This repository was archived by the owner on May 9, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathAdmin.aspx.cs
More file actions
97 lines (83 loc) · 3.66 KB
/
Copy pathAdmin.aspx.cs
File metadata and controls
97 lines (83 loc) · 3.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
using MySql.Data.MySqlClient;
using System;
using System.Collections.Generic;
using System.Data;
using System.IO;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class Admin : System.Web.UI.Page
{
// Na Page Load lista sve report-ove sortirajuci ih po datumu prvo
protected void Page_Load(object sender, EventArgs e)
{
if (!(Session["username"] != null))
{
Response.Redirect("index.aspx");
}
using (MySqlConnection Connection = new MySqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString))
{
Connection.Open();
MySqlCommand Command = new MySqlCommand("SELECT * FROM onlinecrimereport.reports order by DateTime desc ", Connection);
DataTable dt = new DataTable();
MySqlDataAdapter da = new MySqlDataAdapter(Command);
da.Fill(dt);
Repeater1.DataSource = dt;
Repeater1.DataBind();
}
}
protected void Repeater1_ItemCommand(object source, RepeaterCommandEventArgs e)
{
}
protected void SecureFileDownload(string filename, string actualname)
{
if(String.IsNullOrEmpty(filename) || String.IsNullOrEmpty(actualname)) {
alert.InnerHtml = "<script> alert('No File') </script>";
}
else {
string strFilepath = MapPath("~/Uploads/" + filename);
FileInfo myfile = new FileInfo(strFilepath);
Response.Clear();
Response.AddHeader("Content-Disposition", "attachment; filename=" + actualname);
Response.AddHeader("Content-Length", myfile.Length.ToString());
Response.WriteFile(myfile.FullName);
Response.End();
}
}
protected void DownloadButton_Click(object sender, EventArgs e)
{
using (MySqlConnection Connection = new MySqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString))
{
Connection.Open();
MySqlCommand Command = new MySqlCommand("SELECT file, virtualname FROM onlinecrimereport.reports where idReports='"+TextBox2.Text.Trim()+"' ", Connection);
MySqlDataReader rdr = Command.ExecuteReader();
if (rdr.Read())
{
SecureFileDownload(rdr.GetString(1), rdr.GetString(0));
}
}
}
protected void respondToReportWithStatusMsg(object sender, EventArgs e)
{
using (MySqlConnection Connection = new MySqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString))
{
Connection.Open();
MySqlCommand Command = new MySqlCommand("UPDATE `onlinecrimereport`.`reports` SET `StatusMessage`= '"+TextBox1.Text+"' WHERE `idReports`= '" + TextBox2.Text.Trim() + "' ", Connection);
Command.ExecuteNonQuery();
Connection.Close();
Response.Redirect(Request.RawUrl);
}
}
protected void submitNews(object sender, EventArgs e)
{
using (MySqlConnection Connection = new MySqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString))
{
Connection.Open();
MySqlCommand Command = new MySqlCommand(String.Format("INSERT INTO `onlinecrimereport`.`news` (`news`, `author`, `title`) VALUES('{0}', '{1}', '{2}');", NewsTextBox.Text.Trim(), Session["username"].ToString(), TitleTextBox.Text.Trim()), Connection);
Command.ExecuteNonQuery();
Connection.Close();
Response.Redirect(Request.RawUrl);
}
}
}