public bool SetVisibleRecord(long uniqueId, bool visible, DodoSession s)
{
bool ret = false;
HttpContext context = DodoApplication.CurrentContext;
int retErr = 0;
int userId = ((DodoSession)context.Session).userId;
using (var conn = CreateConnection())
{
using (var cmd = conn.CreateCommand())
{
cmd.CommandText = "update poweq1 set " +
"visible = @visible, " +
"modified = CURRENT_TIMESTAMP " +
"where uniqueId = @uniqueId";
cmd.Parameters.AddWithValue("visible", visible);
cmd.Parameters.AddWithValue("uniqueId", uniqueId);
retErr = cmd.ExecuteNonQuery();
ret = true;
}
}
return(ret);
}
public override void OnAddSession(HttpContext context)
{
DodoSession session = null;
if (context.Request.Form["email"] != null)
{
session = CurrentDb.CheckEmail(
context.Request.Form["email"]);
if (session == null)
{
throw new Exception("Email is not correct");
}
}
else
{
session = CurrentDb.CheckUserAndPwd(
context.Request.Form["user"], context.Request.Form["pwd"]);
if (session == null)
{
throw new Exception("User or Password is not correct");
}
}
Sessions.AddSession(session);
SetSessionState(context, session);
}
public List <DodoItem> GetFolders(DodoSession session, long folderId)
{
var ret = new List <DodoItem>();
using (var conn = CreateConnection())
{
using (var cmd = conn.CreateCommand())
{
cmd.CommandText = "select uniqueId, keywords, userId " +
"from poweq1 " +
"where userId = @userId and type = 'folder' and folderId = @folderid " +
"order by keywords";
cmd.Parameters.AddWithValue("userId", session.userId);
cmd.Parameters.AddWithValue("folderid", folderId);
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
ret.Add(DodoItemBase.GetItem <DodoItem>(
app, reader.GetInt64(reader.GetOrdinal("uniqueId"))));
}
}
}
}
return(ret);
}
public DodoSession CheckUserAndPwd(string user, string pwd)
{
DodoSession ret = null;
using (MySqlConnection conn = CreateConnection())
{
using (MySqlCommand cmd = conn.CreateCommand())
{
cmd.CommandText = "select userid, username, fullname from powequsers where username = ?user and password = ?pwd";
// cmd.Parameters.Add("user", user);
// cmd.Parameters.Add("user", pwd);
cmd.Parameters.AddWithValue("user", user);
cmd.Parameters.AddWithValue("pwd", pwd);
using (MySqlDataReader reader = cmd.ExecuteReader())
{
if (reader.Read())
{
ret = new DodoSession(app, reader.GetInt32("userid"),
reader.GetString("username"),
reader.GetString("fullname"));
}
}
}
}
return(ret);
}
public DodoItem GetFolder(string id, DodoSession s)
{
DodoItem ret = null;
if (id.CompareTo("-1") == 0)
{
// objeto nuevo
ret = new DodoItem();
ret.UniqueId = -1;
ret.UserId = s.userId;
}
else
{
using (var conn = CreateConnection())
using (var cmd = conn.CreateCommand())
{
cmd.CommandText = "select uniqueId from poweq1 where uniqueId = @uniqueId";
cmd.Parameters.AddWithValue("uniqueId", id);
using (var reader = cmd.ExecuteReader())
{
if (reader.Read())
{
ret = DodoItemBase.GetItem <DodoItem>(
app, reader.GetInt64(reader.GetOrdinal("uniqueId")));
}
}
}
}
return(ret);
}
public void WriteGlobalVars()
{
HttpContext context = DodoApplication.CurrentContext;
DodoSession session = (DodoSession)context.Session;
context.Reply.Write("<script type=\"text/javascript\">");
context.Reply.Write("var currentUserId = '{0}';", session.userId);
context.Reply.Write("var currentUserName = '******';", session.userName);
context.Reply.Write("var currentSession = '{0}';", session.Auth);
context.Reply.Write("</script>");
}
/// <summary>
/// añadir y modificar registro
/// </summary>
/// <param name="record"></param>
public void ModifyFolder(ref DodoItem folder, DodoSession s)
{
int retErr = 0;
using (var conn = CreateConnection())
{
using (var cmd = conn.CreateCommand())
{
if (folder.UniqueId == -1)
{
cmd.CommandText = "insert into poweq1 " +
"(uniqueId, userId, folderId, keywords, type, visible, weight, registered, modified) values " +
"(@uniqueId, " +
"@userId, " +
"@folderId, " +
"@keywords, " +
"'folder', " +
"@visible, " +
"100, " +
"CURRENT_TIMESTAMP, CURRENT_TIMESTAMP);";
// cmd.CommandText += "SELECT @@IDENTITY";
folder.UniqueId = GetCounter();
cmd.Parameters.AddWithValue("uniqueId", folder.UniqueId);
cmd.Parameters.AddWithValue("userId", folder.UserId);
cmd.Parameters.AddWithValue("keywords", folder.Keywords);
cmd.Parameters.AddWithValue("visible", folder.Visible);
cmd.Parameters.AddWithValue("folderId", folder.FolderId);
retErr = cmd.ExecuteNonQuery();
}
else
{
