public String insertJson(String json) { String res = ""; SQL_function sql_function = new SQL_function(); String strQuery = @"INSERT INTO [dbo].[DataTotNghiep] ([HoTen] ,[NgaySinh] ,[NoiSinh] ,[GioiTinh] ,[DanToc] ,[Truong] ,[KhoaThi] ,[HoiDong] ,[SoHieu] ,[Rot] ,[DauSauPhucKhao]) SELECT * FROM OPENJSON(@json) WITH (HoTen nvarchar(50), NgaySinh date, NoiSinh nvarchar(50), GioiTinh bit, DanToc int, Truong nvarchar(50), KhoaThi date, HoiDong nvarchar(50), SoHieu nvarchar(50), Rot bit, DauSauPhucKhao bit )" ; SqlCommand cmd = new SqlCommand(strQuery); cmd.Parameters.Add("@json", SqlDbType.NVarChar).Value = json; res = sql_function.InsertUpdateData(cmd, "sqlconnString"); return(res); }
public IHttpActionResult AdminLogin(LogInModel Model) { LogInResult resModel = new LogInResult(); String newID = Shuffle(Model.ID); resModel.ID = newID; resModel.Result = false; SQL_function sql_function = new SQL_function(); String strQuery_auth = @"SELECT COUNT(*) FROM [DuLieuTotNghiep].[dbo].[Account] WHERE [UserName] = @UserName and [Password] =@Password "; SqlCommand cmd_auth = new SqlCommand(strQuery_auth); cmd_auth.Parameters.Add("@UserName", SqlDbType.NVarChar).Value = Model.UserName; cmd_auth.Parameters.Add("@Password", SqlDbType.NVarChar).Value = Model.Password; String[,] array_auth = sql_function.xml_deserialize(sql_function.GetData(cmd_auth, "sqlconnString")); if (array_auth[0, 0] == "1") { String strQuery = @"UPDATE [dbo].[Session] SET ID =@newID ,[UserName] = @UserName WHERE ID = @ID"; SqlCommand cmd = new SqlCommand(strQuery); cmd.Parameters.Add("@newID", SqlDbType.NVarChar).Value = newID; cmd.Parameters.Add("@UserName", SqlDbType.NVarChar).Value = "admin"; cmd.Parameters.Add("@ID", SqlDbType.NVarChar).Value = Model.ID; String insertRes = sql_function.InsertUpdateData(cmd, "sqlconnString"); if (insertRes == "1") { resModel.Result = true; } } return(Json(resModel)); }
public async Task <IHttpActionResult> ReCaptchaVerify(VerifyModel Model) { String secret_key = "6LdSD84UAAAAANYhNhpJUef1_ydrERXTzmVXdH75"; var values = new Dictionary <string, string> { { "secret", secret_key }, { "response", Model.ResponseKey } }; var content = new FormUrlEncodedContent(values); HttpResponseMessage response = await client.PostAsync("https://www.google.com/recaptcha/api/siteverify", content); if (response.IsSuccessStatusCode) { var domain = Request.Headers.Referrer? .GetLeftPart(UriPartial.Authority) ?? Request.Headers.UserAgent.ToString(); SQL_function sql_function = new SQL_function(); String strQuery = @"INSERT INTO [dbo].[Session] ([ID] ,[UserName] ,[TimeStampt] ,[IP], [isActive]) VALUES (@ID ,@UserName ,Getdate() ,@IP, 1)"; SqlCommand cmd = new SqlCommand(strQuery); cmd.Parameters.Add("@ID", SqlDbType.NVarChar).Value = Model.ResponseKey.Substring(0, 50); cmd.Parameters.Add("@UserName", SqlDbType.NVarChar).Value = "Guest"; cmd.Parameters.Add("@IP", SqlDbType.NVarChar).Value = domain; sql_function.InsertUpdateData(cmd, "sqlconnString"); } var responseString = await response.Content.ReadAsStringAsync(); return(Ok(responseString)); }
public void AdminLogout(LogInModel Model) { SQL_function sql_function = new SQL_function(); String strQuery = @"UPDATE [dbo].[Session] SET isActive = 0 WHERE ID = @ID"; SqlCommand cmd = new SqlCommand(strQuery); cmd.Parameters.Add("@ID", SqlDbType.NVarChar).Value = Model.ID; String insertRes = sql_function.InsertUpdateData(cmd, "sqlconnString"); }