1 using System;
2 using System.Collections;
3 using System.ComponentModel;
4 using System.Data;
5 using System.Diagnostics;
6 using System.Web;
7 using System.Web.Services;
8
9 namespace Blinky
10 {
11
12 [WebService(Namespace="http://wren.cis.upenn.edu/")]
13 public class Blinky : System.Web.Services.WebService
14 {
15 public Blinky()
16 {
17 // this required by the ASP.NET Web Services Designer
18 InitializeComponent();
19 }
20
21 private System.Data.SqlClient.SqlConnection BlinkySQL;
22
23
24 #region Component Designer generated code
25
26 //Required by the Web Services Designer
27 private IContainer components = null;
28
29 ///
30 /// Required method for Designer support - do not modify
31 /// the contents of this method with the code editor.
32 ///
33 private void InitializeComponent()
34 {
35 this.BlinkySQL = new System.Data.SqlClient.SqlConnection();
36 //
37 // BlinkySQL
38 //
39 this.BlinkySQL.ConnectionString = "workstation id=BERTHA;packet size=4096;" +
40 "user id=********;data source=\"wren.cis.upenn." +
41 "edu\";persist security info=True;initial catalog=Blinky;password=********";
42 this.BlinkySQL.InfoMessage += new
43 System.Data.SqlClient.SqlInfoMessageEventHandler(this.BlinkySQL_InfoMessage_1);
44
45 }
46
47 ///
48 /// Clean up any resources being used.
49 ///
50 protected override void Dispose( bool disposing )
51 {
52 if(disposing && components != null)
53 {
54 components.Dispose();
55 }
56 base.Dispose(disposing);
57 }
58
59 #endregion
60
61
62 public string ReplaceChars(string s)
63 {
64 return s.Replace("'", "''");
65 }
66
67 [WebMethod(Description="Adds userID, displayName, and password to " +
68 "the database. Returns false if the action fails.")]
69 public bool RegisterUser(string userID, string displayName, string password)
70 {
71 if ((userID.Length >= 16) || (displayName.Length >= 16) || (password.Length >= 16))
72 {
73 return false;
74 }
75 userID = ReplaceChars(userID);
76 displayName = ReplaceChars(displayName);
77 password = ReplaceChars(password);
78
79 if ((userID != null) && (password != null))
80 {
81 userID = userID.Trim();
82 password = password.Trim();
83 if ((userID.Length == 0) || (password.Length == 0)) // ""
84 {
85 return false;
86 }
87 }
88
89 try
90 {
91 string querystring =
92 "insert into Users (UserID, DisplayName, UserPassword) " +
93 "values ('" + userID + "', '" +
94 displayName + "', '" + password +"')";
95 BlinkySQL.Open();
96 System.Data.SqlClient.SqlCommand c =
97 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
98 c.ExecuteNonQuery();
99 BlinkySQL.Close();
100 return true;
101 }
102 catch
103 {
104 return false;
105 }
106 }
107
108
109 [WebMethod(Description="Returns true if the password matches the userID. " +
110 "Returns false otherwise.")]
111 public bool PasswordOK(string userID, string password)
112 {
113 if ((userID.Length >= 16) || (password.Length >= 16))
114 {
115 return false;
116 }
117 userID = ReplaceChars(userID);
118 password = ReplaceChars(password);
119 try
120 {
121 userID = userID.Trim();
122 password = password.Trim();
123 if ((userID == "") || (password == ""))
124 {
125 return false;
126 }
127 string querystring = "select UserPassword from Users where UserID = '" + userID + "'";
128 BlinkySQL.Open();
129 System.Data.SqlClient.SqlCommand c =
130 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
131 string pswd = (string) c.ExecuteScalar();
132 BlinkySQL.Close();
133
134 if (pswd == null)
135 {
136 return false;
137 }
138 pswd = pswd.Trim();
139 if (pswd.Equals(password))
140 {
141 return true;
142 }
143 }
144 catch
145 {
146
147 }
148 return false;
149 }
150
151
152 [WebMethod(Description="Returns the DisplayName for specified user. " +
153 "Returns empty string if user doesn't exist.")]
