Esempio n. 1
0
    /// <summary>
    /// Method Used for getting all the Parent Comments on a Post
    /// </summary>
    /// <param name="PostID"></param>
    /// <returns></returns>
    public DataSet GetParentComments(int PostID)
    {
        using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DB"].ToString()))
        {
            conn.Open();
            string     sql = "select FCT.UserID, CommentText, FCT.DatePosted FROM FORUM_COMMENT_TREE as FCT inner join FORUM_POST as FP on FP.ReplyGroupID = FCT.GroupID where FP.PostID = @PostID and ParentID is null";
            SqlCommand cmd = new SqlCommand(sql, conn);
            cmd.Parameters.Add(new SqlParameter("@PostID", PostID));
            SqlDataAdapter DA = new SqlDataAdapter();
            DataSet        DS = new DataSet();
            DA.Fill(DS, "ParentComments");

            glob.CloseDB(conn);
            return(DS);
        }
    }
Esempio n. 2
0
    /// <summary>
    /// Method for checking if the user is looking for a post or the main page
    /// </summary>
    protected void Post()
    {
        using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DB"].ToString()))
        {
            conn.Open();
            string     sql = "select PostName, (FU.LName + ', ' + FU.FName) as FullName, FP.PostDate FROM FORUM_POST as FP inner join FORUM_USER as FU on FU.UserID = FP.UserID where PostID = @PostID";
            SqlCommand cmd = new SqlCommand(sql, conn);
            cmd.Parameters.Add(new SqlParameter("@PostID", Request.QueryString["PostID"]));
            SqlDataReader dr = cmd.ExecuteReader();
            while (dr.Read())
            {
                Panel HeaderPnl = new Panel();
                HeaderPnl.CssClass = "page-header";
                HeaderPnl.Controls.Add(new LiteralControl("<h1>" + dr["PostName"] + "</h1>"));
                HeaderPnl.Controls.Add(new LiteralControl("<br/>"));
                HeaderPnl.Controls.Add(new LiteralControl("<small>" + dr["FullName"] + "&nbsp;&nbsp;&nbsp;&nbsp;" + dr["PostDate"] + "</small>"));
                PostContent.Controls.Add(HeaderPnl);
            }
            dr.Close();

            sql = "select PostText FROM FORUM_POST where PostID=@PostID";
            cmd = new SqlCommand(sql, conn);
            cmd.Parameters.Add(new SqlParameter("@PostID", Request.QueryString["PostID"]));
            dr = cmd.ExecuteReader();
            while (dr.Read())
            {
                Panel Body = new Panel();
                Body.Controls.Add(new LiteralControl("<br/><br/>"));
                Body.Controls.Add(new LiteralControl("<p class=\"lead\">" + dr["PostText"] + "</p>"));
                PostContent.Controls.Add(Body);
            }
            dr.Close();
            glob.CloseDB(conn);
        }
    }
 protected void EnterCodebtn_Click(object sender, EventArgs e)
 {
     using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DB"].ToString()))
     {
         conn.Open();
         string        sql = "select Passcode FROM PASS_CODES where ID=1";
         SqlCommand    cmd = new SqlCommand(sql, conn);
         SqlDataReader dr  = cmd.ExecuteReader();
         while (dr.Read())
         {
             if (dr["Passcode"].ToString() == PassCode.Text.ToString())
             {
                 Lockpnl.Visible   = false;
                 Managepnl.Visible = true;
                 Session["Pass"]   = "******";
             }
             else
             {
                 Errorlb.Visible = true;
                 Session["Pass"] = "******";
             }
         }
         dr.Close();
         glob.CloseDB(conn);
     }
 }
Esempio n. 4
0
    public static bool AuthenticateUser(string UserName, string Password)
    {
        bool Valid = false;

        using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DB"].ToString()))
        {
            conn.Open();
            String     sql = "select Password, UserID, FName, LName FROM FORUM_USER where UserName=@UserName";
            SqlCommand cmd = new SqlCommand(sql, conn);
            cmd.Parameters.Add(new SqlParameter("@UserName", UserName));
            SqlDataReader dr = cmd.ExecuteReader();
            if (dr.HasRows)
            {
                while (dr.Read())
                {
                    if (Password == Encryption.Decrypt(dr["Password"].ToString(), Encryption.GetPassPhrase().ToString()))
                    {
                        Valid = true;
                    }
                    else
                    {
                        Valid = false;
                    }
                }
            }
            else
            {
                Valid = false;
            }

            dr.Close();
            Global_Functions globl = new Global_Functions();
            globl.CloseDB(conn);
        }
        return(Valid);
    }