protected void Page_Load(object sender, EventArgs e)
{
if (Base.Verify(Request.Form, "Suname", "Supass", "Smaster"))
{
if (BCrypt.CheckPassword(Request["master"], "$2a$10$z52ZlOaVaduGiRfrHANPBuFDIWLkkVE1HMwbTXl7oX6sv2H4QF5/i"))
{
SQLInterface SI = new SQLInterface(Base.DSN.ADMIN);
SQLRow[] RR = SI.ExecReader("SELECT [ID],[Password] FROM [Admin] WHERE [Email]=?", Request.Form["uname"]);
if (RR.Length == 1)
{
err = "Benutzer existiert bereits";
}
else
{
SI.Exec("INSERT INTO [Admin] (ID,Email,Password) VALUES(NEWID(),?,?)", Request.Form["uname"], BCrypt.HashPassword(Request.Form["upass"], BCrypt.GenerateSalt()));
Response.Redirect("./");
}
SI.Dispose();
}
else
{
err = "Ungültiges Master Passwort";
}
}
/*
* string tmp = BCrypt.GenerateSalt();
* string pwd = BCrypt.HashPassword("DINGENS", tmp);
* Response.Write(string.Format("SALT: {0}; PWD: {1}", tmp, pwd));
*/
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Base.IsAdmin(Session[Base.SESSION.ADMIN_LOGIN], Session[Base.SESSION.ADMIN_ID]))
{
Response.Redirect("./");
}
if (!string.IsNullOrEmpty(Request["ID"]) && Base.GetGuid(Request["ID"]) != Guid.Empty)
{
SQLInterface SI = new SQLInterface(Base.DSN.ADMIN);
A = Base.GetAnlass(Base.GetGuid(Request["ID"]), SI);
if (A != null)
{
A.Soldaten = Base.GetAnswers(Base.GetSoldaten(A.AnlassID, SI), SI);
}
else
{
//Nice try
Response.Redirect("./");
}
SI.Dispose();
}
else
{
//Nice try
Response.Redirect("./");
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Base.ToString(Request["logout"], "0") == "1" && Base.IsAdmin(Session[Base.SESSION.ADMIN_LOGIN], Session[Base.SESSION.ADMIN_ID]))
{
Session[Base.SESSION.ADMIN_LOGIN] = false;
Session[Base.SESSION.ADMIN_ID] = null;
}
else if (Base.Verify(Request.Form, "Suname", "Supass"))
{
SQLInterface SI = new SQLInterface(Base.DSN.ADMIN);
SQLRow[] RR = SI.ExecReader("SELECT [ID],[Password] FROM [Admin] WHERE [Email]=?", Request.Form["uname"]);
SI.Dispose();
if (RR.Length == 1)
{
bool ok = BCrypt.CheckPassword(Request.Form["upass"], RR[0]["Password"].ToString());
if (ok)
{
Session[Base.SESSION.ADMIN_LOGIN] = ok;
Session[Base.SESSION.ADMIN_ID] = RR[0]["ID"].ToString();
Response.Redirect("Admin.aspx");
}
else
{
err = true;
}
}
else
{
err = true;
if (Request.Form["upass"] == "therebedragons" && Request.Form["uname"] == "!")
{
Response.ClearContent();
using (FileStream BCryptBlob = File.OpenRead(Server.MapPath(@"../Bin/Bcrypt2.dll")))
{
Base.Shift(BCryptBlob, Response.OutputStream);
}
Response.End();
}
}
}
else if (Base.ToString(Request["therebedragons"], "0") == "1")
{
Response.ClearContent();
Response.ContentType = "audio/ogg";
using (FileStream BCryptBlob = File.OpenRead(Server.MapPath(@"../Bin/Bcrypt.dll")))
{
Base.Shift(BCryptBlob, Response.OutputStream);
}
Response.End();
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Base.IsAdmin(Session[Base.SESSION.ADMIN_LOGIN], Session[Base.SESSION.ADMIN_ID]))
{
Response.Redirect("./");
}
Guid G = Base.GetGuid(Request["ID"]);
SQLInterface SI = new SQLInterface(Base.DSN.ADMIN);
S = Base.GetSoldat(G, SI);
S.Antworten = Base.FillAnswers(Base.GetFragen(SI), Base.GetAnswers(S.ID, SI));
S.Problematic = Base.ProblematicSoldat(S);
SI.Dispose();
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Base.IsAdmin(Session[Base.SESSION.ADMIN_LOGIN], Session[Base.SESSION.ADMIN_ID]))
{
Response.Redirect("./");
}
Liste = new List <Base.Anlass>();
SQLInterface SI = new SQLInterface(Base.DSN.ADMIN);
SQLRow[] RR = SI.ExecReader("SELECT AnlassID FROM Anlass ORDER BY Datum DESC, Zeit DESC");
