public string userAdmin(string pesel)
{
string result = "";
RegexClass r = new RegexClass();
Match matchPesel = r.Regex.Match(pesel);
if (matchPesel.Success == false)
{
try
{
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
connection.Open();
SqlCommand cmd = connection.CreateCommand();
SqlParameter sqlPesel = new SqlParameter("@pesel", pesel);
cmd.CommandText = "exec UpdateUzyt 2, @pesel, '2'";
cmd.Parameters.Add(sqlPesel);
cmd.ExecuteNonQuery();
result += "OK";
}
}
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.ToString());
result += "Problem with : " + ex.ToString();
}
}
return result;
}
public string createUser(string[] input)
{
string result = "";
RegexClass r = new RegexClass();
Match mPesel = r.Regex.Match(input[0]);
Match mPassword = r.Regex.Match(input[1]);
Match mNickname = r.Regex.Match(input[3]);
if (mPesel.Success == false && mPassword.Success == false && mNickname.Success == false)
{
try
{
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
connection.Open();
SqlCommand cmd = connection.CreateCommand();
cmd.CommandText = "exec Zarejestruj @pesel, @password , @idArea, 1, @nickname";
SqlParameter sqlPesel = new SqlParameter("@pesel", input[0]);
SqlParameter sqlPassword = new SqlParameter("@password", input[1]);
SqlParameter sqlIdArea = new SqlParameter("@idArea", input[2]);
SqlParameter sqlNickname = new SqlParameter("@nickname", input[3]);
cmd.Parameters.Add(sqlPesel);
cmd.Parameters.Add(sqlPassword);
cmd.Parameters.Add(sqlIdArea);
cmd.Parameters.Add(sqlNickname);
cmd.ExecuteNonQuery();
result += "OK";
}
}
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.ToString());
result += "Problem " + ex.ToString();
}
}
else
{
Console.WriteLine("We got problem with PESEL or password (it can be seciurity error !");
result += "Problem with login or password (it can be both!)";
}
return result;
}
public string addList(string list)
{
string result = "";
List<int> listIds = new List<int>();
try
{
using (XmlReader reader = XmlReader.Create(new StringReader(list)))
{
reader.ReadToFollowing("list");
reader.ReadToFollowing("electionId");
int idWyborow = reader.ReadElementContentAsInt();
reader.ReadToFollowing("comiteeName");
string nazwa = reader.ReadElementContentAsString().Trim();
reader.ReadToFollowing("areaId");
int idOkregu = reader.ReadElementContentAsInt();
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
RegexClass r = new RegexClass();
Match regexMatch = r.Regex.Match(nazwa);
connection.Open();
SqlCommand cmd = connection.CreateCommand();
cmd.CommandText = "exec ZglosListe @name, @idElection , @idArea";
if (regexMatch.Success)
{
throw new Exception("ERROR : UZYTO SLOWA NIEDOZWOLONEGO SELECT/DELETE");
}
//else
//{
SqlParameter sqlNazwa = new SqlParameter("@name", nazwa);
cmd.Parameters.Add(sqlNazwa);
//}
SqlParameter sqlIdElection = new SqlParameter("@idElection", idWyborow);
SqlParameter sqlIdArea = new SqlParameter("@idArea", idOkregu);
cmd.Parameters.Add(sqlIdElection);
cmd.Parameters.Add(sqlIdArea);
cmd.ExecuteNonQuery();
connection.Close();
connection.Open();
SqlCommand cmd2 = connection.CreateCommand();
cmd2.CommandText = "select dbo.DajID(@name,@idElection,@idArea)";
SqlParameter sqlNazwa2 = new SqlParameter("@name", nazwa);
SqlParameter sqlIdElection2 = new SqlParameter("@idElection", idWyborow);
SqlParameter sqlIdArea2 = new SqlParameter("@idArea", idOkregu);
cmd2.Parameters.Add(sqlNazwa2);
cmd2.Parameters.Add(sqlIdElection2);
cmd2.Parameters.Add(sqlIdArea2);
// DAJID PROCEDURE. NAJBARDZIEJ ZACHŁANNY ALGORYTM NA ŚWIECE !
SqlDataReader sreader = cmd2.ExecuteReader(); // DRŻYJCIE NIEWIERNI !
