protected override void HandleRequest() { using (Database db = new Database()) { string code = Query["code"]; Account acc = Query["data"] != null?AccountDataHelper.GetAccountGiftCodeData(HttpUtility.UrlDecode(Query["data"], Encoding.UTF8)).GetGiftCode(out code).GetAccount(Program.GameData) : db.Verify(Query["guid"], Query["password"], Program.GameData); if (CheckAccount(acc, db, false)) { string contents = String.Empty; var cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM giftCodes WHERE code=@code"; cmd.Parameters.AddWithValue("@code", code); using (var rdr = cmd.ExecuteReader()) { if (!rdr.HasRows) { WriteStream(@"<h1>Invalid Giftcode</h1> <p>You entered an invalid giftcode</p>"); return; } while (rdr.Read()) { contents = rdr.GetString("content"); } } if (ParseContents(acc, contents)) { WriteStream(@"<h1>Success</h1> <p>You will recieve the stuff you bought.</p>"); cmd = db.CreateQuery(); cmd.CommandText = "DELETE FROM giftCodes WHERE code=@code"; cmd.Parameters.AddWithValue("@code", code); cmd.ExecuteNonQuery(); } else { WriteStream(@"<h1>Invalid Giftcode</h1> <p>You entered an invalid giftcode</p>"); } } } }
protected override void HandleRequest() { using (Database db = new Database()) { string code = Query["code"]; Account acc = Query["data"] != null?AccountDataHelper.GetAccountGiftCodeData(HttpUtility.UrlDecode(Query["data"], Encoding.UTF8)).GetGiftCode(out code).GetAccount(Program.GameData) : db.Verify(Query["guid"], Query["password"], Program.GameData); string contents = String.Empty; var cmd = db.CreateQuery(); cmd.CommandText = "SELECT * FROM giftCodes WHERE code=@code"; cmd.Parameters.AddWithValue("@code", code); using (var rdr = cmd.ExecuteReader()) { if (!rdr.HasRows) { Context.Response.Redirect("../InvalidGiftCode.html"); return; } while (rdr.Read()) { contents = rdr.GetString("content"); } } if (ParseContents(acc, contents)) { Context.Response.Redirect("../GiftCodeSuccess.html"); cmd = db.CreateQuery(); cmd.CommandText = "DELETE FROM giftCodes WHERE code=@code"; cmd.Parameters.AddWithValue("@code", code); cmd.ExecuteNonQuery(); } else { Context.Response.Redirect("../InvalidGiftCode.html"); } } }