Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Data;
- using System.Data.SqlClient;
- using System.IO;
- using System.Linq;
- using System.Net;
- using System.Net.Http;
- using System.Net.Mail;
- using System.Web;
- using System.Web.Http;
- namespace placer.Controllers
- {
- public class ValuesController : ApiController
- {
- // GET api/values
- public IEnumerable<string> Get()
- {
- return new string[] { "value1", "value2" };
- }
- // GET api/values/5
- public string Get(string id)
- {
- try
- {
- string result = "";
- if (id == "1")
- {
- string tablename = "razdel_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename, con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- for (int i = 0; i < r.Tables[0].Rows.Count; i++)
- {
- if (result != "")
- {
- result += '*';
- }
- result += (r.Tables[0].Rows[i]["razd"].ToString()+"#"+ r.Tables[0].Rows[i]["location"].ToString());
- con2.Close();
- }
- }
- else
- {
- string[] h = id.Split('=');
- if (h[0] == "2")
- {
- string tablename = "login_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename + " WHERE login like'" + h[1].ToLower() + "'", con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- if (r.Tables[0].Rows.Count != 0)
- {
- con2.Close();
- return "0";
- }
- else
- {
- myOleDbCommand = new SqlCommand("INSERT INTO " + tablename + " (login,pass,mail) VALUES ('" + h[1].ToLower() + "','" + h[3] + "','" + tom(h[2].ToLower()) + "')", con2);
- myOleDbCommand.ExecuteNonQuery();
- con2.Close();
- return "1";
- }
- }
- else if (h[0] == "3")
- {
- string tablename = "login_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename + " WHERE login like '" + h[1].ToLower() + "' AND pass like '" + h[2] + "'", con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- if (r.Tables[0].Rows.Count != 0)
- {
- con2.Close();
- return "1";
- }
- else
- {
- return "0";
- }
- }
- else if (h[0] == "4")
- {
- string tablename = "login_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename + " WHERE login like '" + h[1].ToLower() + "'", con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- if (r.Tables[0].Rows.Count != 0)
- {
- Random rand = new Random();
- string s = "";
- string Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
- for (int j = 0; j < 8; j++)
- {
- s += Alphabet[rand.Next(Alphabet.Length)];
- }
- string mail = r.Tables[0].Rows[0]["mail"].ToString();
- SendMail(mail, "Восстановление пароля MyTalent", "Временный пароль: " + s.ToLower());
- myOleDbCommand = new SqlCommand("Update " + tablename + " SET pass='" + s.ToLower() + "' WHERE login LIKE '" + h[1].ToLower() + "'", con2);
- myOleDbCommand.ExecuteNonQuery();
- return "1";
- }
- else
- {
- return "0";
- }
- }
- else if (h[0] == "5")
- {
- string tablename = "post_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename + " WHERE razd like '" + h[1] + "'", con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- for (int i = 0; i < r.Tables[0].Rows.Count; i++)
- {
- if (result != "")
- {
- result += '*';
- }
- result += (r.Tables[0].Rows[i]["zag"].ToString() + "=" + r.Tables[0].Rows[i]["aut"].ToString() + "=" + r.Tables[0].Rows[i]["txt"].ToString() + "=" + r.Tables[0].Rows[i]["likes"].ToString() + "=" + r.Tables[0].Rows[i]["users"].ToString() + "=" + r.Tables[0].Rows[i]["id_p"].ToString());
- con2.Close();
- }
- return result;
- }
- else if (h[0] == "6")
- {
- string tablename = "login_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename + " WHERE login like '" + h[1].ToLower() + "'", con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- if (r.Tables[0].Rows.Count != 0)
- {
- myOleDbCommand = new SqlCommand("Update " + tablename + " SET pass='" + h[2] + "' WHERE login LIKE '" + h[1].ToLower() + "'", con2);
