public HttpResponseMessage Post(Login login)
{
SQLBlock block = new SQLBlock();
using (SqlConnection connection = new SqlConnection(block.connectionString))
{
using (SqlCommand command = new SqlCommand($"select email from [dbo].[Users] where email = '{login.username}' AND password = '******';", connection))
{
try
{
connection.Open();
}
catch (Exception e)
{
connection.Close();
Console.Write(e);
return(new HttpResponseMessage(HttpStatusCode.Conflict));
}
using (SqlDataReader reader = command.ExecuteReader())
{
if (reader.HasRows)
{
connection.Close();
return(new HttpResponseMessage(HttpStatusCode.OK));
}
else
{
return(new HttpResponseMessage(HttpStatusCode.Forbidden));
}
}
}
}
}
public HttpResponseMessage Post(Data data)
{
SQLBlock block = new SQLBlock();
using (SqlConnection connection = new SqlConnection(block.connectionString))
using (SqlCommand command = new SqlCommand($"select email from [dbo].[Users] where email = '{data.email}'", connection))
{
try
{
connection.Open();
}
catch (Exception e)
{
connection.Close();
Console.Write(e);
return(new HttpResponseMessage(HttpStatusCode.Conflict));
}
try
{
using (SqlDataReader reader = command.ExecuteReader())
{
if (reader.HasRows)
{
connection.Close();
return(new HttpResponseMessage(HttpStatusCode.BadRequest));
}
}
string insertQuery = $"INSERT INTO [dbo].[Users] (firstname, lastname, email, DOB, hometown, gender, password) " +
$"values ('{data.firstname}', '{data.lastname}', '{data.email}', '{data.dob.Date}', '{data.hometown}','{data.gender}', '{data.password}');";
using (SqlCommand insertCommand = new SqlCommand(insertQuery, connection))
{
try
{
insertCommand.ExecuteNonQuery();
}
catch (Exception e2)
{
Console.Write(e2.Message);
connection.Close();
return(new HttpResponseMessage(HttpStatusCode.Conflict));
}
}
connection.Close();
return(new HttpResponseMessage(HttpStatusCode.OK));
}
catch (SqlException e3)
{
connection.Close();
return(new HttpResponseMessage(HttpStatusCode.Conflict)); // bad formed request
}
}
}
