Esempio n. 1
0
        public string userAdmin(string pesel)
        {
            string result = "";
            RegexClass r = new RegexClass();
            Match matchPesel = r.Regex.Match(pesel);

            if (matchPesel.Success == false)
            {
                try
                {
                    using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                    {
                        connection.Open();
                        SqlCommand cmd = connection.CreateCommand();
                        SqlParameter sqlPesel = new SqlParameter("@pesel", pesel);
                        cmd.CommandText = "exec UpdateUzyt 2, @pesel, '2'";
                        cmd.Parameters.Add(sqlPesel);
                        cmd.ExecuteNonQuery();

                        result += "OK";
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Error: {0}", ex.ToString());
                    result += "Problem with :  " + ex.ToString();
                }

            }

            return result;
        }
Esempio n. 2
0
        public string createUser(string[] input)
        {
            string result = "";
            RegexClass r = new RegexClass();

            Match mPesel = r.Regex.Match(input[0]);
            Match mPassword = r.Regex.Match(input[1]);
            Match mNickname = r.Regex.Match(input[3]);

            if (mPesel.Success == false && mPassword.Success == false && mNickname.Success == false)
            {
                try
                {
                    using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                    {
                        connection.Open();
                        SqlCommand cmd = connection.CreateCommand();
                        cmd.CommandText = "exec Zarejestruj @pesel, @password , @idArea, 1, @nickname";
                        SqlParameter sqlPesel = new SqlParameter("@pesel", input[0]);
                        SqlParameter sqlPassword = new SqlParameter("@password", input[1]);
                        SqlParameter sqlIdArea = new SqlParameter("@idArea", input[2]);
                        SqlParameter sqlNickname = new SqlParameter("@nickname", input[3]);
                        cmd.Parameters.Add(sqlPesel);
                        cmd.Parameters.Add(sqlPassword);
                        cmd.Parameters.Add(sqlIdArea);
                        cmd.Parameters.Add(sqlNickname);
                        cmd.ExecuteNonQuery();

                        result += "OK";
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Error: {0}", ex.ToString());
                    result += "Problem " + ex.ToString();
                }

            }
            else
            {
                Console.WriteLine("We got problem with PESEL or password (it can be seciurity error !");
                result += "Problem with login or password (it can be both!)";
            }

            return result;
        }
Esempio n. 3
0
        public string addList(string list)
        {
            string result = "";

            List<int> listIds = new List<int>();
            try
            {
                using (XmlReader reader = XmlReader.Create(new StringReader(list)))
                {
                    reader.ReadToFollowing("list");

                    reader.ReadToFollowing("electionId");
                    int idWyborow = reader.ReadElementContentAsInt();
                    reader.ReadToFollowing("comiteeName");
                    string nazwa = reader.ReadElementContentAsString().Trim();
                    reader.ReadToFollowing("areaId");
                    int idOkregu = reader.ReadElementContentAsInt();
                    using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                    {
                        RegexClass r = new RegexClass();
                        Match regexMatch = r.Regex.Match(nazwa);
                        connection.Open();
                        SqlCommand cmd = connection.CreateCommand();
                        cmd.CommandText = "exec ZglosListe @name, @idElection , @idArea";
                        if (regexMatch.Success)
                        {

                            throw new Exception("ERROR : UZYTO SLOWA NIEDOZWOLONEGO SELECT/DELETE");
                        }
                        //else
                        //{
                            SqlParameter sqlNazwa = new SqlParameter("@name", nazwa);
                            cmd.Parameters.Add(sqlNazwa);
                        //}
                        SqlParameter sqlIdElection = new SqlParameter("@idElection", idWyborow);
                        SqlParameter sqlIdArea = new SqlParameter("@idArea", idOkregu);
                        cmd.Parameters.Add(sqlIdElection);
                        cmd.Parameters.Add(sqlIdArea);
                        cmd.ExecuteNonQuery();
                        connection.Close();
                        connection.Open();
                        SqlCommand cmd2 = connection.CreateCommand();
                        cmd2.CommandText = "select dbo.DajID(@name,@idElection,@idArea)";
                        SqlParameter sqlNazwa2 = new SqlParameter("@name", nazwa);
                        SqlParameter sqlIdElection2 = new SqlParameter("@idElection", idWyborow);
                        SqlParameter sqlIdArea2 = new SqlParameter("@idArea", idOkregu);
                        cmd2.Parameters.Add(sqlNazwa2);
                        cmd2.Parameters.Add(sqlIdElection2);
                        cmd2.Parameters.Add(sqlIdArea2);
                        // DAJID PROCEDURE. NAJBARDZIEJ ZACHŁANNY ALGORYTM NA ŚWIECE !
                        SqlDataReader sreader = cmd2.ExecuteReader(); // DRŻYJCIE NIEWIERNI !
                        while (sreader.Read())
                        {
                            listIds.Add(sreader.GetInt32(0));
                        }
                        connection.Close();

