public void OnGet() { ActiveRecord = new SessionActive(); ActiveRecord.Active_Sesson = false; HttpContext.Session.Clear(); }
public IActionResult OnGet() { // get session variables ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); // if session isn't active then allow access to the create account or allow access for modorators if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; } else { ActiveRecord.Active_Sesson = true; if (ActiveRecord.Active_ModLevel != 1) { return(RedirectToPage("/Users/Index")); } } return(Page()); }
public IActionResult OnPost() { // get session variables incase of admin creating account to prevent against multiple logins ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); using (SqlCommand command = new SqlCommand()) { command.Connection = connect; // sets up the command for inserting into the Users table command.CommandText = @"INSERT INTO Users (FirstName,LastName,EmailAddress,Password, ModLevel) VALUES ( @FName, @LName, @Email, @Password, @Mlvl)"; // get the data from the form element command.Parameters.AddWithValue("@FName", UserRecord.FirstName); command.Parameters.AddWithValue("@LName", UserRecord.LastName); command.Parameters.AddWithValue("@Email", UserRecord.EmailAddress); command.Parameters.AddWithValue("@Password", UserRecord.Password); command.Parameters.AddWithValue("@Mlvl", UserRecord.ModLevel); // execute the query command.ExecuteNonQuery(); } connect.Close(); //if an admin is creating the account then don't set-up a new session ID so check if it is currently empty or not if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { SessionID = HttpContext.Session.Id; HttpContext.Session.SetString("sessionID", SessionID); HttpContext.Session.SetString("emailAddress", UserRecord.EmailAddress); HttpContext.Session.SetString("firstName", UserRecord.FirstName); HttpContext.Session.SetInt32("modLevel", UserRecord.ModLevel); HttpContext.Session.SetInt32("userID", UserRecord.UserID); } return(RedirectToPage("/Index")); }
public IActionResult OnGet() { // get session variables ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); // if session isn't active then redirect to login page if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; return(RedirectToPage("/Login/Login")); } else { ActiveRecord.Active_Sesson = true; return(Page()); } }
public IActionResult OnGet() { ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; return(RedirectToPage("/Login/Login")); } else { ActiveRecord.Active_Sesson = true; if (ActiveRecord.Active_ModLevel != 1) { return(RedirectToPage("/Users/Index")); } } DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); Console.WriteLine(DBconnection); SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); using (SqlCommand command = new SqlCommand()) { command.Connection = connect; command.CommandText = @"SELECT * FROM Images"; SqlDataReader type_reader = command.ExecuteReader(); ImageTypeFullSet = new List <string>(); while (type_reader.Read()) { ImageTypeFullSet.Add(type_reader.GetString(2)); } type_reader.Close(); if (!(string.IsNullOrEmpty(Type) || Type == "ALL")) { command.CommandText += " WHERE Type = @ImgType"; command.Parameters.AddWithValue("@ImgType", Type); } SqlDataReader reader = command.ExecuteReader(); Img = new List <Images>(); IsSelect = new List <bool>(); while (reader.Read()) { Images record = new Images(); record.ImgID = reader.GetInt32(0); record.ImgURL = reader.GetString(1); record.Type = reader.GetString(2); record.ImgName = reader.GetString(3); record.UserID = reader.GetInt32(4); Img.Add(record); IsSelect.Add(false); } reader.Close(); ImageTypeSingleSet = ImageTypeFullSet.Distinct().ToList(); } return(Page()); }
public IActionResult OnGet(string PDF) { ActiveRecord = new SessionActive(); // get the session data ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); // check if a session exists if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; // redirect to login if no session exists return(RedirectToPage("/Login/Login")); } else { ActiveRecord.Active_Sesson = true; if (ActiveRecord.Active_ModLevel != 1) { //if not a an admin redirect to user account page return(RedirectToPage("/Users/Index")); } } //connect to database DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); using (SqlCommand command = new SqlCommand()) { command.Connection = connect; // selects all users from the User database command.CommandText = @"SELECT * FROM Users"; // filters users from the database if filter exists if (!