Exemplos de código com SqlModifyDataResponse em C# (CSharp)

Exemplo n.º 1

0

Exibir arquivo

        public override void Process(ApiServer server)
        {
            if (server.AssertServerSetup(this) || server.AssertIdSet() || server.AssertUserOnline() || server.AssertEventInfoNotNull(EventInfo))
            {
                return;
            }
            using DatabaseManager databaseManager = new DatabaseManager(server);
            if (databaseManager.AssertHasPermission(Permission.CREATE_EVENT))
            {
                return;
            }
            string                eventId            = SecurityManager.GenerateHid();
            string                query              = DatabaseEssentials.Security.SanitizeQuery(new string[] { "INSERT INTO Tbl_event (userid, title, expires, date, time, location, url, image, description, hid) VALUES (", server.Account.Id, ", \'", EventInfo.Title, "\', ", EventInfo.ExpirationDate.ToString(), ", \'", EventInfo.Date, "\', \'", EventInfo.Time, "\', \'", EventInfo.Location, "\', \'", EventInfo.Url, "\', \'", EventInfo.Image, "\', \'", EventInfo.Description, "\', \'", eventId, "\');" });
            SqlApiRequest         sqlRequest         = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlRequest, out bool success);

            if (!success)
            {
                return;
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to create event.");
                return;
            }
            CreateEventResponseA  response = new CreateEventResponseA(ResponseId.CreateEvent, eventId);
            SerializedApiResponse serializedApiResponse = SerializedApiResponse.Create(response);
            string json = serializedApiResponse.Serialize();

            server.Send(json);
            server.UnitTesting.MethodSuccess = true;
        }

Exemplo n.º 2

0

Exibir arquivo

        public override void Process(ApiServer server)
        {
            if (server.AssertServerSetup(this) || server.AssertAuthenticationCodeInvalid(Code) || server.AssertUserOffline())
            {
                return;
            }
            using DatabaseManager databaseManager = new DatabaseManager(server);
            string                userid             = SecurityManager.GenerateHid();
            string                query              = DatabaseEssentials.Security.SanitizeQuery(new string[] { "INSERT INTO Tbl_user (password, hid, email) VALUES (\'", server.Account.Password, "\',\'", userid, "\', \'", server.Account.AccountInfo.Email, "\');" });
            SqlApiRequest         sqlRequets         = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlRequets, out bool success);

            if (!success)
            {
                return;
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to create user.");
                return;
            }
            server.Account.AuthenticationCode = string.Empty;
            server.Account.AuthenticationId   = ApiRequestId.Invalid;
            server.Account.AuthenticationTime = -1;
            GenericSuccessResponse response = new GenericSuccessResponse(ResponseId.ConfirmAccount, true);
            SerializedApiResponse  serializedApiResponse = SerializedApiResponse.Create(response);
            string json = serializedApiResponse.Serialize();

            server.Send(json);
            server.UnitTesting.MethodSuccess = true;
        }

Exemplo n.º 3

0

Exibir arquivo

        public override void Process(ApiServer server)
        {
            if (server.AssertServerSetup(this) || server.AssertIdSet() || server.AssertUserOnline())
            {
                return;
            }
            using DatabaseManager databaseManager = new DatabaseManager(server);
            if (databaseManager.AssertHasPermission(Permission.CREATE_EVENT) || databaseManager.AssertEventExists(EventId))
            {
                return;
            }
            string                query              = "DELETE FROM Tbl_event WHERE hid = \'" + DatabaseEssentials.Security.Sanitize(EventId) + "\';";
            SqlApiRequest         sqlRequest         = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlRequest, out bool success);

            if (!success)
            {
                return;
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to delete the requested event.");
                return;
            }
            GenericSuccessResponse response = new GenericSuccessResponse(ResponseId.DeleteEventA, true);
            SerializedApiResponse  serializedApiResponse = SerializedApiResponse.Create(response);
            string json = serializedApiResponse.Serialize();

            server.Send(json);
            server.UnitTesting.MethodSuccess = true;
        }

