public IActionResult Update(string password, string phone, string deliverAddress) { if (password == null) { return(NotFound()); } if (phone == null) { phone = ""; } if (deliverAddress == null) { deliverAddress = ""; } var si = new SqlIntegrate(); si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("user")); si.AddParameter("@p2", SqlIntegrate.DataType.VarChar, password); si.AddParameter("@p3", SqlIntegrate.DataType.NVarChar, deliverAddress); si.AddParameter("@p4", SqlIntegrate.DataType.VarChar, phone); var result = si.Execute("EXECUTE UserUpdate @p1, @p2, @p3, @p4"); if (result == 1) { return(Ok()); } return(NotFound()); }
public IActionResult Register(string username, string password, string phone, string address) { var si = new SqlIntegrate(); si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, username); si.AddParameter("@p2", SqlIntegrate.DataType.VarChar, password); if (address != null) { si.AddParameter("@p3", SqlIntegrate.DataType.NVarChar, address); } if (phone != null) { si.AddParameter("@p4", SqlIntegrate.DataType.VarChar, phone); } int result; try { result = si.Execute("EXECUTE UserRegister @p1, @p2" + (address != null ? " ,@p3" : " ,NULL") + (phone != null ? " ,@p4" : " ,NULL")); } catch { return(NotFound()); } if (result == 1) { return(Ok()); } return(NotFound()); }
public IActionResult Update(string password, string description, string type) { if (password == null) { return(NotFound()); } if (description == null) { description = ""; } if (type == null) { type = ""; } var si = new SqlIntegrate(); si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, password); si.AddParameter("@p2", SqlIntegrate.DataType.NVarChar, description); si.AddParameter("@p3", SqlIntegrate.DataType.NVarChar, type); si.AddParameter("@p4", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("vendor")); var result = si.Execute("UPDATE [Restaurant] SET " + "[password]=@p1, " + "[description]=@p2, " + "[type]=@p3 " + "WHERE [username]=@p4"); if (result == 1) { return(Ok()); } return(NotFound()); }
public IActionResult AddRestaurant() { if (HttpContext.Session.GetString("admin") == null) { return(NotFound()); } var name = HttpContext.Request.Form["name"].ToString(); var username = HttpContext.Request.Form["username"].ToString(); var password = RandomString(8); var si = new SqlIntegrate(); si.AddParameter("@p1", SqlIntegrate.DataType.NVarChar, name); si.AddParameter("@p2", SqlIntegrate.DataType.VarChar, username); si.AddParameter("@p3", SqlIntegrate.DataType.VarChar, password); var result = si.Execute("EXECUTE RestaurantRegister @p1, @p2, @p3"); if (result == 1) { return(new ObjectResult(new JObject { ["password"] = password })); } return(NotFound()); }
public IActionResult Add(long id) { var si = new SqlIntegrate(); si.AddParameter("@p1", SqlIntegrate.DataType.VarChar, HttpContext.Session.GetString("user")); si.AddParameter("@p2", SqlIntegrate.DataType.NVarChar, HttpContext.Request.Form["content"].ToString()); si.AddParameter("@p3", SqlIntegrate.DataType.BigInt, id); var result = si.Execute("INSERT INTO [Comment] ([UID], [content], [RID]) VALUES (" + "(SELECT [ID] FROM [User] WHERE [username]=@p1)," + "@p2," + "@p3)"); if (result == 1) { return(Ok()); } return(NotFound()); }