protected void btnAdd_Click(object sender, EventArgs e)
{
DatabaseUtilities du = new DatabaseUtilities ();
du.AddNewPosting (txtTitle.Text, txtEmail.Text, txtMessage.Text);
RefreshListings ();
//lblOutput.Text = result;
}
//TODO: Add "welcome back " + name;
//TODO: pending orders?
//TODO: Add "WebGoat Coins Info Center"
//TODO: Take out monthly special, add "hear what our customers are saying" - with the latest comments. Add date field to comments??
protected void Page_Load(object sender, EventArgs e)
{
labelUpload.Visible = false;
if (Request.Cookies["customerNumber"] != null)
{
string customerNumber = Request.Cookies["customerNumber"].Value;
DatabaseUtilities du = new DatabaseUtilities(Server);
DataSet ds = du.GetCustomerDetails(customerNumber);
DataRow row = ds.Tables[0].Rows[0]; //customer row
Image1.ImageUrl = "images/logos/" + row["logoFileName"];
foreach (DataColumn col in ds.Tables[0].Columns)
{
TableRow tablerow = new TableRow();
tablerow.ID = col.ColumnName.ToString();
TableCell cell1 = new TableCell();
TableCell cell2 = new TableCell();
cell1.Text = col.ColumnName.ToString();
cell2.Text = row[col].ToString();
tablerow.Cells.Add(cell1);
tablerow.Cells.Add(cell2);
CustomerTable.Rows.Add(tablerow);
}
}
}
protected void btnFind_Click(object sender, EventArgs e)
{
try {
DatabaseUtilities du = new DatabaseUtilities ();
DataTable dt = du.GetMailingListInfoByEmailAddress (txtEmail.Text);
string output = string.Empty;
if (dt.Rows.Count > 0) {
lblOutput.Text += "You are already on the list!<p/>";
foreach (DataRow row in dt.Rows) {
foreach (DataColumn col in dt.Columns) {
output += "<b><i>" + col.ColumnName + "</i></b>: " + row [col.ColumnName] + "<br/>";
}
output += "<p/>";
}
lblOutput.Text += output;
} else {
string result = du.AddToMailingList (txtFirst.Text, txtLast.Text, txtEmail.Text);
lblOutput.Text = result;
}
} catch (Exception ex) {
lblOutput.Text = ex.Message;
}
/*else {
bool result = du.AddToMailingList (txtFirst.Text, txtLast.Text, txtEmail.Text);
if (result == true)
lblOutput.Text = "You have been added!";
else
lblOutput.Text = "Oops, an error occurred - you were NOT added to our mailing list. Please try again";
}*/
}
void LoadCity (String city)
{
DatabaseUtilities du = new DatabaseUtilities(Server);
DataSet ds = du.GetOffice(city);
lblOutput.Text = "Here are the details for our " + city + " Office";
dtlView.DataSource = ds.Tables[0];
dtlView.DataBind();
}
protected void btnAdd_Click(object sender, EventArgs e)
{
DatabaseUtilities du = new DatabaseUtilities();
du.AddNewPosting(txtTitle.Text, txtEmail.Text, txtMessage.Text);
RefreshListings();
//lblOutput.Text = result;
}
protected void btnTest_Click (object sender, EventArgs e)
{
DatabaseUtilities du = new DatabaseUtilities (Server);
//if (du.RecreateGoatDB ())
// lblOutput.Text = "DB Recreated";
lblOutput.Text = du.Test();
}
protected void btnTest_Click(object sender, EventArgs e)
{
DatabaseUtilities du = new DatabaseUtilities();
if (du.RecreateGoatDB())
{
lblOutput.Text = "DB Recreated";
}
}
protected void btnTest_Click (object sender, EventArgs e)
{
DatabaseUtilities du = new DatabaseUtilities ();
if (du.RecreateGoatDB ())
lblOutput.Text = "DB Recreated";
}
protected void btnFind_Click (object sender, EventArgs e)
{
DatabaseUtilities du = new DatabaseUtilities(Server);
string name = txtName.Text;
DataSet ds = du.GetEmailByName(name);
grdEmail.DataSource = ds.Tables[0];
grdEmail.DataBind();
}
protected void btnFind_Click(object sender, EventArgs e)
{
try {
DatabaseUtilities du = new DatabaseUtilities();
string email = du.GetEmailByUserID(txtID.Text);
lblOutput.Text = email;
} catch (Exception ex) {
lblOutput.Text = ex.Message;
}
}
protected void btnFind_Click (object sender, EventArgs e)
{
try {
DatabaseUtilities du = new DatabaseUtilities ();
string email = du.GetEmailByUserID (txtID.Text);
lblOutput.Text = email;
} catch (Exception ex) {
lblOutput.Text = ex.Message;
