public string GetBlog(int mainid, string Search) { if (SecureAuthentication != null) { int Output = CheckLoginReturnUserId(SecureAuthentication).ValueFromSQL; if (Output > 0) { GetBlog proc = new GetBlog(); return("{\"BlogList\" : " + Serialize(proc.GetBlogList(mainid, Search)) + "}"); } else { return(Serialize(new AuthResponse(0, Output == -1 ? "Authentication is NULL" : "Invalid Authentication"))); } } return(Serialize(new AuthResponse(0, "Authentication information not provided."))); }
public async Task <ActionResult <BlogItemDTO> > GetBlog(GetBlog getBlog) { // Select n'th blog string queryString = string.Format("SELECT * FROM (SELECT ROW_NUMBER() OVER (ORDER BY DateCreated DESC) AS row_num ,ID, Title, Content, Requests, DateCreated, DateModified FROM [BlogItem]) AS sub WHERE row_num = {0}", getBlog.Id); string connString = ConfigurationExtensions.GetConnectionString(configuration, "BlogAPI"); BlogItemDTO blogItemDTO = new(); using (SqlConnection connection = new(connString)) { connection.Open(); SqlCommand command = new(queryString, connection); SqlDataReader reader = await command.ExecuteReaderAsync(); if (reader.Read()) { blogItemDTO.Id = (int)reader["ID"]; blogItemDTO.Title = reader["Title"].ToString(); blogItemDTO.Content = reader["Content"].ToString(); blogItemDTO.Requests = (int)reader["Requests"]; blogItemDTO.DateCreated = reader["DateCreated"].ToString(); blogItemDTO.DateModified = reader["DateModified"].ToString(); } reader.Close(); // Update blog request count string queryString1 = string.Format("UPDATE [BlogItem] SET Requests = ISNULL(Requests, 0) + 1 WHERE ID = {0}", blogItemDTO.Id); if (getBlog.PreventIncrement == false) { SqlCommand command1 = new(queryString1, connection); command1.ExecuteNonQuery(); } connection.Close(); } return(blogItemDTO); }
public async Task <ActionResult <BlogItemDTO> > GetBlogId(GetBlog getBlog) { string queryString = string.Format("SELECT * FROM [BlogItem] WHERE ID = {0}", getBlog.Id); string queryString1 = string.Format("UPDATE [BlogItem] SET Requests = ISNULL(Requests, 0) + 1 WHERE ID = {0}", getBlog.Id); string connString = ConfigurationExtensions.GetConnectionString(configuration, "BlogAPI"); BlogItemDTO blogItemDTO = new(); using (SqlConnection connection = new(connString)) { connection.Open(); SqlCommand command = new(queryString, connection); SqlDataReader reader = await command.ExecuteReaderAsync(); if (reader.Read()) { blogItemDTO.Id = (int)reader["ID"]; blogItemDTO.Title = reader["Title"].ToString(); blogItemDTO.Content = reader["Content"].ToString(); blogItemDTO.Requests = (int)reader["Requests"]; blogItemDTO.DateCreated = reader["DateCreated"].ToString(); blogItemDTO.DateModified = reader["DateModified"].ToString(); } reader.Close(); if (getBlog.PreventIncrement == false) { SqlCommand command1 = new(queryString1, connection); command1.ExecuteNonQuery(); } connection.Close(); } return(blogItemDTO); }