while (sreader.Read())
{
listIds.Add(sreader.GetInt32(0));
}
connection.Close();
reader.ReadToFollowing("candidates");
while (reader.ReadToFollowing("candidate"))
{
foreach (int idListy in listIds)
{
SqlParameter sqlIdList = new SqlParameter("@idList", idListy);
string kandydat = reader.ReadElementContentAsString().Trim();
Match regexMatch2 = r.Regex.Match(kandydat);
if (regexMatch2.Success)
{
throw new Exception("ERROR : UZYTO SLOWA NIEDOZWOLONEGO SELECT/DELETE");
}
else
{
}
connection.Open();
SqlCommand cmd3 = connection.CreateCommand();
cmd3.CommandText = "exec ZglosKand @candidate , @idList";
SqlParameter sqlCandidate = new SqlParameter("@candidate", kandydat);
cmd3.Parameters.Add(sqlCandidate);
cmd3.Parameters.Add(sqlIdList);
cmd3.ExecuteNonQuery();
connection.Close();
result = "OK";
}
}
}
}
}
catch (Exception e)
{
return e.ToString();
}
return result;
}
public String startElection(int idElection, string data)
{
string result = "";
RegexClass r = new RegexClass();
try
{
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
Match regexMatch = r.Regex.Match(data);
connection.Open();
Console.WriteLine("MySQL version : {0}", connection.ServerVersion);
SqlCommand cmd = connection.CreateCommand();
if (regexMatch.Success)
{
throw new Exception("ERROR : UZYTO SLOWA NIEDOZWOLONEGO SELECT/DELETE");
}
else
{
SqlParameter sqlData = new SqlParameter("@data", data);
cmd.Parameters.Add(sqlData);
}
SqlParameter sqlIdElection = new SqlParameter("@idElection", idElection);
cmd.Parameters.Add(sqlIdElection);
cmd.CommandText = "exec RozpocznijWybory @idElection , @data";
cmd.ExecuteNonQuery();
result += "OK";
}
}
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.ToString());
result += "Problem " + ex.ToString();
}
return result;
}
public int checkPrivliges(string pesel)
{
int isAdmin = 0;
try
{
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
connection.Open();
Console.WriteLine("MySQL version : {0}", connection.ServerVersion);
RegexClass r = new RegexClass();
Match regexMatch = r.Regex.Match(pesel);
SqlCommand cmd = new SqlCommand("select dbo.SprUpr(@pesel)", connection);
if (regexMatch.Success)
{
throw new Exception("ERROR : UZYTO SLOWA NIEDOZWOLONEGO SELECT/DELETE");
}
else
{
SqlParameter sqlPesel = new SqlParameter("@pesel", pesel);
cmd.Parameters.Add(sqlPesel);
}
int ret = Convert.ToInt32(cmd.ExecuteScalar());
if(ret == 2)
{
isAdmin = 1;
}
}
}
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.ToString());
return 0;
}
return isAdmin;
}
public int userVoteCheck(string pesel, int electionID)
{
int funcionReturn = 0;
RegexClass r = new RegexClass();
Match matchPesel = r.Regex.Match(pesel);
if (matchPesel.Success == false)
{
try
{
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
connection.Open();
SqlParameter sqlPesel = new SqlParameter("@pesel", pesel);
SqlParameter sqlElectionId = new SqlParameter("@electionId", electionID);
SqlCommand cmd = new SqlCommand("select dbo.SprCzyGlosowal(@pesel, @electionId)", connection);
cmd.Parameters.Add(sqlPesel);
cmd.Parameters.Add(sqlElectionId);
int ret = Convert.ToInt32(cmd.ExecuteScalar());
funcionReturn = ret;
}
}
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.ToString());
funcionReturn = 0;
}
}
return funcionReturn; // return 1 if user got comfirmed vote
}
public string userVote(string[] input)
{
string result = "";
RegexClass r = new RegexClass();
Match matchPeselCandidate = r.Regex.Match(input[0]);
Match matchPeselUser = r.Regex.Match(input[1]);
if (matchPeselCandidate.Success == false && matchPeselUser.Success == false)
{
try
{
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
connection.Open();
SqlCommand cmd = connection.CreateCommand();
SqlParameter sqlPeselCandidate = new SqlParameter("@peselC", input[0]);
SqlParameter sqlPeselUser = new SqlParameter("@peselU", input[1]);
SqlParameter sqlElectionId = new SqlParameter("@electionId", input[2]);
cmd.CommandText = "exec Zaglosuj @peselC, @peselU, @electionId";
cmd.Parameters.Add(sqlPeselCandidate);
cmd.Parameters.Add(sqlPeselUser);
cmd.Parameters.Add(sqlElectionId);
cmd.ExecuteNonQuery();
result += "OK";
}
}
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.ToString());
result += "Problem with : " + ex.ToString();
}
}
return result;
}
public int userLoginCheckUser(string pesel, string password)
{
int isUserExist = 0;
RegexClass r = new RegexClass();
Match mPesel = r.Regex.Match(pesel);
Match mPassword = r.Regex.Match(password);
if (mPesel.Success == false && mPassword.Success == false)
{
try
{
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
connection.Open();
SqlCommand cmd = new SqlCommand("select dbo.SprIst(@pesel, @password)", connection);
SqlParameter sqlNickname = new SqlParameter("@pesel", pesel);
SqlParameter sqlPassword = new SqlParameter("@password", password);
cmd.Parameters.Add(sqlNickname);
cmd.Parameters.Add(sqlPassword);
//SqlDataReader reader = cmd.ExecuteReader();
isUserExist = Convert.ToInt32(cmd.ExecuteScalar());
}
}
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.ToString());
isUserExist = 0;
}
}
return isUserExist;
}
public int userLoginCheck(string nickname, string password)
{
int equal = 0;
RegexClass r = new RegexClass();
Match mPesel = r.Regex.Match(nickname);
Match mPassword = r.Regex.Match(password);
if (mPesel.Success == false && mPassword.Success == false)
{
try
{
using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
{
connection.Open();
SqlCommand cmd = new SqlCommand("select dbo.SprIst2(@nickname,@password)", connection);
SqlParameter sqlNickname = new SqlParameter("@nickname", nickname);
SqlParameter sqlPassword = new SqlParameter("@password", password);
cmd.Parameters.Add(sqlNickname);
cmd.Parameters.Add(sqlPassword);
int ret = Convert.ToInt32(cmd.ExecuteScalar());
equal = ret;
}
}
catch (Exception ex)
{
Console.WriteLine("Error: {0}", ex.ToString());
equal = 0;
}
}
return equal;
}
