Esempio n. 1
0
        protected internal bool loginMe(string email, string password)
        {
            db dbc = new db();
            String query = "SELECT * FROM users WHERE email  = @Email AND password=@Password";
            dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
            dbc.cmd.Parameters.Add(new SqlParameter("Password", password));
            dbc.cmd.CommandText = query;
            int counter = 0;
            try
            {
                SqlDataReader dr;
                dr = dbc.cmd.ExecuteReader();
                while (dr.Read())
                {
                    counter++;
                }
                dr.Close();
                dbc.dbCon.Close();
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
            }

            if (counter == 1)
                return true;
            return false;
        }
Esempio n. 2
0
 protected void LoadData()
 {
     db dbc = new db();
     string query = "SELECT * FROM Info ORDER BY id DESC";
     dbc.cmd.CommandText = query;
     SqlDataAdapter da = new SqlDataAdapter(dbc.cmd);
     DataTable dt = new DataTable();
     da.Fill(dt);
     PagedDataSource pgitems = new PagedDataSource();
     DataView dv = new DataView(dt);
     pgitems.DataSource = dv;
     pgitems.AllowPaging = true;
     pgitems.PageSize = 9;
     pgitems.CurrentPageIndex = PageNumber;
     if (pgitems.PageCount > 1)
     {
         rptPages.Visible = true;
         ArrayList pages = new ArrayList();
         for (int i = 0; i < pgitems.PageCount; i++)
             pages.Add((i + 1).ToString());
         rptPages.DataSource = pages;
         rptPages.DataBind();
     }
     else
         rptPages.Visible = false;
     rptContent.DataSource = pgitems;
     rptContent.DataBind();
 }
Esempio n. 3
0
 void LoadData()
 {
     string query;
     db dbc = new db();
     query = "SELECT * FROM pictures ORDER BY date DESC";
     if (Request.QueryString["sort"] == "oldest")
         query = "SELECT * FROM pictures ORDER BY date ASC";
     else if (Request.QueryString["sort"] == "byalphaup")
         query = query = "SELECT * FROM pictures ORDER BY id DESC";
     else if (Request.QueryString["sort"] == "byalphadown")
         query = query = "SELECT * FROM pictures ORDER BY id ASC";
     dbc.cmd.CommandText = query;
     SqlDataAdapter da = new SqlDataAdapter(dbc.cmd);
     DataTable dt = new DataTable();
     da.Fill(dt);
     PagedDataSource pgitems = new PagedDataSource();
     System.Data.DataView dv = new System.Data.DataView(dt);
     pgitems.DataSource = dv;
     pgitems.AllowPaging = true;
     pgitems.PageSize = 9;
     pgitems.CurrentPageIndex = PageNumber;
     if (pgitems.PageCount > 1)
     {
         rptPages.Visible = true;
         System.Collections.ArrayList pages = new System.Collections.ArrayList();
         for (int i = 0; i < pgitems.PageCount; i++)
             pages.Add((i + 1).ToString());
         rptPages.DataSource = pages;
         rptPages.DataBind();
     }
     else
         rptPages.Visible = false;
     rptContent.DataSource = pgitems;
     rptContent.DataBind();
 }
Esempio n. 4
0
 protected void regDBImage(string[] info)
 {
     string name = info[0];
     string fn = info[1];
     string description = info[2];
     string email = info[3];
     string path = info[4];
     DateTime date = DateTime.Now;
     int UserID = util.getID(email);
     db dbc = new db();
     try
     {
         dbc.cmd.CommandText = "INSERT INTO pictures (name,filename,description,userID,date,path) VALUES(@Name,@FileName,@Description,@UserID,@Date,@Path)";
         dbc.cmd.Parameters.Add(new SqlParameter("Name", name));
         dbc.cmd.Parameters.Add(new SqlParameter("FileName", fn));
         dbc.cmd.Parameters.Add(new SqlParameter("Description", description));
         dbc.cmd.Parameters.Add(new SqlParameter("UserID", UserID));
