private ActionResult RemoveView()
{
var POST = this.GetJsonPostObjectFromRequest();
if (POST["view_id"] != null)
{
string idString = _context.SQLEscape(POST["view_id"].ToString());
if (int.TryParse(idString, out int id))
{
//find view
fv_views viewToDelete = null;
try
{
viewToDelete = _context.fv_views.Single(x => x.v_id == id);
}
catch (InvalidOperationException) { }
if (viewToDelete == null)
{
Response.StatusCode = 400;
return(Content($"Could not find View to delete with id: {id}"));
}
//delete view
try
{
_context.fv_views.Remove(viewToDelete);
_context.SaveChanges();
}
catch (Exception ex)
{
if (ex is DbEntityValidationException || ex is DbUpdateException || ex is SqlException)
{
Response.StatusCode = 400;
return(Content($"Could not delete view $id for the user {username}. SQL Execution failed."));
}
throw;
}
Response.StatusCode = 200;
return(Json(new { message = "View deleted." }, JsonRequestBehavior.AllowGet));
}
else
{
Response.StatusCode = 400;
return(Content("ID for View is not valid."));
}
}
else
{
Response.StatusCode = 400;
return(Content("View ID is not set."));
}
}
private Views GetViewArrayByRowResult(fv_views viewFromDb)
{
Views.ViewData yearData = new Views.ViewData()
{
january = viewFromDb.v_month_01,
february = viewFromDb.v_month_02,
march = viewFromDb.v_month_03,
april = viewFromDb.v_month_04,
may = viewFromDb.v_month_05,
june = viewFromDb.v_month_06,
july = viewFromDb.v_month_07,
august = viewFromDb.v_month_08,
september = viewFromDb.v_month_09,
october = viewFromDb.v_month_10,
november = viewFromDb.v_month_11,
december = viewFromDb.v_month_12,
tempJanuary = viewFromDb.v_month_01,
tempFebruary = viewFromDb.v_month_02,
tempMarch = viewFromDb.v_month_03,
tempApril = viewFromDb.v_month_04,
tempMay = viewFromDb.v_month_05,
tempJune = viewFromDb.v_month_06,
tempJuly = viewFromDb.v_month_07,
tempAugust = viewFromDb.v_month_08,
tempSeptember = viewFromDb.v_month_09,
tempOctober = viewFromDb.v_month_10,
tempNovember = viewFromDb.v_month_11,
tempDecember = viewFromDb.v_month_12
};
Views view = new Views()
{
count = viewFromDb.v_id,
name = viewFromDb.v_name,
description = viewFromDb.v_description,
id = viewFromDb.v_html_id,
notes = viewFromDb.v_notes,
profile_url = viewFromDb.v_profile_url,
data = yearData
};
return(view);
}
private ActionResult UpdateViewMonth()
{
var POST = this.GetJsonPostObjectFromRequest();
if (POST["view_id"] != null &&
POST["updatedMonth"] != null &&
POST["value"] != null &&
POST["view_id"].ToString() != "" &&
POST["view_id"].ToString() != " " &&
POST["updatedMonth"].ToString() != "" &&
POST["updatedMonth"].ToString() != " " &&
POST["value"].ToString() != "" &&
POST["value"].ToString() != " ")
{
string idString = _context.SQLEscape(POST["view_id"].ToString());
string monthNumberString = _context.SQLEscape(POST["updatedMonth"].ToString());
if (int.TryParse(idString, out int id) && int.TryParse(monthNumberString, out int monthNumber))
{
string month = monthNumber > 9 ? monthNumber.ToString() : $"0{monthNumber}";
string value = _context.SQLEscape(POST["value"].ToString());
//check if new value for month is correct
Regex regex = new Regex("^([0-9+(*)/.-])*$");
Match match = regex.Match(value);
if (match.Success)
{
//find view
fv_views viewToDelete = null;
try
{
viewToDelete = _context.fv_views.Single(x => x.v_id == id);
}
catch (InvalidOperationException) { }
if (viewToDelete == null)
{
Response.StatusCode = 400;
return(Content($"Could not find View to update with id: {id}"));
}
//update
try
{
_context.Database.ExecuteSqlCommand(