(string.IsNullOrEmpty(Type) || Type == "ALL")) { command.CommandText += " WHERE ModLevel = @accType"; command.Parameters.AddWithValue("@accType", Convert.ToInt32(Type)); } // execte the database command SqlDataReader reader = command.ExecuteReader(); UserRecords = new List <User>(); // loop though returned data while (reader.Read()) { User record = new User(); record.UserID = reader.GetInt32(0); record.FirstName = reader.GetString(1); record.LastName = reader.GetString(2); record.EmailAddress = reader.GetString(3); record.Password = reader.GetString(4); record.ModLevel = reader.GetInt32(5); UserRecords.Add(record); } reader.Close(); // if PDF is set in the url if (PDF == "1") { //Create an object for the PDF document Document doc = new Document(); Section sec = doc.AddSection(); Paragraph para = sec.AddParagraph(); //Add a picture to the pdf ImageSource.ImageSourceImpl = new ImageSharpImageSource <Rgba32>(); Paragraph para2 = sec.AddParagraph(); var picpath = Path.Combine(_env.WebRootPath, "Files", "UserPhoto.png"); var image = para2.AddImage(ImageSource.FromFile(picpath)); image.Width = Unit.FromCentimeter(17); // define picture width para2.Format.SpaceAfter = Unit.FromCentimeter(2); // define the space after the image // define the font type size and colour para.Format.Font.Name = "Arial"; para.Format.Font.Size = 14; para.Format.Font.Color = Color.FromCmyk(0, 0, 0, 100); //black colour // add title para.AddFormattedText("User Report : ", TextFormat.Bold); // add space after the title para.Format.SpaceAfter = "1.0cm"; // set-up table define padding, and borders Table tab = new Table(); tab.Borders.Width = 0.75; tab.TopPadding = 5; tab.BottomPadding = 5; // sets up the columns within the ta table Column col = tab.AddColumn(Unit.FromCentimeter(1.5)); col.Format.Alignment = ParagraphAlignment.Justify; tab.AddColumn(Unit.FromCentimeter(4)); tab.AddColumn(Unit.FromCentimeter(4)); tab.AddColumn(Unit.FromCentimeter(6)); tab.AddColumn(Unit.FromCentimeter(1.5)); // creates a row for the table header and sets a background colour Row row = tab.AddRow(); row.Shading.Color = Colors.Green; //sets up the table headers Cell cell = new Cell(); cell = row.Cells[0]; cell.AddParagraph("User ID"); cell = row.Cells[1]; cell.AddParagraph("First Name"); cell = row.Cells[2]; cell.AddParagraph("Last Name"); cell = row.Cells[3]; cell.AddParagraph("Email"); cell = row.Cells[4]; cell.AddParagraph("Mod Level"); //Add data to table loops through the user record array for (int i = 0; i < UserRecords.Count; i++) { row = tab.AddRow(); cell = row.Cells[0]; cell.AddParagraph(Convert.ToString(UserRecords[i].UserID)); cell = row.Cells[1]; cell.AddParagraph(UserRecords[i].FirstName); cell = row.Cells[2]; cell.AddParagraph(UserRecords[i].LastName); cell = row.Cells[3]; cell.AddParagraph(UserRecords[i].EmailAddress); cell = row.Cells[4]; cell.AddParagraph(Convert.ToString(UserRecords[i].ModLevel)); } // sets the border of the page tab.SetEdge(0, 0, 4, (UserRecords.Count + 1), Edge.Box, BorderStyle.Single, 1, Colors.Gray); sec.Add(tab); //renders the PDF PdfDocumentRenderer pdfRen = new PdfDocumentRenderer(); pdfRen.Document = doc; pdfRen.RenderDocument(); //creates a memory stream MemoryStream stream = new MemoryStream(); pdfRen.PdfDocument.Save(stream); //saving the file into the stream Response.Headers.Add("content-disposition", new[] { "inline; filename = UserRecord.pdf" }); return(File(stream, "application/pdf")); //directs to the PDF } } return(Page()); }
public IActionResult OnGet(int?id) { ActiveRecord = new SessionActive(); // gets the active session records ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); // checks if a session exists if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { // if no session exists sends users to login ActiveRecord.Active_Sesson = false; return(RedirectToPage("/Login/Login")); } else { ActiveRecord.Active_Sesson = true; if (ActiveRecord.Active_ModLevel != 1) { // if logged in and not a admin direct to account page return(RedirectToPage("/Users/Index")); } } // creates connection to database DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); // opens an sql connection SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); UserRecord = new User(); using (SqlCommand command = new SqlCommand()) { command.Connection = connect; // selects all users from the database where the user id = ID command.CommandText = "SELECT * FROM Users WHERE UserID = @ID"; command.Parameters.AddWithValue("@ID", id); SqlDataReader reader = command.ExecuteReader(); //writes records into the user record array while (reader.Read()) { UserRecord.UserID = reader.GetInt32(0); UserRecord.FirstName = reader.GetString(1); UserRecord.LastName = reader.GetString(2); UserRecord.EmailAddress = reader.GetString(3); UserRecord.Password = reader.GetString(4); UserRecord.ModLevel = reader.GetInt32(5); } } connect.Close(); // returns the page return(Page()); }