cmd.CommandText = "update poweq1 set " +
"keywords = @keywords, " +
"folderId = @folderId, " +
"modified = CURRENT_TIMESTAMP, " +
"visible = @visible " +
"where uniqueId = @uniqueId";
cmd.Parameters.AddWithValue("uniqueId", folder.UniqueId);
cmd.Parameters.AddWithValue("keywords", folder.Keywords);
cmd.Parameters.AddWithValue("folderId", folder.FolderId);
cmd.Parameters.AddWithValue("visible", folder.Visible);
retErr = cmd.ExecuteNonQuery();
}
folder = GetFolder(folder.UniqueId.ToString(), s);
}
}
}
public DodoSession CheckEmail(string email)
{
DodoSession ret = null;
using (MySqlConnection conn = CreateConnection())
{
using (MySqlCommand cmd = conn.CreateCommand())
{
cmd.CommandText = "select userid, username, fullname from powequsers where email = ?email";
cmd.Parameters.AddWithValue("email", email);
using (MySqlDataReader reader = cmd.ExecuteReader())
{
if (reader.Read())
{
ret = new DodoSession(app, reader.GetInt32("userid"),
reader.GetString("username"),
reader.GetString("fullname"));
}
}
}
}
return(ret);
}
public void Interpret()
{
string method = Path.GetFileNameWithoutExtension(request.Url);
object answer = null;
StringBuilder sb = new StringBuilder();
StringWriter writer = new StringWriter(sb);
string idcall = "";
try
{
idcall = request.UriArgs["id"];
DodoSession s = null;
if (request.UriArgs["auth"] != null)
{
s = app.Sessions[(WebAuth)request.UriArgs["auth"]] as DodoSession;
}
switch (method)
{
case "getFolders":
int folderId_0 = 0;
int.TryParse(request.UriArgs["f"], out folderId_0);
var tmpGetFolders = app.CurrentDb.GetFolders(s, folderId_0);
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(tmpGetFolders) + ");");
/*
* if (tmpGetFolders.Count > 0)
*
* else
* writer.WriteLine("var reply = new dbapi.async(" + idcall + ", new Array());");
*/
// writer.WriteLine("dbapi.cb(reply);");
break;
case "setVisibleRecord":
string _code = request.UriArgs["code"];
long code = Convert.ToInt64(_code);
string _show = request.UriArgs["show"];
bool show = Convert.ToBoolean(_show);
answer = app.CurrentDb.SetVisibleRecord(code, show, s);
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(answer) + ");");
break;
case "getRecord":
string c = request.UriArgs["code"];
answer = app.CurrentDb.GetRecord(c, s);
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(answer) + ");");
// writer.WriteLine("dbapi.cb(reply);");
break;
case "getItem":
answer = app.CurrentDb.GetItem(app.CalcUniqueId(request.UriArgs["code"]));
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(answer) + ");");
// writer.WriteLine("dbapi.cb(reply);");
break;
case "getContenPreview":
DodoItem previewContent = app.CurrentDb.GetItem(app.CalcUniqueId(request.UriArgs["code"]));
var dodoContent = new DodoContent()
{
Content = previewContent.GetContent()
};
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(dodoContent) + ");");
// writer.WriteLine("dbapi.cb(reply);");
break;
case "searchRecords":
string search = request.UriArgs["s"];
int folderId_1 = 0;
int.TryParse(request.UriArgs["f"], out folderId_1);
answer = app.CurrentDb.SearchMyRecords(s.userId, search, folderId_1);
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(answer) + ");");
// writer.WriteLine("dbapi.cb(reply);");
break;
case "modifyRecord":
var rec2 = (DodoItem)JavaScriptConvert.DeserializeObject(
request.UriArgs["record"].ToString(), typeof(DodoItem));
app.CurrentDb.ModifyRecord(ref rec2);
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(rec2) + ");");
// writer.WriteLine("dbapi.cb(reply);");
break;
case "modifyFolder":
DodoItem folder = (DodoItem)JavaScriptConvert.DeserializeObject(
request.UriArgs["folder"].ToString(), typeof(DodoItem));
app.CurrentDb.ModifyFolder(ref folder, s);
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", " + JavaScriptConvert.SerializeObject(folder) + ");");
// writer.WriteLine("dbapi.cb(reply);");
break;
case "removeRecord":
string id = request.UriArgs["code"] != null ? (string)request.UriArgs["code"] : "";
app.CurrentDb.RemoveRecord(id);
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", 'ok');");
// writer.WriteLine("dbapi.cb(reply);");
break;
default:
throw new Exception("El método no existe " + method);
}
}
catch (Exception err)
{
sb.Length = 0;
writer.WriteLine(string.Format("var e = new Error('{0}');", err.Message.Replace("\n", " ")));
writer.WriteLine("var reply = new dbapi.async(" + idcall + ", e);");
}
// mandamos la respuesta
reply.LoadText(sb.ToString());
}
