/// <summary>
/// Method Used for getting all the Parent Comments on a Post
/// </summary>
/// <param name="PostID"></param>
/// <returns></returns>
public DataSet GetParentComments(int PostID)
{
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DB"].ToString()))
{
conn.Open();
string sql = "select FCT.UserID, CommentText, FCT.DatePosted FROM FORUM_COMMENT_TREE as FCT inner join FORUM_POST as FP on FP.ReplyGroupID = FCT.GroupID where FP.PostID = @PostID and ParentID is null";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.Parameters.Add(new SqlParameter("@PostID", PostID));
SqlDataAdapter DA = new SqlDataAdapter();
DataSet DS = new DataSet();
DA.Fill(DS, "ParentComments");
glob.CloseDB(conn);
return(DS);
}
}
/// <summary>
/// Method for checking if the user is looking for a post or the main page
/// </summary>
protected void Post()
{
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DB"].ToString()))
{
conn.Open();
string sql = "select PostName, (FU.LName + ', ' + FU.FName) as FullName, FP.PostDate FROM FORUM_POST as FP inner join FORUM_USER as FU on FU.UserID = FP.UserID where PostID = @PostID";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.Parameters.Add(new SqlParameter("@PostID", Request.QueryString["PostID"]));
SqlDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
Panel HeaderPnl = new Panel();
HeaderPnl.CssClass = "page-header";
HeaderPnl.Controls.Add(new LiteralControl("<h1>" + dr["PostName"] + "</h1>"));
HeaderPnl.Controls.Add(new LiteralControl("<br/>"));
HeaderPnl.Controls.Add(new LiteralControl("<small>" + dr["FullName"] + " " + dr["PostDate"] + "</small>"));
PostContent.Controls.Add(HeaderPnl);
}
dr.Close();
sql = "select PostText FROM FORUM_POST where PostID=@PostID";
cmd = new SqlCommand(sql, conn);
cmd.Parameters.Add(new SqlParameter("@PostID", Request.QueryString["PostID"]));
dr = cmd.ExecuteReader();
while (dr.Read())
{
Panel Body = new Panel();
Body.Controls.Add(new LiteralControl("<br/><br/>"));
Body.Controls.Add(new LiteralControl("<p class=\"lead\">" + dr["PostText"] + "</p>"));
PostContent.Controls.Add(Body);
}
dr.Close();
glob.CloseDB(conn);
}
}
protected void EnterCodebtn_Click(object sender, EventArgs e)
{
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DB"].ToString()))
{
conn.Open();
string sql = "select Passcode FROM PASS_CODES where ID=1";
SqlCommand cmd = new SqlCommand(sql, conn);
SqlDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
if (dr["Passcode"].ToString() == PassCode.Text.ToString())
{
Lockpnl.Visible = false;
Managepnl.Visible = true;
Session["Pass"] = "******";
}
else
{
Errorlb.Visible = true;
Session["Pass"] = "******";
}
}
dr.Close();
glob.CloseDB(conn);
}
}
public static bool AuthenticateUser(string UserName, string Password)
{
bool Valid = false;
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DB"].ToString()))
{
conn.Open();
String sql = "select Password, UserID, FName, LName FROM FORUM_USER where UserName=@UserName";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.Parameters.Add(new SqlParameter("@UserName", UserName));
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
while (dr.Read())
{
if (Password == Encryption.Decrypt(dr["Password"].ToString(), Encryption.GetPassPhrase().ToString()))
{
Valid = true;
}
else
{
Valid = false;
}
}
}
else
{
Valid = false;
}
dr.Close();
Global_Functions globl = new Global_Functions();
globl.CloseDB(conn);
}
return(Valid);
}