Exemplo n.º 4

0

Exibir arquivo

        public override void Process(ApiServer server)
        {
            if (server.AssertServerSetup(this) || server.AssertIdSet() || server.AssertUserOnline() || server.AssertEventInfoNotNull(EventInfo))
            {
                return;
            }
            using DatabaseManager databaseManager = new DatabaseManager(server);
            if (databaseManager.AssertEventExists(EventInfo.EventId) || databaseManager.AssertHasPermission(Permission.CREATE_EVENT))
            {
                return;
            }
            string                query              = DatabaseEssentials.Security.SanitizeQuery(new string[] { "UPDATE Tbl_event SET userid = ", server.Account.Id, ", title = \'", EventInfo.Title, "\', expires = ", EventInfo.ExpirationDate.ToString(), ", date = \'", EventInfo.Date, "\', time = \'", EventInfo.Time, "\', location = \'", EventInfo.Location, "\', url = \'", EventInfo.Url, "\', image = \'", EventInfo.Image, "\', description = \'", EventInfo.Description, "\'  WHERE hid = \'", EventInfo.EventId, "\';" });
            SqlApiRequest         sqlRequest         = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlRequest, out bool success);

            if (!success)
            {
                return;
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to update event.");
                return;
            }
            GenericSuccessResponse response = new GenericSuccessResponse(ResponseId.EditEventA, true);
            SerializedApiResponse  serializedApiResponse = SerializedApiResponse.Create(response);
            string json = serializedApiResponse.Serialize();

            server.Send(json);
            server.UnitTesting.MethodSuccess = true;
        }

Exemplo n.º 5

0

Exibir arquivo

        public override void Process(ApiServer server)
        {
            if (server.AssertServerSetup(this) || server.AssertAuthenticationCodeInvalid(Code) || server.AssertUserOnline() || server.AssertPasswordSet() || server.AssertIdSet())
            {
                return;
            }
            using DatabaseManager databaseManager = new DatabaseManager(server);
            // Check if security token is valid.
            string        query      = DatabaseEssentials.Security.SanitizeQuery(new string[] { "SELECT u.id FROM Tbl_cookies as c, Tbl_user as u WHERE c.value = \'", SecurityToken, "\' AND u.id = c.userid;" });
            SqlApiRequest sqlRequest = SqlApiRequest.Create(SqlRequestId.GetSingleOrDefault, query, 2);
            SqlSingleOrDefaultResponse singleOrDefaultResponse = databaseManager.AwaitSingleOrDefaultResponse(sqlRequest, out bool success);

            if (!success)
            {
                return;
            }
            if (!singleOrDefaultResponse.Success || !singleOrDefaultResponse.Result.Equals(server.Account.Id))
            {
                ApiError.Throw(ApiErrorCode.InvalidToken, server, "Security token was invalid.");
                return;
            }
            // Reset security token expiration timer..
            int expirationDate = DatabaseEssentials.GetTimeStamp() + MainServer.Config.WamsrvSecurityConfig.SecurityTokenExpirationTime;

            query      = DatabaseEssentials.Security.SanitizeQuery(new string[] { "UPDATE Tbl_cookies SET expires = \'", expirationDate.ToString(), "\' WHERE value = \'", SecurityToken, "\';" });
            sqlRequest = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlRequest, out success);

            if (!success)
            {
                return;
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to refresh security token.");
                return;
            }
            // Delete all other security tokens associated with the account.
            if (databaseManager.DeleteSecurityTokens(new string[] { SecurityToken }))
            {
                return;
            }
            // Update password.
            if (databaseManager.UpdatePassword())
            {
                return;
            }
            server.Account.AuthenticationCode = string.Empty;
            server.Account.AuthenticationId   = ApiRequestId.Invalid;
            server.Account.AuthenticationTime = -1;
            GenericSuccessResponse response = new GenericSuccessResponse(ResponseId.ConfirmAccount, true);
            SerializedApiResponse  serializedApiResponse = SerializedApiResponse.Create(response);
            string json = serializedApiResponse.Serialize();

            server.Send(json);
            server.UnitTesting.MethodSuccess = true;
        }

