Exemplo n.º 1
0
        public HttpResponseMessage Post(Login login)
        {
            SQLBlock block = new SQLBlock();

            using (SqlConnection connection = new SqlConnection(block.connectionString))
            {
                using (SqlCommand command = new SqlCommand($"select email from [dbo].[Users] where email = '{login.username}' AND password = '******';", connection))
                {
                    try
                    {
                        connection.Open();
                    }
                    catch (Exception e)
                    {
                        connection.Close();
                        Console.Write(e);
                        return(new HttpResponseMessage(HttpStatusCode.Conflict));
                    }
                    using (SqlDataReader reader = command.ExecuteReader())
                    {
                        if (reader.HasRows)
                        {
                            connection.Close();
                            return(new HttpResponseMessage(HttpStatusCode.OK));
                        }
                        else
                        {
                            return(new HttpResponseMessage(HttpStatusCode.Forbidden));
                        }
                    }
                }
            }
        }
Exemplo n.º 2
0
        public HttpResponseMessage Post(Data data)
        {
            SQLBlock block = new SQLBlock();

            using (SqlConnection connection = new SqlConnection(block.connectionString))
                using (SqlCommand command = new SqlCommand($"select email from [dbo].[Users] where email = '{data.email}'", connection))
                {
                    try
                    {
                        connection.Open();
                    }
                    catch (Exception e)
                    {
                        connection.Close();
                        Console.Write(e);
                        return(new HttpResponseMessage(HttpStatusCode.Conflict));
                    }
                    try
                    {
                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            if (reader.HasRows)
                            {
                                connection.Close();
                                return(new HttpResponseMessage(HttpStatusCode.BadRequest));
                            }
                        }
                        string insertQuery = $"INSERT INTO [dbo].[Users] (firstname, lastname, email, DOB, hometown, gender, password) " +
                                             $"values ('{data.firstname}', '{data.lastname}', '{data.email}', '{data.dob.Date}', '{data.hometown}','{data.gender}', '{data.password}');";
                        using (SqlCommand insertCommand = new SqlCommand(insertQuery, connection))
                        {
                            try
                            {
                                insertCommand.ExecuteNonQuery();
                            }
                            catch (Exception e2)
                            {
                                Console.Write(e2.Message);
                                connection.Close();
                                return(new HttpResponseMessage(HttpStatusCode.Conflict));
                            }
                        }
                        connection.Close();
                        return(new HttpResponseMessage(HttpStatusCode.OK));
                    }
                    catch (SqlException e3)
                    {
                        connection.Close();
                        return(new HttpResponseMessage(HttpStatusCode.Conflict)); // bad formed request
                    }
                }
        }