protected internal bool loginMe(string email, string password)
{
db dbc = new db();
String query = "SELECT * FROM users WHERE email = @Email AND password=@Password";
dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
dbc.cmd.Parameters.Add(new SqlParameter("Password", password));
dbc.cmd.CommandText = query;
int counter = 0;
try
{
SqlDataReader dr;
dr = dbc.cmd.ExecuteReader();
while (dr.Read())
{
counter++;
}
dr.Close();
dbc.dbCon.Close();
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
if (counter == 1)
return true;
return false;
}
protected void LoadData()
{
db dbc = new db();
string query = "SELECT * FROM Info ORDER BY id DESC";
dbc.cmd.CommandText = query;
SqlDataAdapter da = new SqlDataAdapter(dbc.cmd);
DataTable dt = new DataTable();
da.Fill(dt);
PagedDataSource pgitems = new PagedDataSource();
DataView dv = new DataView(dt);
pgitems.DataSource = dv;
pgitems.AllowPaging = true;
pgitems.PageSize = 9;
pgitems.CurrentPageIndex = PageNumber;
if (pgitems.PageCount > 1)
{
rptPages.Visible = true;
ArrayList pages = new ArrayList();
for (int i = 0; i < pgitems.PageCount; i++)
pages.Add((i + 1).ToString());
rptPages.DataSource = pages;
rptPages.DataBind();
}
else
rptPages.Visible = false;
rptContent.DataSource = pgitems;
rptContent.DataBind();
}
void LoadData()
{
string query;
db dbc = new db();
query = "SELECT * FROM pictures ORDER BY date DESC";
if (Request.QueryString["sort"] == "oldest")
query = "SELECT * FROM pictures ORDER BY date ASC";
else if (Request.QueryString["sort"] == "byalphaup")
query = query = "SELECT * FROM pictures ORDER BY id DESC";
else if (Request.QueryString["sort"] == "byalphadown")
query = query = "SELECT * FROM pictures ORDER BY id ASC";
dbc.cmd.CommandText = query;
SqlDataAdapter da = new SqlDataAdapter(dbc.cmd);
DataTable dt = new DataTable();
da.Fill(dt);
PagedDataSource pgitems = new PagedDataSource();
System.Data.DataView dv = new System.Data.DataView(dt);
pgitems.DataSource = dv;
pgitems.AllowPaging = true;
pgitems.PageSize = 9;
pgitems.CurrentPageIndex = PageNumber;
if (pgitems.PageCount > 1)
{
rptPages.Visible = true;
System.Collections.ArrayList pages = new System.Collections.ArrayList();
for (int i = 0; i < pgitems.PageCount; i++)
pages.Add((i + 1).ToString());
rptPages.DataSource = pages;
rptPages.DataBind();
}
else
rptPages.Visible = false;
rptContent.DataSource = pgitems;
rptContent.DataBind();
}
protected void regDBImage(string[] info)
{
string name = info[0];
string fn = info[1];
string description = info[2];
string email = info[3];
string path = info[4];
DateTime date = DateTime.Now;
int UserID = util.getID(email);
db dbc = new db();
try
{
dbc.cmd.CommandText = "INSERT INTO pictures (name,filename,description,userID,date,path) VALUES(@Name,@FileName,@Description,@UserID,@Date,@Path)";
dbc.cmd.Parameters.Add(new SqlParameter("Name", name));
dbc.cmd.Parameters.Add(new SqlParameter("FileName", fn));
dbc.cmd.Parameters.Add(new SqlParameter("Description", description));
dbc.cmd.Parameters.Add(new SqlParameter("UserID", UserID));
dbc.cmd.Parameters.Add(new SqlParameter("Date", date));
dbc.cmd.Parameters.Add(new SqlParameter("Path", path));
dbc.cmd.ExecuteNonQuery();
}
catch(Exception ex)
{
Response.Write("Coundn't to insert" + ex.Message);
}
}
// get Directory
protected internal string getDir(string email)
{
db dbc = new db();
string query = "SELECT dir FROM users WHERE email = @Email";
dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
dbc.cmd.CommandText = query;
int counter = 0;
string dir = "";
try
{
SqlDataReader dr;
dr = dbc.cmd.ExecuteReader();
while (dr.Read())
{
dir = dr[0].ToString();
counter++;
}
}
catch
{
Console.WriteLine("בעיה בחיבור.");
}
if (counter == 1)
return dir;
return "";
}
// Gets ID
protected internal int getID(string email)
{
db dbc = new db();
string query = "SELECT id FROM users WHERE email = @Email";
dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
dbc.cmd.CommandText = query;
int counter = 0;
int id = 0;
try
{
SqlDataReader dr;
dr = dbc.cmd.ExecuteReader();
while (dr.Read())
{
id = dr.GetInt32(0);
counter++;
}
}
catch
{
Console.WriteLine("Problem with connection.");
}
if (counter == 1)
return id;
return 0;
}
protected internal void upView(int id)
{
db dbc = new db();
int views = getView(id)+1;
string query = "UPDATE pictures SET views = @Views WHERE id = @Id";
dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
dbc.cmd.Parameters.Add(new SqlParameter("Views", views));
dbc.cmd.CommandText = query;
dbc.cmd.ExecuteNonQuery();
reader.Close();
dbc.dbCon.Close();
}
protected internal int getView(int id)
{
db dbc = new db();
int views = 0;
string query = "SELECT views FROM pictures WHERE id = @Id";
dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
dbc.cmd.CommandText = query;
reader = dbc.cmd.ExecuteReader();
if (reader.Read())
{
views = Convert.ToInt32(reader["views"]);
}
reader.Close();
dbc.dbCon.Close();
return views;
}
// Registration of user to DB.