Exemplo n.º 6

0

Exibir arquivo

        public bool SetUserOffline()
        {
            if (server.AssertIdSet())
            {
                return(false);
            }
            string                query              = "UPDATE Tbl_user SET isOnline = 0 WHERE id = " + server.Account.Id;
            SqlApiRequest         sqlRequest         = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = AwaitModifyDataResponse(sqlRequest, out bool success);

            if (success && modifyDataResponse.Success)
            {
                server.Account.IsOnline = false;
            }
            return(success && modifyDataResponse.Success);
        }

Exemplo n.º 7

0

Exibir arquivo

        /// <summary>
        /// Updates the password of the current account. Requires server.Account.Id and server.Account.Password to be set.
        /// </summary>
        /// <returns></returns>
        public bool UpdatePassword()
        {
            string                query              = DatabaseEssentials.Security.SanitizeQuery(new string[] { "UPDATE Tbl_user SET password = \'", server.Account.Password, "\' WHERE id = ", server.Account.Id, ";" });
            SqlApiRequest         sqlRequest         = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = AwaitModifyDataResponse(sqlRequest, out bool success);

            if (!success)
            {
                return(true);
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to update password.");
                return(true);
            }
            return(false);
        }

Exemplo n.º 8

0

Exibir arquivo

Arquivo: SqlModifyDataRequest.cs Projeto: frederik-hoeft/wadbsrv

        public override async void Process(SqlServer server)
        {
            SqlPacket packet = await DatabaseManager.ModifyData(Query);

            ApiResponse response;

            if (packet.Success)
            {
                int result = (int)packet.Data;
                response = SqlModifyDataResponse.Create(result);
            }
            else
            {
                response = SqlErrorResponse.Create(packet.ErrorMessage);
            }
            SerializedSqlApiResponse serializedApiResponse = SerializedSqlApiResponse.Create(response);
            string data = serializedApiResponse.Serialize();

            server.Network.Send(data);
        }

Exemplo n.º 9

0

Exibir arquivo

        public bool DeleteSecurityTokens(string[] exceptions)
        {
            string exceptionsQueryExtension = string.Empty;

            if (exceptions.Length > 0)
            {
                StringBuilder stringBuilder = new StringBuilder(" AND value NOT IN (");
                for (int i = 0; i < exceptions.Length; i++)
                {
                    if (i == 0)
                    {
                        stringBuilder.Append("\'");
                    }
                    else
                    {
                        stringBuilder.Append(", \'");
                    }
                    stringBuilder.Append(DatabaseEssentials.Security.Sanitize(exceptions[i]));
                    stringBuilder.Append("\'");
                }
                stringBuilder.Append(")");
                exceptionsQueryExtension = stringBuilder.ToString();
            }
            string                query              = "DELETE FROM Tbl_cookies WHERE userid = " + DatabaseEssentials.Security.Sanitize(server.Account.Id) + exceptionsQueryExtension + ";";
            SqlApiRequest         sqlRequest         = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = AwaitModifyDataResponse(sqlRequest, out bool success);

            if (!success)
            {
                return(true);
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to delete deprecated security tokens.");
                return(true);
            }
            return(false);
        }

Exemplo n.º 10

0

Exibir arquivo

        public override void Process(ApiServer server)
        {
            if (server.AssertServerSetup(this) || AccountInfo == null)
            {
                ApiError.Throw(ApiErrorCode.InvalidArgument, server, "AccountInfo was null.");
                return;
            }
            if (server.AssertUserOnline() || server.AssertIdSet() || server.AssertAccountInfoNotNull())
            {
                return;
            }
            using DatabaseManager databaseManager = new DatabaseManager(server);
            string query;
            bool   success;

