コード例 #1
0
ファイル: AdminPageController.cs プロジェクト: Kiira02/test
        public ActionResult Index(string button, GameAddModel model, HttpPostedFileBase image)
        {
            var connectionString = GetDatabaseConnection(ConnectionName);
            AuthorizationData data = new AuthorizationData();
            using (var conn = new SqlConnection(connectionString))

            switch (button)
            {
                case "Add User":
                    using (var command = new SqlCommand("InsertUser", conn) { CommandType = CommandType.StoredProcedure })
                    {
                        command.Parameters.AddWithValue("@UserName", model.UserName);
                        command.Parameters.AddWithValue("@Email", model.UserEmail);
                        command.Parameters.AddWithValue("@Password", model.UserPassword);
                        var returnParameter = command.Parameters.Add("@ReturnVal", SqlDbType.Int);
                        returnParameter.Direction = ParameterDirection.ReturnValue;
                        conn.Open();
                        command.ExecuteNonQuery();
                        var result = Convert.ToBoolean(returnParameter.Value);
                        conn.Close();

                        if (result == false) {
                            data.Status = false;
                        } else {
                            data.Status = true;
                        }
                    }
                    if (data.Status == true) {
                        ModelState.AddModelError("", "The user with this email already exist.");
                        return View(model);
                    }
                    break;
                case "Add Game":
                    string path = @"C:\1\IMZ\trunk\InetMagaz\InetMagaz\Content\Images\";

                    if (image != null) image.SaveAs(path + image.FileName);

                    string saveToBaseUrl = "./Content/Images/";

                    using (var command = new SqlCommand("InsertGame", conn) { CommandType = CommandType.StoredProcedure })
                    {
                        command.Parameters.AddWithValue("@Name", model.GameName);
                        command.Parameters.AddWithValue("@Description", model.GameDescription);
                        command.Parameters.AddWithValue("@ImageUrl", (saveToBaseUrl + image.FileName));
                        command.Parameters.AddWithValue("@Price", Convert.ToInt32(model.GamePrice));
                        conn.Open();
                        command.ExecuteNonQuery();
                        conn.Close();
                    }
                    break;
            }
            return View();
        }
コード例 #2
0
ファイル: Main.cs プロジェクト: Kiira02/test
        public AuthorizationData Register(string name, string email, string password)
        {
            var connectionString = GetDatabaseConnection(ConnectionName);
            AuthorizationData data = new AuthorizationData();

            using (var conn = new SqlConnection(connectionString))
            using (var command = new SqlCommand("InsertUser", conn)
            {
                CommandType = CommandType.StoredProcedure
            })
            {
                command.Parameters.AddWithValue("@UserName", name);
                command.Parameters.AddWithValue("@Email", email);
                command.Parameters.AddWithValue("@Password", password);
                var returnParameter = command.Parameters.Add("@ReturnVal", SqlDbType.Int);
                returnParameter.Direction = ParameterDirection.ReturnValue;
                conn.Open();
                command.ExecuteNonQuery();
                var result = Convert.ToBoolean(returnParameter.Value);
                conn.Close();

                if (result == false)
                {
                    data.Status = false;
                }
                else
                {
                    data.Status = true;
                }
            }
            return data;
        }
コード例 #3
0
ファイル: AccountController.cs プロジェクト: Kiira02/test
        public ActionResult Login(LoginModel model, string returnUrl)
        {
            var connectionString = GetDatabaseConnection(ConnectionName);
            AuthorizationData data = new AuthorizationData();

            using (var conn = new SqlConnection(connectionString))
            using (var command = new SqlCommand("GetUser", conn) { CommandType = CommandType.StoredProcedure })
            {
                command.Parameters.AddWithValue("@Email", model.UserName);
                command.Parameters.AddWithValue("@Password", model.Password);
                conn.Open();
                SqlDataReader reader = command.ExecuteReader();

                int id = -1;
                string admin = "";

                while (reader.Read())
                {
                    // 0 - Id row
                    // 1 - Name row
                    id = reader.GetInt32(0);
                    admin = reader.GetString(4);
                }
                conn.Close();

                if (admin == "false")
                {
                    data.Status = false;
                }
                else
                {
                    data.Status = true;
                    data.userId = id;
                    //data.userEmail = email;
                }
            }
            if (data.Status == true)
            {
                Response.Cookies["ID"].Value = data.userId.ToString();
                Response.Cookies["ID"].Expires = DateTime.Now.AddMinutes(30);

                return RedirectToAction("Index", "AdminPage");
            }
            else
            {
                ModelState.AddModelError("", "The user name or password provided is incorrect.");
                return View(model);
            }
        }
コード例 #4
0
ファイル: Main.cs プロジェクト: Kiira02/test
        public AuthorizationData LogOn(string email, string password)
        {
            var connectionString = GetDatabaseConnection(ConnectionName);
            AuthorizationData data = new AuthorizationData();

            using (var conn = new SqlConnection(connectionString))
            using (var command = new SqlCommand("GetUser", conn)
            {
                CommandType = CommandType.StoredProcedure
            })
            {
                command.Parameters.AddWithValue("@Email", email);
                command.Parameters.AddWithValue("@Password", password);
                conn.Open();
                SqlDataReader reader = command.ExecuteReader();

                int id = -1;
                string name = "";

                while (reader.Read())
                {
                    // 0 - Id row
                    // 1 - Name row
                    id = reader.GetInt32(0);
                    name = reader.GetString(1);
                }
                conn.Close();

                if (id == -1)
                {
                    data.Status = false;

                }
                else
                {
                    data.Status = true;
                    data.userName = name;
                    data.userId = id;
                    data.userEmail = email;
                }
            }
            return data;
        }