         dbc.cmd.Parameters.Add(new SqlParameter("Date", date));
         dbc.cmd.Parameters.Add(new SqlParameter("Path", path));
         dbc.cmd.ExecuteNonQuery();
     }
     catch(Exception ex)
     {
         Response.Write("Coundn't to insert" + ex.Message);
     }
 }
Esempio n. 5
0
 // get Directory
 protected internal string getDir(string email)
 {
     db dbc = new db();
     string query = "SELECT dir FROM users WHERE email = @Email";
     dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
     dbc.cmd.CommandText = query;
     int counter = 0;
     string dir = "";
     try
     {
         SqlDataReader dr;
         dr = dbc.cmd.ExecuteReader();
         while (dr.Read())
         {
             dir = dr[0].ToString();
             counter++;
         }
     }
     catch
     {
         Console.WriteLine("בעיה בחיבור.");
     }
     if (counter == 1)
         return dir;
     return "";
 }
Esempio n. 6
0
 // Gets ID
 protected internal int getID(string email)
 {
     db dbc = new db();
     string query = "SELECT id FROM users WHERE email = @Email";
     dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
     dbc.cmd.CommandText = query;
     int counter = 0;
     int id = 0;
     try
     {
         SqlDataReader dr;
         dr = dbc.cmd.ExecuteReader();
         while (dr.Read())
         {
             id = dr.GetInt32(0);
             counter++;
         }
     }
     catch
     {
         Console.WriteLine("Problem with connection.");
     }
         if (counter == 1)
         return id;
     return 0;
 }
Esempio n. 7
0
 protected internal void upView(int id)
 {
     db dbc = new db();
     int views = getView(id)+1;
     string query = "UPDATE pictures SET views = @Views WHERE id = @Id";
     dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
     dbc.cmd.Parameters.Add(new SqlParameter("Views", views));
     dbc.cmd.CommandText = query;
     dbc.cmd.ExecuteNonQuery();
     reader.Close();
     dbc.dbCon.Close();
 }
Esempio n. 8
0
 protected internal int getView(int id)
 {
     db dbc = new db();
     int views = 0;
     string query = "SELECT views FROM pictures WHERE id = @Id";
     dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
     dbc.cmd.CommandText = query;
     reader = dbc.cmd.ExecuteReader();
     if (reader.Read())
     {
          views = Convert.ToInt32(reader["views"]);
     }
     reader.Close();
     dbc.dbCon.Close();
     return views;
 }
Esempio n. 9
0
 // Registration of user to DB.
 protected void registration(String name, int studstaff, int grade, String email, String password)
 {
     db dbc = new db();
     try
     {
         dbc.cmd.CommandText = "INSERT INTO users VALUES(@Name,@Email,@Password,@Status, @Grade)";
         dbc.cmd.Parameters.Add(new SqlParameter("Name",name));
         dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
         dbc.cmd.Parameters.Add(new SqlParameter("Password", util.hashSalt(password)));
         dbc.cmd.Parameters.Add(new SqlParameter("Status", studstaff));
         dbc.cmd.Parameters.Add(new SqlParameter("Grade", grade));
         dbc.cmd.ExecuteNonQuery();
     } catch
     {
         Response.Write("Coundn't to insert");
     }
 }
Esempio n. 10
0
 protected internal string[] getDetails(int id)
 {
     db dbc = new db();
     string query = "SELECT * FROM pages WHERE id = @Id";
     dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
     dbc.cmd.CommandText = query;
     SqlDataAdapter adapter = new SqlDataAdapter(dbc.cmd);
     DataSet ds = new DataSet();
     adapter.Fill(ds);
     string[] terms = new string[2];
     DataTable dataTable = ds.Tables["terms"];
     foreach (DataRow dr in ds.Tables[0].Rows)
     {
         terms[0] = Convert.ToString(dr["title"]);
         terms[1] = Convert.ToString(dr["content"]);
     }
     return terms;
 }
Esempio n. 11
0
 protected string[] LoadPageInfo(int id)
 {
     db dbc = new db();