            if (string.IsNullOrEmpty(server.Account.AccountInfo.UserId))
            {
                query = "SELECT hid FROM Tbl_user WHERE id = " + DatabaseEssentials.Security.Sanitize(server.Account.Id);
                SqlApiRequest sqlRequest = SqlApiRequest.Create(SqlRequestId.GetSingleOrDefault, query, 1);
                SqlSingleOrDefaultResponse singleOrDefaultResponse = databaseManager.AwaitSingleOrDefaultResponse(sqlRequest, out success);
                if (!success)
                {
                    return;
                }
                if (!singleOrDefaultResponse.Success)
                {
                    ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to determine userid.");
                    return;
                }
                server.Account.AccountInfo.UserId = singleOrDefaultResponse.Result;
            }
            AesContext    aesContext       = new AesContext(server.Account.AccountInfo.UserId);
            string        cryptoName       = aesContext.EncryptOrDefault(AccountInfo.Name);
            string        cryptoOccupation = aesContext.EncryptOrDefault(AccountInfo.Occupation);
            StringBuilder stringBuilder    = new StringBuilder();

            string[] infos = new string[] { AccountInfo.Info1, AccountInfo.Info2, AccountInfo.Info3, AccountInfo.Info4, AccountInfo.Info5, AccountInfo.Info6, AccountInfo.Info7, AccountInfo.Info8, AccountInfo.Info9, AccountInfo.Info10 };
            for (int i = 0; i < infos.Length; i++)
            {
                stringBuilder.Append(", info").Append((i + 1).ToString()).Append(" = \'").Append(aesContext.EncryptOrDefault(infos[i])).Append('\'');
            }
            query = "UPDATE Tbl_user SET name = \'" + cryptoName + "\', occupation = \'" + cryptoOccupation + "\'" + stringBuilder.ToString() + ", location = \'" + DatabaseEssentials.Security.Sanitize(AccountInfo.Location) + "\', radius = " + AccountInfo.Radius.ToString() + ", isVisible = " + (AccountInfo.IsVisible ? "1" : "0") + ", showLog = " + (AccountInfo.ShowLog ? "1" : "0") + " WHERE id = " + DatabaseEssentials.Security.Sanitize(server.Account.Id) + ";";
            SqlApiRequest         sqlApiRequest      = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlApiRequest, out success);

            if (!success)
            {
                return;
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to update account info.");
                return;
            }
            GenericSuccessResponse successResponse       = new GenericSuccessResponse(ResponseId.UpdateAccountInfo, true);
            SerializedApiResponse  serializedApiResponse = SerializedApiResponse.Create(successResponse);
            string json = serializedApiResponse.Serialize();

            server.Send(json);
            server.UnitTesting.MethodSuccess = true;
        }

Exemplo n.º 11

0

Exibir arquivo

Arquivo: CreateCookieRequest.cs Projeto: frederik-hoeft/wamsrv

        public override void Process(ApiServer server)
        {
            if (server.AssertServerSetup(this) || server.AssertAccountNull())
            {
                server.UnitTesting.MethodSuccess = false;
                return;
            }
            using DatabaseManager databaseManager = new DatabaseManager(server);
            string               query             = DatabaseEssentials.Security.SanitizeQuery(new string[] { "SELECT id, password, isOnline FROM Tbl_user WHERE email = \'", Email, "\' LIMIT 1;" });
            SqlApiRequest        apiRequest        = SqlApiRequest.Create(SqlRequestId.GetDataArray, query, 3);
            SqlDataArrayResponse dataArrayResponse = databaseManager.AwaitDataArrayResponse(apiRequest, out bool success);

            string[] data = dataArrayResponse.Result;
            if (!success)
            {
                return;
            }
            if (!dataArrayResponse.Success || data.Length != 3)
            {
                ApiError.Throw(ApiErrorCode.InvalidUser, server, "No account is associated with this email address.");
                return;
            }
            string id   = data[0];
            string hash = data[1];

            if (Convert.ToInt32(data[2]) == 1)
            {
                ApiError.Throw(ApiErrorCode.AlreadyOnline, server, "Already logged in from another device.");
                return;
            }
            bool authenticationSuccessful = SecurityManager.ScryptCheck(Password, hash);