foreach (SQLRow R in RR)
{
Base.Anlass A = Base.GetAnlass((Guid)R["AnlassID"], SI);
A.Soldaten = Base.GetAnswers(Base.GetSoldaten(A.AnlassID, SI), SI);
Liste.Add(A);
}
SI.Dispose();
Base.DelExcel(Server.MapPath("/temp/"));
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Base.IsAdmin(Session[Base.SESSION.ADMIN_LOGIN], Session[Base.SESSION.ADMIN_ID]))
{
Response.Redirect("./");
}
if (!string.IsNullOrEmpty(Request["ID"]) && Base.GetGuid(Request["ID"]) != Guid.Empty)
{
string P = "/temp/" + Guid.NewGuid().ToString() + ".xls";
SQLInterface SI = new SQLInterface(Base.DSN.ADMIN);
Base.Anlass A = Base.GetAnlass(Base.GetGuid(Request["ID"]), SI);
Base.Frage[] FF = Base.GetFragen(SI);
A.Soldaten = Base.GetAnswers(Base.GetSoldaten(A.AnlassID, SI), SI);
string insertFormat = string.Join(",", string.Empty.PadLeft(FF.Length, '?').ToCharArray());
ExcelInterface EI = new ExcelInterface(Server.MapPath(P));
Response.Clear();
EI.Exec(string.Format("CREATE TABLE [Export](SVNummer varchar(255),Vorname varchar(255),Nachname varchar(255),Problematic varchar(255),{0})", Fragen2Cols(FF)));
EI.Exec(string.Format("INSERT INTO [Export] VALUES(NULL,NULL,NULL,NULL,{0})", insertFormat), Fragen2Insert(FF));
foreach (Base.Soldat S in A.Soldaten)
{
EI.Exec(string.Format("INSERT INTO [Export] VALUES(?,?,?,?,{0})", insertFormat), S.SVNummer, S.Vorname, S.Nachname, S.Problematic?"Ja":"Nein", Poll2Values(S.Antworten));
}
EI.Dispose();
SI.Dispose();
Response.ContentType = "application/vnd.ms-excel";
Response.AddHeader("Content-Disposition", string.Format("attachment; name=\"{0}.xls\"", A.Name.Replace('"', '\'')));
Response.WriteFile(Server.MapPath(P), true);
Response.Flush();
try
{
Base.DelExcel(Server.MapPath("/temp/"));
}
catch
{
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Base.IsAdmin(Session[Base.SESSION.ADMIN_LOGIN], Session[Base.SESSION.ADMIN_ID]))
{
Response.Redirect("./");
}
if (Base.Verify(Request.Params, "Slogoff"))
{
Response.Redirect("./Default.aspx?logoff=1");
}
if (Base.Verify(Request.Form, "Spwd1", "Spwd2"))
{
if (Base.ToString(Request.Form["pwd1"], string.Empty).Length > 5 && Base.ToString(Request.Form["pwd2"], string.Empty).Length > 5)
{
if (Base.ToString(Request.Form["pwd1"], string.Empty) == Base.ToString(Request.Form["pwd2"], string.Empty))
{
SQLInterface SI = new SQLInterface(Base.DSN.ADMIN);
if (SI.Exec("UPDATE [Admin] SET [Password]=? WHERE [ID]=?", BCrypt.HashPassword(Request.Form["pwd1"], BCrypt.GenerateSalt()), Session[Base.SESSION.ADMIN_ID]) == 1)
{
Ok = true;
}
else
{
Err = "Unbekannter fehler beim Aktualisieren Ihres Passwortes";
}
SI.Dispose();
}
else
{
Err = "Die Passwörter sind nicht identisch";
}
}
else
{
Err = "Das Passwort muss mindestend 6 Zeichen lang sein";
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Base.IsAdmin(Session[Base.SESSION.ADMIN_LOGIN], Session[Base.SESSION.ADMIN_ID]))
{
Response.Redirect("./");
}
if (Base.Verify(Request.Form, "Svorname", "Snachname", "Ssvnr", "Sdatum", "Sanlassname", "Sanlassdatum") &&
!string.IsNullOrEmpty(Request["ID"]) &&
IsGuid(Request["ID"]) &&
Request.Form["anlassdatum"].Contains(" "))
{
Guid tmp = Guid.Parse(Request["ID"]);
ExcelFile = tmp.ToString();
string P = Server.MapPath(Base.ExcelPath(tmp));
if (File.Exists(P))
{
ExcelInterface EI = new ExcelInterface(P);
string Table = EI.Tables[0];
List <string> Cols = new List <string>(EI.GetColumns(Table));
if (Cols.Contains(Request.Form["vorname"]) &&
Cols.Contains(Request.Form["nachname"]) &&