}
}
void LoadComments()
{
DatabaseUtilities du = new DatabaseUtilities(Server);
DataSet ds = du.GetComments("user_cmt");
//string output = string.Empty;
string comments = string.Empty;
foreach (DataRow row in ds.Tables[0].Rows)
{
comments += "<strong>Email:</strong>" + row["email"] + "<span style='font-size: x-small;color: #E47911;'> (Email Address Verified!) </span><br/>";
comments += "<strong>Comment:</strong><br/>" + row["comment"] + "<br/><hr/>";
}
lblComments.Text = comments;
}
void RefreshListings ()
{
DatabaseUtilities du = new DatabaseUtilities ();
DataTable posts = du.GetAllPostings ();
string output = string.Empty;
foreach (DataRow dr in posts.Rows) {
foreach (DataColumn col in posts.Columns) {
output += "<b><i>" + col.ColumnName + "</i></b>: " + dr [col.ColumnName] + "<br/>";
}
output += "<p/>";
}
lblOutput.Text = output;
}
protected void btnFind_Click (object sender, EventArgs e)
{
try
{
DatabaseUtilities du = new DatabaseUtilities(Server);
string name = txtID.Text.Substring(0, 3);
string output = du.GetEmailByCustomerNumber(name);
lblOutput.Text = output;
}
catch (Exception ex)
{
lblOutput.Text = ex.Message;
}
}
void RefreshListings ()
{
DatabaseUtilities du = new DatabaseUtilities ();
DataTable dt = du.GetPostingLinks ();
int i = 0;
foreach (DataRow dr in dt.Rows) {
HyperLink HL = new HyperLink();
HL.ID = "HyperLink" + i++;
HL.Text = dr[1].ToString();
HL.NavigateUrl = Request.FilePath + "?classifiedID="+ dr[0];
ContentPlaceHolder cph = (ContentPlaceHolder)this.Master.FindControl("BodyContentPlaceholder");
cph.Controls.Add(HL);
cph.Controls.Add(new LiteralControl("<br/>"));
}
}
protected void btnSave_Click(object sender, EventArgs e)
{
try
{
DatabaseUtilities du = new DatabaseUtilities(Server);
string error_message = du.AddComment("user_cmt", txtEmail.Text, txtComment.Text);
txtComment.Text = string.Empty;
lblMessage.Visible = true;
LoadComments();
}
catch (Exception ex)
{
lblMessage.Text = ex.Message;
lblMessage.Visible = true;
}
}
protected void ButtonCheckEmail_Click(object sender, EventArgs e)
{
DatabaseUtilities du = new DatabaseUtilities(Server);
string result = du.GetSecurityQuestion(Response, txtEmail.Text);
if (result == null)
{
labelQuestion.Text = "That email address was not found in our database!";
PanelForgotPasswordStep2.Visible = false;
PanelForgotPasswordStep3.Visible = false;
}
else
{
labelQuestion.Text = "Here is the question we have on file for you: <strong>" + result + "</strong>";
PanelForgotPasswordStep2.Visible = true;
PanelForgotPasswordStep3.Visible = false;
}
}
void DisplayMessage()
{
try
{
int id = int.Parse(Request["classifiedID"]);
DatabaseUtilities du = new DatabaseUtilities();
DataTable dt = du.GetPostingByID(id);
dtlView.DataSource = dt;
dtlView.DataBind();
RefreshListings();
}
catch (Exception ex)
{
lblOutput.Text = "Record " + Request["classifiedID"] + " not found";
Console.WriteLine(ex.Message);
}
}
void RefreshListings()
{
DatabaseUtilities du = new DatabaseUtilities();
DataTable dt = du.GetPostingLinks();
int i = 0;
foreach (DataRow dr in dt.Rows)
{
HyperLink HL = new HyperLink();
HL.ID = "HyperLink" + i++;
HL.Text = dr[1].ToString();
HL.NavigateUrl = Request.FilePath + "?classifiedID=" + dr[0];
ContentPlaceHolder cph = (ContentPlaceHolder)this.Master.FindControl("BodyContentPlaceholder");
cph.Controls.Add(HL);
cph.Controls.Add(new LiteralControl("<br/>"));
}
}
void RefreshListings()
{
DatabaseUtilities du = new DatabaseUtilities();
DataTable posts = du.GetAllPostings();
string output = string.Empty;
foreach (DataRow dr in posts.Rows)
{
foreach (DataColumn col in posts.Columns)
{
output += "<b><i>" + col.ColumnName + "</i></b>: " + dr [col.ColumnName] + "<br/>";
}
output += "<p/>";
}
lblOutput.Text = output;
}
protected void Page_Load(object sender, EventArgs e)
{
//do a quick test. If the database connects, inform the user the database seems to be working.