                        reader.ReadToFollowing("candidates");
                        while (reader.ReadToFollowing("candidate"))
                        {
                            foreach (int idListy in listIds)
                            {
                                SqlParameter sqlIdList = new SqlParameter("@idList", idListy);
                                string kandydat = reader.ReadElementContentAsString().Trim();
                                Match regexMatch2 = r.Regex.Match(kandydat);
                                if (regexMatch2.Success)
                                {

                                    throw new Exception("ERROR : UZYTO SLOWA NIEDOZWOLONEGO SELECT/DELETE");
                                }
                                else
                                {

                                }
                                connection.Open();
                                SqlCommand cmd3 = connection.CreateCommand();
                                cmd3.CommandText = "exec ZglosKand @candidate , @idList";
                                SqlParameter sqlCandidate = new SqlParameter("@candidate", kandydat);
                                cmd3.Parameters.Add(sqlCandidate);
                                cmd3.Parameters.Add(sqlIdList);
                                cmd3.ExecuteNonQuery();
                                connection.Close();
                                result = "OK";
                            }
                        }
                    }
                }
            }
            catch (Exception e)
            {
                return e.ToString();
            }

            return result;
        }
Esempio n. 4
0
        public String startElection(int idElection, string data)
        {
            string result = "";
            RegexClass r = new RegexClass();

            try
            {
                using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                {
                    Match regexMatch = r.Regex.Match(data);
                    connection.Open();
                    Console.WriteLine("MySQL version : {0}", connection.ServerVersion);
                    SqlCommand cmd = connection.CreateCommand();
                    if (regexMatch.Success)
                    {

                        throw new Exception("ERROR : UZYTO SLOWA NIEDOZWOLONEGO SELECT/DELETE");
                    }
                    else
                    {
                        SqlParameter sqlData = new SqlParameter("@data", data);
                        cmd.Parameters.Add(sqlData);
                    }
                    SqlParameter sqlIdElection = new SqlParameter("@idElection", idElection);
                    cmd.Parameters.Add(sqlIdElection);
                    cmd.CommandText = "exec RozpocznijWybory  @idElection , @data";
                    cmd.ExecuteNonQuery();

                    result += "OK";
                }
            }
            catch (Exception ex)
            {
                Console.WriteLine("Error: {0}", ex.ToString());
                result += "Problem " + ex.ToString();
            }

            return result;
        }
Esempio n. 5
0
        public int checkPrivliges(string pesel)
        {
            int isAdmin = 0;

            try
            {
                using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                {
                    connection.Open();
                    Console.WriteLine("MySQL version : {0}", connection.ServerVersion);
                    RegexClass r = new RegexClass();
                    Match regexMatch = r.Regex.Match(pesel);
                    SqlCommand cmd = new SqlCommand("select dbo.SprUpr(@pesel)", connection);
                    if (regexMatch.Success)
                    {

                        throw new Exception("ERROR : UZYTO SLOWA NIEDOZWOLONEGO SELECT/DELETE");
                    }
                    else
                    {
                        SqlParameter sqlPesel = new SqlParameter("@pesel", pesel);
                        cmd.Parameters.Add(sqlPesel);
                    }
                    int ret = Convert.ToInt32(cmd.ExecuteScalar());

                    if(ret == 2)
                    {
                        isAdmin = 1;
                    }

