private bool Verify_currency() { string currency = EditRegistryDialogCurrencyButton.Content.ToString(); if (DatabaseHandler.Sanitize_string(currency)) { if (DatabaseHandler.Currency_exists(GlobalVariables.temporary_file_path, currency)) { this.Currency = currency; return true; } } else { // put here SQL injection detected dialog } return false; }
private void Add_new_currency(object sender, RoutedEventArgs e) { string currency_name = AddCurrencyDialogCurrencyNameBox.Text; if (DatabaseHandler.Sanitize_string(currency_name)) { if (DatabaseHandler.Currency_exists(GlobalVariables.temporary_file_path, currency_name) != true) { double vs_usd_rate; try { vs_usd_rate = Convert.ToDouble(AddCurrencyDialogCurrencyRateBox.Text); } catch { return; } if (vs_usd_rate > 0) { DatabaseHandler.Add_currency(GlobalVariables.temporary_file_path, currency_name, vs_usd_rate); this.correcly_created = true; this.Close(); } else { InvalidInputDialog invalid_input_dialog = new InvalidInputDialog(); invalid_input_dialog.Set_msg("The Currency rate can't be negative"); invalid_input_dialog.ShowDialog(); } } } else { InvalidInputDialog invalid_input_dialog = new InvalidInputDialog(); invalid_input_dialog.Set_msg("Are you using any ilegal chars ('!@#$%^&*()_+=,./\";:[]{}\\|)?"); invalid_input_dialog.ShowDialog(); } }
private bool Verify_currency() { if (AdvanceSearchDialogCurrencyButton.Content.ToString() == "Currency") { this.Currency = ""; return(true); } string currency = AdvanceSearchDialogCurrencyButton.Content.ToString(); if (DatabaseHandler.Sanitize_string(currency)) { if (DatabaseHandler.Currency_exists(GlobalVariables.temporary_file_path, currency)) { this.Currency = currency; return(true); } } else { // put here SQL injection detected dialog } return(false); }