$"UPDATE [fv_views] SET [v_month_{month}] = '{value}' WHERE [fv_views].[v_id] = {id} AND [fv_views].[v_u_name] = '{username}'");
_context.SaveChanges();
}
catch (Exception ex)
{
if (ex is DbEntityValidationException || ex is DbUpdateException || ex is SqlException)
{
Response.StatusCode = 400;
return(Content("Could not update the month. SQL Execution failed."));
}
throw;
}
Response.StatusCode = 200;
return(Json(new { message = "Month updated." }, JsonRequestBehavior.AllowGet));
}
else
{
Response.StatusCode = 400;
return(Content($"New value is invalid: {value}"));
}
}
else
{
Response.StatusCode = 400;
return(Content("View-ID or Month is not valid."));
}
}
else
{
Response.StatusCode = 400;
return(Content("Not all values are set."));
}
}
private ActionResult AddView()
{
var POST = this.GetJsonPostObjectFromRequest();
if (POST["name"] != null &&
POST["description"] != null &&
POST["id"] != null &&
POST["notes"] != null &&
POST["profile_url"] != null &&
POST["name"].ToString() != "" &&
POST["name"].ToString() != " " &&
POST["description"].ToString() != "" &&
POST["description"].ToString() != " " &&
POST["id"].ToString() != "" &&
POST["id"].ToString() != " " &&
POST["notes"].ToString() != "" &&
POST["notes"].ToString() != " " &&
POST["profile_url"].ToString() != "" &&
POST["profile_url"].ToString() != " ")
{
string name = _context.SQLEscape(POST["name"].ToString());
string description = _context.SQLEscape(POST["description"].ToString());
string id = _context.SQLEscape(POST["id"].ToString());
string notes = _context.SQLEscape(POST["notes"].ToString());
string profile_url = _context.SQLEscape(POST["profile_url"].ToString());
if (!id.Contains(" ") && !profile_url.Contains(" "))
{
var listForExistingID = _context.fv_views.Where(x =>
x.v_y_year == year.ToString() &&
x.v_u_name == username &&
x.v_html_id == id
).ToList();
var listForExistingName = _context.fv_views.Where(x =>
x.v_y_year == year.ToString() &&
x.v_u_name == username &&
x.v_name == name
).ToList();
if (listForExistingName.Count >= 1 || listForExistingID.Count >= 1)
{
Response.StatusCode = 400;
return(Content("ID or Name does already exist"));
}
else
{
//add View:
fv_views newView = new fv_views()
{
v_y_year = year.ToString(),
v_u_name = username,
v_name = name,
v_description = description,
v_html_id = id,
v_notes = notes,
v_profile_url = profile_url,
v_month_01 = "0",
v_month_02 = "0",
v_month_03 = "0",
v_month_04 = "0",
v_month_05 = "0",
v_month_06 = "0",
v_month_07 = "0",
v_month_08 = "0",
v_month_09 = "0",
v_month_10 = "0",
v_month_11 = "0",
v_month_12 = "0"
};
_context.fv_views.Add(newView);
try
{
_context.SaveChanges();
}
catch (Exception ex)
{
if (ex is DbEntityValidationException || ex is DbUpdateException || ex is SqlException)
{
Response.StatusCode = 400;
return(Content("Could not create a new view. SQL Execution failed."));
}
throw;
}
//check if view was saved:
fv_views finalView = null;
try
{
finalView = _context.fv_views.Single(x =>
x.v_y_year == year.ToString() &&
x.v_u_name == username &&
x.v_html_id == id
);
}
catch (InvalidOperationException) { }
if (finalView == null)
{
Response.StatusCode = 400;
return(Content("View was created but cannot be accessed. SQL Execution failed."));
}
Response.StatusCode = 200;
return(Json(GetViewArrayByRowResult(finalView), JsonRequestBehavior.AllowGet));
}
}
else
{
Response.StatusCode = 400;
return(Content("Profile_Url or id should not contain whitespaces."));
}
}
else
{
Response.StatusCode = 400;
return(Content("Not all values are set."));
}
}