public IActionResult OnGet(int?id) { // get session variables ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); // if session isn't active then redirect to login page if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; return(RedirectToPage("/Login/Login")); } else { ActiveRecord.Active_Sesson = true; if (ActiveRecord.Active_ModLevel != 1) { return(RedirectToPage("/Users/Index")); } } // get database connection DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); UserRecord = new User(); using (SqlCommand command = new SqlCommand()) { command.Connection = connect; // select all from database where id = id command.CommandText = "SELECT * FROM Users WHERE UserID = @ID"; command.Parameters.AddWithValue("@ID", id); // execute the SQL command SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { UserRecord.UserID = reader.GetInt32(0); UserRecord.FirstName = reader.GetString(1); UserRecord.LastName = reader.GetString(2); UserRecord.EmailAddress = reader.GetString(3); UserRecord.Password = reader.GetString(4); UserRecord.ModLevel = reader.GetInt32(5); } } // close connection connect.Close(); return(Page()); }
public async Task <IActionResult> OnGetAsync(int?imgid, int?download) { // get session variables ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); // if session isn't active then redirect to login page if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; return(RedirectToPage("/Login/Login")); } else { ActiveRecord.Active_Sesson = true; } DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); ImgRecord = new Images(); using (SqlCommand command = new SqlCommand()) { command.Connection = connect; command.CommandText = "SELECT * FROM Images WHERE ImgID = @ID"; command.Parameters.AddWithValue("@ID", imgid); SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { ImgRecord.ImgID = reader.GetInt32(0); ImgRecord.ImgURL = reader.GetString(1); ImgRecord.Type = reader.GetString(2); ImgRecord.ImgName = reader.GetString(3); ImgRecord.UserID = reader.GetInt32(4); } reader.Close(); } if (download == 1) { const string Path2 = "ImgUploads"; var FileToDownload = Path.Combine(_env.WebRootPath, Path2, ImgRecord.ImgURL); MemoryStream memory = new MemoryStream(); using (FileStream Fstream = new FileStream(FileToDownload, FileMode.Open)) { await Fstream.CopyToAsync(memory); } memory.Position = 0; return(File(memory, "image/jpg", Path.GetFileName(FileToDownload))); } using (SqlCommand command = new SqlCommand()) { command.Connection = connect; command.CommandText = "SELECT FirstName, LastName FROM Users WHERE UserID = @ID"; command.Parameters.AddWithValue("@ID", ImgRecord.UserID); SqlDataReader name_reader = command.ExecuteReader(); while (name_reader.Read()) { UploadUser = name_reader.GetString(0) + " " + name_reader.GetString(1); } if (string.IsNullOrEmpty(UploadUser)) { UploadUser = "******"; } connect.Close(); return(Page()); } }
public IActionResult OnGet(string?ActiveType) { // checks if there is an active session ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); // acts on if there is an active session or not if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; } else { ActiveRecord.Active_Sesson = true; } //connects to database DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); Console.WriteLine(DBconnection); SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); using (SqlCommand command = new SqlCommand()) { command.Connection = connect; //starts building the command to Select all images from the database command.CommandText = @"SELECT * FROM Images"; SqlDataReader type_reader = command.ExecuteReader(); ImageTypeFullSet = new List <string>(); while (type_reader.Read()) { // loops through the types of images available and adds the type into a variable e.g. forest, sea, desert etc. ImageTypeFullSet.Add(type_reader.GetString(2)); } type_reader.Close(); // checks if a filter has been set for displaying a specific image type if (!