protected void registration(String name, int studstaff, int grade, String email, String password)
{
db dbc = new db();
try
{
dbc.cmd.CommandText = "INSERT INTO users VALUES(@Name,@Email,@Password,@Status, @Grade)";
dbc.cmd.Parameters.Add(new SqlParameter("Name",name));
dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
dbc.cmd.Parameters.Add(new SqlParameter("Password", util.hashSalt(password)));
dbc.cmd.Parameters.Add(new SqlParameter("Status", studstaff));
dbc.cmd.Parameters.Add(new SqlParameter("Grade", grade));
dbc.cmd.ExecuteNonQuery();
} catch
{
Response.Write("Coundn't to insert");
}
}
protected internal string[] getDetails(int id)
{
db dbc = new db();
string query = "SELECT * FROM pages WHERE id = @Id";
dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
dbc.cmd.CommandText = query;
SqlDataAdapter adapter = new SqlDataAdapter(dbc.cmd);
DataSet ds = new DataSet();
adapter.Fill(ds);
string[] terms = new string[2];
DataTable dataTable = ds.Tables["terms"];
foreach (DataRow dr in ds.Tables[0].Rows)
{
terms[0] = Convert.ToString(dr["title"]);
terms[1] = Convert.ToString(dr["content"]);
}
return terms;
}
protected string[] LoadPageInfo(int id)
{
db dbc = new db();
string query = "SELECT * FROM Info WHERE id = @ID";
dbc.cmd.CommandText = query;
dbc.cmd.Parameters.Add(new SqlParameter("ID", id));
SqlDataReader reader = dbc.cmd.ExecuteReader();
string[] data = { };
if(reader.Read())
{
data = new string[2]
{
Convert.ToString(reader["name"]),
Convert.ToString(reader["content"])
};
}
return data;
}
protected internal string getAuthor(int id)
{
SqlDataReader reader = null;
db dbc = new db();
string author = "";
string query = "SELECT name FROM users WHERE id = @Id";
dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
dbc.cmd.CommandText = query;
reader = dbc.cmd.ExecuteReader();
if (reader.Read())
{
author = reader["name"].ToString();
reader.Close();
dbc.dbCon.Close();
return author;
}
reader.Close();
dbc.dbCon.Close();
return author;
}
protected internal bool checkUsersPic(int pictureID, string eid)
{
Utilities util = new Utilities();
int userID = util.getID(eid);
int counter = 0;
db dbc = new db();
string query = "SELECT * FROM pictures WHERE id = @PictureID AND userID = @UserID";
dbc.cmd.Parameters.Add(new SqlParameter("PictureID", pictureID));
dbc.cmd.Parameters.Add(new SqlParameter("UserID", userID));
dbc.cmd.CommandText = query;
SqlDataReader reader;
reader = dbc.cmd.ExecuteReader();
if (reader.Read())
{
counter++;
}
if (counter >= 1)
return true;
return false;
}
// Get Email
protected internal string getEmail(int id)
{
db dbc = new db();
string query = "SELECT email FROM users WHERE id = @Id";
dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
dbc.cmd.CommandText = query;
string email = "";
try
{
SqlDataReader dr;
dr = dbc.cmd.ExecuteReader();
while (dr.Read())
{
email = dr.GetString(0);
}
}
catch
{
Console.WriteLine("בעיה בחיבור.");
}
return email;
}
protected internal string getFileName(int pictureID)
{
db dbc = new db();
string query = "SELECT * FROM pictures WHERE id = @PictureID";
dbc.cmd.Parameters.Add(new SqlParameter("PictureID", pictureID));
dbc.cmd.CommandText = query;
SqlDataReader reader;
reader = dbc.cmd.ExecuteReader();
if (reader.Read())
{
return Convert.ToString(reader["path"]);
}
return "";
}
protected internal bool isAdmin(string email)
{
db dbc = new db();
string query = "SELECT status,email FROM users WHERE email = @Email AND status = 3";
dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
dbc.cmd.CommandText = query;
int counter = 0;
try
{
SqlDataReader dr;
dr = dbc.cmd.ExecuteReader();
while (dr.Read())
{
counter++;
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
counter = -1;
}
if (counter >= 1)
return true;
return false;
}
protected internal bool picExist(int pictureID)
{
int counter = 0;
db dbc = new db();
string query = "SELECT * FROM pictures WHERE id = @PictureID";
dbc.cmd.Parameters.Add(new SqlParameter("PictureID", pictureID));
dbc.cmd.CommandText = query;
SqlDataReader reader;
reader = dbc.cmd.ExecuteReader();
while (reader.Read())
{
counter++;
}
if (counter == 1)
return true;
return false;
}