DatabaseUtilities du = new DatabaseUtilities(Server);
string msg = du.TestDatabaseConnection();
if (msg == null)
{
lblOutput.Text = "You appear to be connected to a valid MySQL Database. If you want to reconfigure or rebuild the database, click on the button below!";
Session["DBConfigured"] = true;
}
else
{
lblOutput.Text = "Before proceeding, please ensure this instance of WebGoat.NET can connect to the database!";
//PanelError.Visible = true;
}
}
void DisplayMessage ()
{
try
{
int id = int.Parse(Request["classifiedID"]);
DatabaseUtilities du = new DatabaseUtilities();
DataTable dt = du.GetPostingByID(id);
dtlView.DataSource = dt;
dtlView.DataBind();
RefreshListings();
}
catch (Exception ex)
{
lblOutput.Text = "Record " + Request["classifiedID"] + " not found";
Console.WriteLine(ex.Message);
}
}
protected void btnFind_Click(object sender, EventArgs e)
{
try {
DatabaseUtilities du = new DatabaseUtilities();
DataTable dt = du.GetMailingListInfoByEmailAddress(txtEmail.Text);
string output = string.Empty;
if (dt.Rows.Count > 0)
{
lblOutput.Text += "You are already on the list!<p/>";
foreach (DataRow row in dt.Rows)
{
foreach (DataColumn col in dt.Columns)
{
output += "<b><i>" + col.ColumnName + "</i></b>: " + row [col.ColumnName] + "<br/>";
}
output += "<p/>";
}
lblOutput.Text += output;
}
else
{
string result = du.AddToMailingList(txtFirst.Text, txtLast.Text, txtEmail.Text);
lblOutput.Text = result;
}
} catch (Exception ex) {
lblOutput.Text = ex.Message;
}
/*else {
*
* bool result = du.AddToMailingList (txtFirst.Text, txtLast.Text, txtEmail.Text);
* if (result == true)
* lblOutput.Text = "You have been added!";
* else
* lblOutput.Text = "Oops, an error occurred - you were NOT added to our mailing list. Please try again";
* }*/
}
string getPassword(string email)
{
DatabaseUtilities du = new DatabaseUtilities(Server);
string password = du.GetPasswordByEmail(email);
return password;
}
protected void btnTestConfiguration_Click(object sender, EventArgs e)
{
//get all the fields, save in conf file
//use that to then connect to the database
IOHelper iohelper = new IOHelper(Server);
string result = iohelper.SaveDBConfigString(txtServer.Text, txtPort.Text, txtDatabase.Text, txtUserName.Text, txtPassword.Text);
if (result != null)
lblOutput.Text = result;
else
{
DatabaseUtilities du = new DatabaseUtilities(Server);
string msg = du.TestDatabaseConnection();
if (msg == null)
{
labelSuccess.Text = "Connection to Database Successful!";
PanelSuccess.Visible = true;
Session["DBConfigured"] = true;
}
else
{
labelError.Text = msg;
PanelError.Visible = true;
Session["DBConfigured"] = null;
}
}
}