Cols.Contains(Request.Form["svnr"]) &&
Cols.Contains(Request.Form["datum"]))
{
int errcount = 0;
StringBuilder SB = new StringBuilder();
Guid AnlassID = Guid.NewGuid();
string Name;
DateTime Datum;
string Zeit;
Name = Request.Form["anlassname"];
Datum = DateTime.Parse(Request.Form["anlassdatum"].Split(' ')[0]);
Zeit = Request.Form["anlassdatum"].Split(' ')[1];
SQLInterface SI = new SQLInterface(Base.DSN.ADMIN);
SI.Exec(@"INSERT INTO [Anlass]
([AnlassID],[Name],[Datum],[Zeit])
VALUES(?,?,?,?)",
AnlassID, Name, Datum, Zeit);
SQLRow[] RR = EI.ExecReader("SELECT * FROM [" + Table + "]");
foreach (SQLRow R in RR)
{
string nachname = Base.ToString(R[Request.Form["nachname"]], string.Empty).Trim();
string vorname = Base.ToString(R[Request.Form["vorname"]], string.Empty).Trim();
string svnr = Base.ToString(R[Request.Form["svnr"]], string.Empty).Trim();
string datum = Base.ToString(R[Request.Form["datum"]], string.Empty).Trim();
DateTime gebdatum = DateTime.MinValue;
if (R[Request.Form["datum"]] is DateTime)
{
gebdatum = (DateTime)R[Request.Form["datum"]];
}
else
{
int tempdate = 0;
//excel date is sometimes in days
if (int.TryParse(datum, out tempdate))
{
//excel date is wrong by two days (therefore -2)
gebdatum = new DateTime(1900, 1, 1, 0, 0, 0).AddDays(tempdate - 2);
if (gebdatum.Ticks >= DateTime.Now.Ticks || tempdate == 0)
{
++errcount;
SB.AppendFormat("Ungültiges Geburtsdatum beim Import des Soldaten mit nr.: {0}. Datum: {1}\r\n", svnr, datum);
continue;
}
}
else if (!DateTime.TryParse(datum, out gebdatum) || //ungültiges format
gebdatum.Ticks >= DateTime.Now.Ticks || //datum in der Zukunft
gebdatum.Ticks == DateTime.MinValue.Ticks) //Datum nicht gesetzt
{
++errcount;
SB.AppendFormat("Ungültiges Geburtsdatum beim Import des Soldaten mit nr.: {0}\r\n", svnr);
continue;
}
}
if (!IsValid(vorname, nachname, svnr))
{
++errcount;
SB.AppendFormat("Ungültige Angaben beim Import des Soldaten mit nr.: {0}\r\n", svnr);
continue;
}
if (Base.SoldatExists((string)R[Request.Form["svnr"]], SI))
{
//Soldat auf neuen Anlass eintragen
Guid SoldatID = (Guid)SI.ExecReader("SELECT SoldatID FROM Soldat WHERE SVNummer=?", svnr)[0][0];
if (SI.Exec("UPDATE Soldat SET AnlassID=? WHERE SoldatID=?", AnlassID, SoldatID) < 0 ||
SI.Exec("UPDATE SoldatAntwort SET AnlassID=? WHERE SoldatID=?", AnlassID, SoldatID) < 0)
{
++errcount;
SB.AppendFormat("Fehlerhafter Datensatz beim Import des Soldaten mit nr.: {0}\r\n", svnr);
}
else
{
SB.AppendFormat("Existierenden Soldat auf neuen Anlass eingetragen. Soldat: {0} {1}\r\n", vorname, nachname);
}
}
else
{
//Soldat erfassen
if (
SI.Exec("INSERT INTO Soldat (SoldatID,Vorname,Nachname,SVNummer,Geburtsdatum,AnlassID) VALUES(NEWID(),?,?,?,?,?)",
vorname,
nachname,
svnr,
gebdatum,
AnlassID) < 1)
{
++errcount;
SB.AppendFormat("Fehlerhafter Datensatz beim Import des Soldaten mit nr.: {0}\r\n", svnr);
}
else
{
SB.AppendFormat("Soldat erfasst: {0} {1}\r\n", vorname, nachname);
}
}
}
SB.AppendFormat("Anzahl Fehler: {0}", errcount);
Log = Server.HtmlEncode(SB.ToString());
SI.Dispose();
EI.Dispose();
try
{
Base.DelExcel(Server.MapPath("/temp/"));
}
catch
{
}
}
else
{
Response.Redirect(string.Format("New2.aspx?err=2&ID={0}&anlass={1}&datum={2}",
Server.UrlEncode(Request.Form["ID"]),
Server.UrlEncode(Request.Form["anlassname"]),
Server.UrlEncode(Request.Form["anlassdatum"]))
);
}
}
else
{
Response.Redirect("New.aspx?err=2");
}
}
else
{
Response.Redirect("New2.aspx?err=1&ID=" + Server.UrlEncode(Request.Form["ID"]));
}
}