            if (!authenticationSuccessful)
            {
                ApiError.Throw(ApiErrorCode.InvalidCredentials, server, "Incorrect password.");
                return;
            }
            string securityToken = SecurityManager.GenerateSecurityToken();
            // Token should expire every month.
            int expirationDate = DatabaseEssentials.GetTimeStamp() + MainServer.Config.WamsrvSecurityConfig.SecurityTokenExpirationTime;

            query      = DatabaseEssentials.Security.SanitizeQuery(new string[] { "INSERT INTO Tbl_cookies (userid, value, expires, info) VALUES (", id, ",\'", securityToken, "\',", expirationDate.ToString(), ",\'", Info, "\');" });
            apiRequest = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
            SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(apiRequest, out success);

            if (!success)
            {
                return;
            }
            if (!modifyDataResponse.Success)
            {
                ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to generate security token.");
                return;
            }
            if (!databaseManager.SetupAccount(id))
            {
                return;
            }
            Permission permissions = databaseManager.GetUserPermission(server.Account.AccountInfo.UserId, out success);

            if (!success)
            {
                return;
            }
            CreateCookieResponse  apiResponse           = new CreateCookieResponse(ResponseId.CreateCookie, securityToken, permissions);
            SerializedApiResponse serializedApiResponse = SerializedApiResponse.Create(apiResponse);
            string json = serializedApiResponse.Serialize();

            server.Send(json);
            server.UnitTesting.MethodSuccess = true;
        }

Exemplo n.º 12

0

Exibir arquivo

        public override void Process(ApiServer server)
        {
            if (server.AssertServerSetup(this) || server.AssertUserOnline())
            {
                return;
            }
            using DatabaseManager databaseManager = new DatabaseManager(server);
            if (databaseManager.AssertHasPermission(Permission.ADJUST_PRIVILEGES))
            {
                return;
            }
            bool userExists = databaseManager.CheckUserExists(TargetUserId, out bool success);

            if (!success)
            {
                return;
            }
            if (!userExists)
            {
                ApiError.Throw(ApiErrorCode.NotFound, server, "User not found.");
                return;
            }
            bool targetIsRoot = databaseManager.UserIsRoot(TargetUserId, out success);

            if (!success)
            {
                return;
            }
            if (targetIsRoot)
            {
                ApiError.Throw(ApiErrorCode.InsufficientPermissions, server, "Cannot adjust permissions of root: is fixed to " + Permission.ALL_ACCESS.ToString());
                return;
            }
            Permission currentPermissions = databaseManager.GetUserPermission(TargetUserId, out success);

            if (!success)
            {
                return;
            }
            if (currentPermissions != Permissions)
            {
                string targetId = databaseManager.UserIdToId(TargetUserId, out success);
                if (!success)
                {
                    return;
                }
                string query;
                if (Permissions == Permission.NONE)
                {
                    query = "DELETE FROM Tbl_admin WHERE userid = " + targetId + ";";
                }
                else if (currentPermissions == Permission.NONE)
                {
                    query = "INSERT INTO Tbl_admin (userid, permissions) VALUES (" + targetId + ", " + ((int)Permissions).ToString() + ");";
                }
                else
                {
                    query = "UPDATE Tbl_admin SET permissions = " + ((int)Permissions).ToString() + " WHERE userid = " + targetId + ";";
                }
                SqlApiRequest         sqlRequest         = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
                SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlRequest, out success);
                if (!success)
                {
                    return;
                }
            }
            GenericSuccessResponse response = new GenericSuccessResponse(ResponseId.ChangeUserPermissionsA, true);
            SerializedApiResponse  serializedApiResponse = SerializedApiResponse.Create(response);
            string json = serializedApiResponse.Serialize();

            server.Send(json);
            server.UnitTesting.MethodSuccess = true;
            return;
        }

Exemplos de SqlModifyDataResponse em C# (CSharp)