コード例 #1
0
        public string CheckInsert(DRPenv values)
        {
            //checks if the json is malformed
            if (values.CheckNull(values))
            {
                return("Json is incomplete or wrong");
            }
            //Checks if it has been 5 minutes since last upload.
            TimeSpan TimeElapsed = DateTime.Now - LastUpload;

            if (TimeElapsed.TotalSeconds < 300 && !AllowInitialUpload)
            {
                return("Too many uploads recently, please try again later.");
            }
            //Sets the initial upload bool to false as it has gone past the first timer check.
            AllowInitialUpload = false;
            //bad words big yikes
            List <string> Profanity = new List <string> {
                "nig",
                "f**k",
                "shit",
            };

            //if contains any bad words
            if (Profanity.Any(values.FILENAMETEXTBOX.ToLower().Contains) || Profanity.Any(values.DETAILSTEXTBOX.ToLower().Contains) ||
                Profanity.Any(values.STATETEXTBOX.ToLower().Contains) || Profanity.Any(values.CLIENTIDTEXTBOX.ToLower().Contains))
            {
                return("Failed to add - Contains Profanity");
            }

            //if the previous checks pass try to add to the DB.
            try
            {
                using SqlConnection connection = new SqlConnection(builder.ConnectionString);
                connection.Open();

                /*Checks to see if the clientID is already present and/or if the file name is present.
                 * If it returns more than 1 row it is not unique and may be spam.*/
                string sql = "SELECT * FROM dbo.env WHERE CLIENTIDTEXTBOX = @VALUE1 OR FILENAMETEXTBOX = @VALUE2";
                using SqlCommand command = new SqlCommand(sql, connection);
                //used for SQL injection prevention.
                command.Parameters.AddWithValue("@VALUE1", values.CLIENTIDTEXTBOX);
                command.Parameters.AddWithValue("@VALUE2", values.FILENAMETEXTBOX);
                using SqlDataReader reader = command.ExecuteReader();
                //if query returns nothing neither value exists.
                if (reader.HasRows)
                {
                    return("Preset already exists!");
                }
                else
                {
                    LastUpload = DateTime.Now;
                    return("Success");
                }
            }
            catch (Exception)
            {
                return("Something went wrong");
            }
        }
コード例 #2
0
 public void Insert(DRPenv values)
 {
     try
     {
         string[] DRPValues = values.ToArray();
         using SqlConnection connection = new SqlConnection(builder.ConnectionString);
         connection.Open();
         //sql string builder @VALUE is used for SQL injection prevention
         string sql = "INSERT INTO env VALUES (";
         for (int i = 0; i < DRPValues.Length - 1; i++)
         {
             if (i == DRPValues.Length - 2)
             {
                 sql += "@VALUE" + i.ToString() + ")";
             }
             else
             {
                 sql += "@VALUE" + i.ToString() + ",";
             }
         }
         using SqlCommand command = new SqlCommand(sql, connection);
         for (int i = 0; i < DRPValues.Length - 1; i++)
         {
             command.Parameters.AddWithValue("@VALUE" + i.ToString(), DRPValues[i]);
         }
         command.ExecuteReader();
     }
     catch (SqlException) { /*sad react if this happens*/ }
 }
コード例 #3
0
ファイル: DRPenv.cs プロジェクト: Assasindie/DRPmodifierAPI
 public bool CheckNull(DRPenv env)
 {
     string[] array = env.ToArray();
     for (int i = 0; i < array.Length - 1; i++)
     {
         if (string.IsNullOrEmpty(array[i]))
         {
             return(true);
         }
     }
     return(false);
 }