse(request.UriArgs["f"], out folderId_1); answer = app.CurrentDb.SearchMyRecords(s.userId, search, folderId_1); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(answer) + ");"); // writer.WriteLine("dbapi.cb(reply);"); break; case "modifyRecord": var rec2 = (DodoItem)JavaScriptConvert.DeserializeObject( request.UriArgs["record"].ToString(), typeof(DodoItem)); app.CurrentDb.ModifyRecord(ref rec2); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(rec2) + ");"); // writer.WriteLine("dbapi.cb(reply);"); break; case "modifyFolder": DodoItem folder = (DodoItem)JavaScriptConvert.DeserializeObject( request.UriArgs["folder"].ToString(), typeof(DodoItem)); app.CurrentDb.ModifyFolder(ref folder, s); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(folder) + ");"); // writer.WriteLine("dbapi.cb(reply);"); break; case "removeRecord": string id = request.UriArgs["code"] != null ? (string)request.UriArgs["code"] : ""; app.CurrentDb.RemoveRecord(id); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", 'ok');"); // writer.WriteLine("dbapi.cb(reply);"); break; default: throw new Exception("El método no existe " + method); } } catch (Exception err) { sb.Length = 0; writer.WriteLine(string.Format("var e = new Error('{0}');", err.Message.Replace("\n", " "))); writer.WriteLine("var reply = new dbapi.async(" + idcall + ", e);"); } // mandamos la respuesta reply.LoadText(sb.ToString()); }