                }
            }
            catch (Exception ex)
            {
                Console.WriteLine("Error: {0}", ex.ToString());
                return 0;
            }

            return isAdmin;
        }
Esempio n. 6
0
        public int userVoteCheck(string pesel, int electionID)
        {
            int funcionReturn = 0;
            RegexClass r = new RegexClass();
            Match matchPesel = r.Regex.Match(pesel);

            if (matchPesel.Success == false)
            {
                try
                {
                    using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                    {
                        connection.Open();
                        SqlParameter sqlPesel = new SqlParameter("@pesel", pesel);
                        SqlParameter sqlElectionId = new SqlParameter("@electionId", electionID);
                        SqlCommand cmd = new SqlCommand("select dbo.SprCzyGlosowal(@pesel, @electionId)", connection);
                        cmd.Parameters.Add(sqlPesel);
                        cmd.Parameters.Add(sqlElectionId);
                        int ret = Convert.ToInt32(cmd.ExecuteScalar());
                        funcionReturn = ret;
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Error: {0}", ex.ToString());
                    funcionReturn = 0;
                }
            }

            return funcionReturn;  // return 1 if user got comfirmed vote
        }
Esempio n. 7
0
        public string userVote(string[] input)
        {
            string result = "";
            RegexClass r = new RegexClass();
            Match matchPeselCandidate = r.Regex.Match(input[0]);
            Match matchPeselUser = r.Regex.Match(input[1]);

            if (matchPeselCandidate.Success == false && matchPeselUser.Success == false)
            {
                try
                {
                    using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                    {
                        connection.Open();
                        SqlCommand cmd = connection.CreateCommand();
                        SqlParameter sqlPeselCandidate = new SqlParameter("@peselC", input[0]);
                        SqlParameter sqlPeselUser = new SqlParameter("@peselU", input[1]);
                        SqlParameter sqlElectionId = new SqlParameter("@electionId", input[2]);
                        cmd.CommandText = "exec Zaglosuj @peselC, @peselU, @electionId";
                        cmd.Parameters.Add(sqlPeselCandidate);
                        cmd.Parameters.Add(sqlPeselUser);
                        cmd.Parameters.Add(sqlElectionId);
                        cmd.ExecuteNonQuery();

                        result += "OK";
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Error: {0}", ex.ToString());
                    result += "Problem with :  " + ex.ToString();
                }
            }

            return result;
        }
Esempio n. 8
0
        public int userLoginCheckUser(string pesel, string password)
        {
            int isUserExist = 0;
            RegexClass r = new RegexClass();

            Match mPesel = r.Regex.Match(pesel);
            Match mPassword = r.Regex.Match(password);

            if (mPesel.Success == false && mPassword.Success == false)
            {
                try
                {
                    using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                    {
                        connection.Open();

                        SqlCommand cmd = new SqlCommand("select dbo.SprIst(@pesel, @password)", connection);
                        SqlParameter sqlNickname = new SqlParameter("@pesel", pesel);
                        SqlParameter sqlPassword = new SqlParameter("@password", password);
                        cmd.Parameters.Add(sqlNickname);
                        cmd.Parameters.Add(sqlPassword);
                        //SqlDataReader reader = cmd.ExecuteReader();
                        isUserExist = Convert.ToInt32(cmd.ExecuteScalar());

                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Error: {0}", ex.ToString());
                    isUserExist = 0;
                }
            }

            return isUserExist;
        }
Esempio n. 9
0
        public int userLoginCheck(string nickname, string password)
        {
            int equal = 0;
            RegexClass r = new RegexClass();

            Match mPesel = r.Regex.Match(nickname);
            Match mPassword = r.Regex.Match(password);

            if (mPesel.Success == false && mPassword.Success == false)
            {
                try
                {
                    using (SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["connection"]))
                    {
                        connection.Open();
                        SqlCommand cmd = new SqlCommand("select dbo.SprIst2(@nickname,@password)", connection);
                        SqlParameter sqlNickname = new SqlParameter("@nickname", nickname);
                        SqlParameter sqlPassword = new SqlParameter("@password", password);
                        cmd.Parameters.Add(sqlNickname);
                        cmd.Parameters.Add(sqlPassword);
                        int ret = Convert.ToInt32(cmd.ExecuteScalar());
                        equal = ret;
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Error: {0}", ex.ToString());
                    equal = 0;
                }
            }
            return equal;
        }