public IActionResult Update(string password, string phone, string deliverAddress)
{
if (password == null)
{
return(NotFound());
}
if (phone == null)
{
phone = "";
}
if (deliverAddress == null)
{
deliverAddress = "";
}
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("user"));
si.AddParameter("@p2", SqlIntegrate.DataType.VarChar, password);
si.AddParameter("@p3", SqlIntegrate.DataType.NVarChar, deliverAddress);
si.AddParameter("@p4", SqlIntegrate.DataType.VarChar, phone);
var result =
si.Execute("EXECUTE UserUpdate @p1, @p2, @p3, @p4");
if (result == 1)
{
return(Ok());
}
return(NotFound());
}
public IActionResult AddRestaurant()
{
if (HttpContext.Session.GetString("admin") == null)
{
return(NotFound());
}
var name = HttpContext.Request.Form["name"].ToString();
var username = HttpContext.Request.Form["username"].ToString();
var password = RandomString(8);
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.NVarChar, name);
si.AddParameter("@p2", SqlIntegrate.DataType.VarChar, username);
si.AddParameter("@p3", SqlIntegrate.DataType.VarChar, password);
var result = si.Execute("EXECUTE RestaurantRegister @p1, @p2, @p3");
if (result == 1)
{
return(new ObjectResult(new JObject
{
["password"] = password
}));
}
return(NotFound());
}
public IActionResult Register(string username, string password, string phone, string address)
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, username);
si.AddParameter("@p2", SqlIntegrate.DataType.VarChar, password);
if (address != null)
{
si.AddParameter("@p3", SqlIntegrate.DataType.NVarChar, address);
}
if (phone != null)
{
si.AddParameter("@p4", SqlIntegrate.DataType.VarChar, phone);
}
int result;
try
{
result = si.Execute("EXECUTE UserRegister @p1, @p2"
+ (address != null ? " ,@p3" : " ,NULL")
+ (phone != null ? " ,@p4" : " ,NULL"));
}
catch
{
return(NotFound());
}
if (result == 1)
{
return(Ok());
}
return(NotFound());
}
public IActionResult Update(string password, string description, string type)
{
if (password == null)
{
return(NotFound());
}
if (description == null)
{
description = "";
}
if (type == null)
{
type = "";
}
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, password);
si.AddParameter("@p2", SqlIntegrate.DataType.NVarChar, description);
si.AddParameter("@p3", SqlIntegrate.DataType.NVarChar, type);
si.AddParameter("@p4", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("vendor"));
var result =
si.Execute("UPDATE [Restaurant] SET " +
"[password]=@p1, " +
"[description]=@p2, " +
"[type]=@p3 " +
"WHERE [username]=@p4");
if (result == 1)
{
return(Ok());
}
return(NotFound());
}
public IActionResult RestaurantInfo(long id)
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.BigInt, id);
var result = si.QueryJson("SELECT [name], [description] FROM [Restaurant] WHERE [ID]=@p1");
return(new ObjectResult(result));
}
public IActionResult List(long id)
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.BigInt, id);
var result = si.AdapterJson("SELECT [User].[username], [Comment].[content], [Comment].[datetime] " +
"FROM [User], [Comment] " +
"WHERE [Comment].[UID]=[User].[ID] AND [Comment].[RID]=@p1");
return(new ObjectResult(result));
}
public IActionResult List()
{
var si = new SqlIntegrate();
var result = si.AdapterJson(
"SELECT [ID], [name], [description], [type] FROM [Restaurant] " +
"WHERE [type] IS NOT NULL AND [description] IS NOT NULL " +
"ORDER BY [name]"
);
return(new ObjectResult(result));
}
private static decimal CalcTotal(IEnumerable <OrderItem> list)
{
decimal total = 0;
foreach (var item in list)
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.BigInt, item.id);
total += item.quantity * Convert.ToDecimal(si.Query("SELECT [price] FROM [Menu] WHERE [ID]=@p1"));
}
return(total);
}
public IActionResult Content(long id)
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.BigInt, id);
var result = si.AdapterJson("SELECT [Menu].[name], [Menu].[price], [OrderContent].[quantity] " +
"FROM [Menu], [OrderContent] " +
"WHERE [Menu].[ID]=[OrderContent].[MID] " +
"AND [OrderContent].[OID]=@p1");
return(new ObjectResult(result));
}
public IActionResult Menu(long id)
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.BigInt, id);
var result = si.AdapterJson(
"SELECT [ID], [name], [description], [price] " +
"FROM [Menu] " +
"WHERE [order] IS NOT NULL AND [RID]=@p1 " +
"ORDER BY [order]");
return(new ObjectResult(result));
}
public IActionResult Menu()
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("vendor"));
var result = si.AdapterJson(
"SELECT [name], [description], [price] " +
"FROM [Menu] " +
"WHERE [order] IS NOT NULL AND [RID]=(SELECT [ID] FROM [Restaurant] WHERE [username]=@p1) " +
"ORDER BY [order]");
return(new ObjectResult(result));
}
public IActionResult Info()
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("vendor"));
var result =
si.QueryJson(
"SELECT [name], [username], [password], ISNULL([description], '') AS [d], ISNULL([type], '') AS [t] " +
"FROM [Restaurant] " +
"WHERE [username]=@p1");
return(new ObjectResult(result));
}
public IActionResult Type()
{
var si = new SqlIntegrate();
var dt = si.Adapter(
"SELECT DISTINCT [type] FROM [Restaurant] WHERE [type] IS NOT NULL ORDER BY [type]"
);
var result = new JArray();
foreach (DataRow row in dt.Rows)
{
result.Add(row["type"].ToString());
}
return(new ObjectResult(result));
}
public IActionResult List()
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("user"));
var result =
si.AdapterJson("SELECT [Order].[ID], [Restaurant].[name], [Order].[amount], [Order].[datetime] " +
"FROM [Order], [Restaurant] " +
"WHERE [Order].[RID]=[Restaurant].[ID] AND [Order].[UID]=(" +
"SELECT [ID] FROM [User] WHERE [username]=@p1" +
") " +
"ORDER BY datetime DESC");
return(new ObjectResult(result));
}
public IActionResult Info()
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("user"));
var result =
si.QueryJson(
"SELECT [username], [password], " +
"ISNULL([phone], '') AS phone, " +
"ISNULL([deliverAddress], '') as deliverAddress " +
"FROM [User] " +
"WHERE [username]=@p1");
return(new ObjectResult(result));
}
public IActionResult Login(string username, string password)
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, username);
si.AddParameter("@p2", SqlIntegrate.DataType.VarChar, password);
var result =
Convert.ToInt32(si.Query("SELECT COUNT(*) FROM [User] WHERE [username]=@p1 AND [password]=@p2"));
if (result == 1)
{
HttpContext.Session.SetString("user", username);
return(Ok());
}
return(NotFound());
}
public IActionResult Add(long id)
{
var si = new SqlIntegrate();
si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("user"));
si.AddParameter("@p2", SqlIntegrate.DataType.NVarChar, HttpContext.Request.Form["content"].ToString());
si.AddParameter("@p3", SqlIntegrate.DataType.BigInt, id);
var result = si.Execute("INSERT INTO [Comment] ([UID], [content], [RID]) VALUES (" +
"(SELECT [ID] FROM [User] WHERE [username]=@p1)," +
"@p2," +
"@p3)");
if (result == 1)
{
return(Ok());
}
return(NotFound());
}