     string query = "SELECT * FROM Info WHERE id = @ID";
     dbc.cmd.CommandText = query;
     dbc.cmd.Parameters.Add(new SqlParameter("ID", id));
     SqlDataReader reader = dbc.cmd.ExecuteReader();
     string[] data = { };
     if(reader.Read())
     {
         data = new string[2]
         {
             Convert.ToString(reader["name"]),
             Convert.ToString(reader["content"])
         };
     }
     return data;
 }
Esempio n. 12
0
 protected internal string getAuthor(int id)
 {
     SqlDataReader reader = null;
     db dbc = new db();
     string author = "";
     string query = "SELECT name FROM users WHERE id = @Id";
     dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
     dbc.cmd.CommandText = query;
     reader = dbc.cmd.ExecuteReader();
     if (reader.Read())
     {
         author = reader["name"].ToString();
         reader.Close();
         dbc.dbCon.Close();
         return author;
     }
     reader.Close();
     dbc.dbCon.Close();
     return author;
 }
Esempio n. 13
0
 protected internal bool checkUsersPic(int pictureID, string eid)
 {
     Utilities util = new Utilities();
     int userID = util.getID(eid);
     int counter = 0;
     db dbc = new db();
     string query = "SELECT * FROM pictures WHERE id = @PictureID AND userID = @UserID";
     dbc.cmd.Parameters.Add(new SqlParameter("PictureID", pictureID));
     dbc.cmd.Parameters.Add(new SqlParameter("UserID", userID));
     dbc.cmd.CommandText = query;
     SqlDataReader reader;
     reader = dbc.cmd.ExecuteReader();
     if (reader.Read())
     {
         counter++;
     }
     if (counter >= 1)
         return true;
     return false;
 }
Esempio n. 14
0
 // Get Email
 protected internal string getEmail(int id)
 {
     db dbc = new db();
     string query = "SELECT email FROM users WHERE id = @Id";
     dbc.cmd.Parameters.Add(new SqlParameter("Id", id));
     dbc.cmd.CommandText = query;
     string email = "";
     try
     {
         SqlDataReader dr;
         dr = dbc.cmd.ExecuteReader();
         while (dr.Read())
         {
             email = dr.GetString(0);
         }
     }
     catch
     {
         Console.WriteLine("בעיה בחיבור.");
     }
         return email;
 }
Esempio n. 15
0
 protected internal string getFileName(int pictureID)
 {
     db dbc = new db();
     string query = "SELECT * FROM pictures WHERE id = @PictureID";
     dbc.cmd.Parameters.Add(new SqlParameter("PictureID", pictureID));
     dbc.cmd.CommandText = query;
     SqlDataReader reader;
     reader = dbc.cmd.ExecuteReader();
     if (reader.Read())
     {
         return Convert.ToString(reader["path"]);
     }
     return "";
 }
Esempio n. 16
0
        protected internal bool isAdmin(string email)
        {
            db dbc = new db();
            string query = "SELECT status,email FROM users WHERE email = @Email AND status = 3";
            dbc.cmd.Parameters.Add(new SqlParameter("Email", email));
            dbc.cmd.CommandText = query;
            int counter = 0;
            try
            {
                SqlDataReader dr;
                dr = dbc.cmd.ExecuteReader();
                while (dr.Read())
                {
                    counter++;
                }
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
                counter = -1;
            }

            if (counter >= 1)
                return true;
            return false;
        }
Esempio n. 17
0
 protected internal bool picExist(int pictureID)
 {
     int counter = 0;
     db dbc = new db();
     string query = "SELECT * FROM pictures WHERE id = @PictureID";
     dbc.cmd.Parameters.Add(new SqlParameter("PictureID", pictureID));
     dbc.cmd.CommandText = query;
     SqlDataReader reader;
     reader = dbc.cmd.ExecuteReader();
     while (reader.Read())
     {
         counter++;
     }
     if (counter == 1)
         return true;
     return false;
 }