(string.IsNullOrEmpty(ActiveType) || Type == "ALL")) { // adds to the database command to select all from images where type = the selected filter command.CommandText += " WHERE Type = @ImgType"; command.Parameters.AddWithValue("@ImgType", ActiveType); } // executes the database command SqlDataReader reader = command.ExecuteReader(); ImgRecords = new List <Images>(); col1_ImgRecords = new List <Images>(); col2_ImgRecords = new List <Images>(); col3_ImgRecords = new List <Images>(); // distributer is set for looping through the images and distributing them across the 3 collumns int distributor = 1; //loops through the data returned from the database while (reader.Read()) { Images record = new Images(); record.ImgID = reader.GetInt32(0); record.ImgURL = reader.GetString(1); record.Type = reader.GetString(2); record.ImgName = reader.GetString(3); record.UserID = reader.GetInt32(4); ImgRecords.Add(record); if (distributor == 1) { // distributes the image into column 1 and changes the distribution to 2 so the next image goes into the next column, // it then jumps back to the start of the loop or it would carry on and be placd in column 2 qnd column 3 col1_ImgRecords.Add(record); distributor = 2; continue; } if (distributor == 2) { // simliar to the above i statement if gets images and seves them into column 2 but tells the file to save into column 3 next col2_ImgRecords.Add(record); distributor = 3; continue; } if (distributor == 3) { //after column 3 has saved an image it has to tell the functon to save to column one next and it repeats the porcess through each column untill all images are loaded. col3_ImgRecords.Add(record); distributor = 1; continue; } } // this gets the list of types available within the database and deletes duplicates. ImageTypeSingleSet = ImageTypeFullSet.Distinct().ToList(); reader.Close(); } return(Page()); }
public IActionResult OnPost() { ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); // if session isn't active then redirect to login page if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; return(RedirectToPage("/Login/Login")); } else { ActiveRecord.Active_Sesson = true; } // get database connection DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); //create the file path to upload the image to const string Path2 = "ImgUploads"; var FileToUpload = Path.Combine(_env.WebRootPath, Path2, ImgFile.FileName); // upload the image on the filestream using (var Fstream = new FileStream(FileToUpload, FileMode.Create)) { ImgFile.CopyTo(Fstream); } using (SqlCommand command = new SqlCommand()) { command.Connection = connect; // insert the images data into the database command.CommandText = @"INSERT INTO Images ( ImgURL, Type, ImgName, UserID) VALUES ( @ImgURL, @Type, @ImgName, @UserID)"; command.Parameters.AddWithValue("@ImgURL", ImgFile.FileName); command.Parameters.AddWithValue("@Type", Tidy_case(ImgRecord.Type)); command.Parameters.AddWithValue("@ImgName", ImgRecord.ImgName); command.Parameters.AddWithValue("@UserID", ImgRecord.UserID); command.ExecuteNonQuery(); } using (SqlCommand ID_command = new SqlCommand()) { ID_command.Connection = connect; ID_command.CommandText = @"SELECT ImgID FROM Images WHERE ImgURL = @ImgURL"; ID_command.Parameters.AddWithValue("@ImgURL", ImgFile.FileName); SqlDataReader ID_reader = ID_command.ExecuteReader(); while (ID_reader.Read()) { uploadID = ID_reader.GetInt32(0); } } //close database connection connect.Close(); // redirects to the image page for the image uploaded passing through the image ID return(RedirectToPage("/ImgController/Index", new { imgid = uploadID })); }
public IActionResult OnGet(int?id) { ActiveRecord = new SessionActive(); ActiveRecord.Active_SessionID = HttpContext.Session.GetString(Session_SessionID); ActiveRecord.Active_EmailAddress = HttpContext.Session.GetString(Session_EmailAddress); ActiveRecord.Active_FirstName = HttpContext.Session.GetString(Session_FirstName); ActiveRecord.Active_ModLevel = HttpContext.Session.GetInt32(Session_ModLevel); if (string.IsNullOrEmpty(ActiveRecord.Active_EmailAddress) && string.IsNullOrEmpty(ActiveRecord.Active_FirstName) && string.IsNullOrEmpty(ActiveRecord.Active_SessionID)) { ActiveRecord.Active_Sesson = false; return(RedirectToPage("/Login/Login")); } else { ActiveRecord.Active_Sesson = true; if (ActiveRecord.Active_ModLevel != 1) { return(RedirectToPage("/Users/Index")); } } DBConnect G24database_connection = new DBConnect(); string DBconnection = G24database_connection.DatabaseString(); Console.WriteLine(DBconnection); SqlConnection connect = new SqlConnection(DBconnection); connect.Open(); ImgRecord = new Images(); using (SqlCommand command = new SqlCommand()) { command.Connection = connect; //sets all new users to a modlevel of 0 command.CommandText = "SELECT * FROM Images WHERE ImgID = @ID"; command.Parameters.AddWithValue("@ID", id); Console.WriteLine("The id: " + id); SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { ImgRecord.ImgID = reader.GetInt32(0); ImgRecord.ImgURL = reader.GetString(1); ImgRecord.Type = reader.GetString(2); ImgRecord.ImgName = reader.GetString(3); ImgRecord.UserID = reader.GetInt32(4); } } connect.Close(); return(Page()); }