- myOleDbCommand.ExecuteNonQuery();
- return "1";
- }
- else
- {
- return "0";
- }
- }
- else if (h[0] == "7")
- {
- string tablename = "login_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename + " WHERE login like '" + h[1].ToLower() + "'", con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- if (r.Tables[0].Rows.Count != 0)
- {
- myOleDbCommand = new SqlCommand("Update " + tablename + " SET mail='" + tom(h[2].ToLower()) + "' WHERE login LIKE '" + h[1].ToLower() + "'", con2);
- myOleDbCommand.ExecuteNonQuery();
- return "1";
- }
- else
- {
- return "0";
- }
- }
- else if (h[0] == "8")
- {
- string tablename = "post_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename + " WHERE id_p like '" + h[2].ToLower() + "'", con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- var user = r.Tables[0].Rows[0]["users"].ToString().Split('&');
- for (int i = 0; i < user.Length; i++)
- {
- if (user[i].ToLower() == h[1].ToLower())
- {
- con2.Close();
- return "0";
- }
- }
- var new_s = "";
- if (r.Tables[0].Rows[0]["users"].ToString().Length == 0)
- {
- new_s = h[1].ToLower();
- }
- else
- {
- new_s = r.Tables[0].Rows[0]["users"].ToString() + "&" + h[1];
- }
- int likes = Convert.ToInt32(r.Tables[0].Rows[0]["likes"].ToString());
- likes++;
- myOleDbCommand = new SqlCommand("Update " + tablename + " SET likes='" + likes.ToString() + "', users='" + new_s + "' WHERE id_p LIKE '" + h[2].ToLower() + "'", con2);
- myOleDbCommand.ExecuteNonQuery();
- con2.Close();
- return "1";
- }
- }
- return result;
- }
- catch (Exception r)
- {
- return r.Message;
- }
- }
- string tom(string s)
- {
- string s1 = "";
- for (int i = 0; i < s.Length; i++)
- {
- if (s[i] == ',')
- {
- s1 += '.';
- }
- else
- {
- s1 += s[i];
- }
- }
- return s1;
- }
- // POST api/values
- public string Post([FromBody]string value)
- {
- string req_txt = "";
- using (StreamReader reader = new StreamReader(HttpContext.Current.Request.InputStream))
- {
- req_txt = reader.ReadToEnd();
- }
- string[] h = req_txt.Split('>');
- if (h.Length > 1)
- {
- string tablename = "post_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT zag" + " FROM " + tablename, con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- myOleDbCommand = new SqlCommand("INSERT INTO " + tablename + " (razd,aut,zag,txt,likes,users,id_p) VALUES (N'" + h[1] + "', N'" + h[0] + "', N'" + h[2] + "', N'" + h[3] + "', '0', '', '" + (r.Tables[0].Rows.Count + 1).ToString() + "')", con2);
- myOleDbCommand.ExecuteNonQuery();
- con2.Close();
- return "1";
- }
- else
- {
- string result = "";
- string tablename = "post_placer";
- SqlConnection con2 = new SqlConnection("Server=192.186.88.146,1433;Database=lic_edu;User ID=test; Password=123;");
- con2.Open();
- SqlCommand myOleDbCommand;
- myOleDbCommand = new SqlCommand("SELECT*" + " FROM " + tablename + " WHERE razd like N'" + h[0].ToLower() + "'", con2);
- SqlDataAdapter MyOleDbAdapter = new SqlDataAdapter();
- MyOleDbAdapter.SelectCommand = myOleDbCommand;
- DataSet r = new DataSet();
- MyOleDbAdapter.TableMappings.Add(tablename, "MainTable");
- MyOleDbAdapter.Fill(r, "MainTable");
- for (int i = 0; i < r.Tables[0].Rows.Count; i++)
- {
- if (result != "")
- {
- result += '<';
- }
- result += (r.Tables[0].Rows[i]["zag"].ToString() + ">" + r.Tables[0].Rows[i]["aut"].ToString() + ">" + r.Tables[0].Rows[i]["txt"].ToString() + ">" + r.Tables[0].Rows[i]["likes"].ToString() + ">" + r.Tables[0].Rows[i]["users"].ToString() + ">" + r.Tables[0].Rows[i]["id_p"].ToString());
- }
- con2.Close();
- return result;
- }
- }
- // PUT api/values/5
- public void Put(int id, [FromBody]string value)
- {
- }
- // DELETE api/values/5
- public void Delete(int id)
- {
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement