public ActionResult delete_notfall()
{
if (Request.Cookies["Session"] != null)
{
SessionElement Session = Params.Sess[Request.Cookies["Session"]];
string UserId = Session.UserId;
if (UserId != null)
{
DB db = new DB();
Dictionary <string, string> dic = new Dictionary <string, string>();
dic.Add("PatientId", Request.Form["PatientId"]);
db.ExecuteProcedure("NotfallDelete", dic);
return(Content("1"));
}
}
return(Content("Error"));
}
public ActionResult Login()
{
DB db = new DB();
SqlCommand command = new SqlCommand("SELECT Id,Login,Password from users where Login=@Login and Password=@Password", db.myConnection);
string login = Request.Form["Login"].ToString();
string password = Request.Form["Password"].ToString();
command.Parameters.Add(new SqlParameter("Login", login));
command.Parameters.Add(new SqlParameter("Password", password));
List <Dictionary <string, string> > responce = db.SelectCommandParam(command);
int content = responce.Count;
if (content == 1)
{
string UserId = responce[0]["Id"].ToString();
string Login = responce[0]["Login"].ToString();
string Password = responce[0]["Password"].ToString();
string source = Login + "---" + System.DateTime.Now.ToString();
MD5 md5Hash = MD5.Create();
string SessionNummer = GetMd5Hash(md5Hash, source);
Response.Cookies.Append("Session", SessionNummer);
Response.Cookies.Append("Login", Login);
SessionElement Element = new SessionElement();
Element.UserId = UserId;
Element.UserLogin = Login;
Element.UserPassword = Password;
Params.SessionAdd(SessionNummer, Element);
return(Content("1"));
}
else
{
string CookieSession = null;
try { CookieSession = Request.Cookies["Session"]; } catch { }
Response.Cookies.Append("Login", "");
Response.Cookies.Append("Session", "");
if (CookieSession != null)
{
Params.Sess.Remove(CookieSession);
}
return(Content("Login/Password ist ungültig"));
}
}
public ActionResult save_param_value()
{
if (Request.Cookies["Session"] != null)
{
SessionElement Session = Params.Sess[Request.Cookies["Session"]];
string UserId = Session.UserId;
if (UserId != null)
{
DB db = new DB();
Dictionary <string, string> dic = new Dictionary <string, string>();
dic.Add("NotfallId", Request.Form["NotfallId"]);
dic.Add("AnswerId", Request.Form["AnswerId"]);
dic.Add("Value", Request.Form["ThisValue"]);
dic.Add("UserId", UserId);
dic.Add("DT", System.DateTime.Now.ToString());
return(Content(db.ExecuteProcedure("ParameterChange", dic)));
}
}
return(Content("Error"));
}
public ActionResult passwordChange()
{
string AltePass = Request.Form["altePass"].ToString();
string NeuePass = Request.Form["neuePass"].ToString();
string UserId = "0";
string CookieSession = Request.Cookies["Session"];
DB db = new DB();
if (CookieSession != null)
{
if (Params.Sess.ContainsKey(CookieSession))
{
SessionElement Session = Params.Sess[Request.Cookies["Session"]];
UserId = Session.UserId;
}
}
SqlCommand command = new SqlCommand("select * from users where Id=@Id and Password=@Password", db.myConnection);
command.Parameters.Add(new SqlParameter("Id", UserId));
command.Parameters.Add(new SqlParameter("Password", AltePass));
List <Dictionary <string, string> > responce = db.SelectCommandParam(command);
int content = responce.Count;
if (content > 0)
{
db.ExecuteQuery("update users SET Password="******" where Id=" + UserId);
Params.Sess.Remove(Request.Cookies["Session"]);
}
else
{
return(Content("0"));
}
return(Content("1"));
}
/*public static string GetUserIdFromSession(string Val)
* {
* return Sess[Val];
* }*/
public static void SessionAdd(string Key, SessionElement Element)
{
try { Sess.Add(Key, Element); } catch { }
}