154 public string GetUserDisplayName(string userID)
155 {
156 if (userID.Length >= 16)
157 {
158 return "";
159 }
160 userID = ReplaceChars(userID);
161
162 try
163 {
164 userID = userID.Trim();
165 if (userID.Length == 0) // ""
166 {
167 return "";
168 }
169
170 string querystring = "select DisplayName from Users where UserID = '" +
171 userID + "'";
172 BlinkySQL.Open();
173 System.Data.SqlClient.SqlCommand c =
174 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
175 string user = (string) c.ExecuteScalar();
176 BlinkySQL.Close();
177
178 if (user == null)
179 {
180 return "";
181 }
182
183 user = user.Trim();
184 return user;
185 }
186 catch
187 {
188
189 }
190 return "";
191 }
192
193
194 [WebMethod(Description="Returns true if user exists. Returns false otherwise.")]
195 public bool UserExists(string userID)
196 {
197 if (userID.Length >= 16)
198 {
199 return false;
200 }
201 userID = ReplaceChars(userID);
202
203 try
204 {
205 string querystring = "select UserID from Users where UserID = '" + userID + "'";
206 BlinkySQL.Open();
207 System.Data.SqlClient.SqlCommand c =
208 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
209 string user = (string) c.ExecuteScalar();
210 BlinkySQL.Close();
211
212 if (user == null)
213 {
214 return false;
215 }
216 user = user.Trim();
217 if (user.Equals(""))
218 {
219 return false;
220 }
221 return true;
222 }
223 catch
224 {
225 return false;
226 }
227 }
228
229
230 [WebMethod(Description="Returns true if a blog with the specified ID exists. " +
231 "Returns false otherwise.")]
232 public bool BlogIDExists(int blogID)
233 {
234 try
235 {
236 string querystring = "select UserID from Blogs where BlogID = " +
237 blogID.ToString();
238 BlinkySQL.Open();
239 System.Data.SqlClient.SqlCommand c =
240 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
241 string user = (string) c.ExecuteScalar();
242 BlinkySQL.Close();
243
244 if (user == null)
245 {
246 return false;
247 }
248 user = user.Trim();
249 if (user.Equals(""))
250 {
251 return false;
252 }
253 return true;
254 }
255 catch
256 {
257 return false;
258 }
259 }
260
261
262 [WebMethod(Description="Returns true if a comment with the specified ID exists. " +
263 "Returns false otherwise.")]
264 public bool CommentIDExists(int commentID)
265 {
266 try
267 {
268 string querystring =
269 "select CommentUserID from BlogComments where CommentID = " +
270 commentID.ToString();
271 BlinkySQL.Open();
272 System.Data.SqlClient.SqlCommand c =
273 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
274 string user = (string) c.ExecuteScalar();
275 BlinkySQL.Close();
276
277 if (user == null)
278 {
279 return false;
280 }
281 user = user.Trim();
282 if (user.Equals(""))
283 {
284 return false;
285 }
286 return true;
287 }
288 catch
289 {
290 return false;
291 }
292 }
293
294
295 private int GenerateBlogID()
296 {
297 Random r = new Random();
298 int id;
299 do
300 {
301 id = r.Next();
302
303 } while (BlogIDExists(id));
304 return id;
305 }
306
307
308 private int GenerateCommentID()
309 {
310 Random r = new Random();
311 int id;
312 do
313 {
314 id = r.Next();
315
316 } while (CommentIDExists(id));
317 return id;
318 }
319
320
321 [WebMethod(Description="Returns true if the specified user has a blog with the " +
322 "specified id. Returns false otherwise.")]
323 public bool BlogIDMatchesUser(string userID, int blogID)
324 {
325 if (userID.Length >= 16)
326 {
327 return false;
328 }
329 userID = ReplaceChars(userID);
330
331 try
332 {
333 userID = userID.Trim();
334 if (userID == "")
335 {
336 return false;
337 }
338
339 string querystring = "select UserID from Blogs where BlogID = " + blogID.ToString();
340 BlinkySQL.Open();
341 System.Data.SqlClient.SqlCommand c =
342 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
343 string user = (string) c.ExecuteScalar();
344 BlinkySQL.Close();
345
346 if (user == null)
347 {
348 return false;
349 }
350
351 user = user.Trim();
352 if (user.Equals(userID))
353 {
354 return true;
355 }
356 }
357 catch
358 {
359
360 }
361 return false;
362 }
363
364
365 [WebMethod(Description="Returns max length of a page.")]
366 public int GetPageLength()
367 {
368 return 2048;
369 }
370
371
372 [WebMethod(Description="Returns max length of a title.")]
373 public int GetTitleLength()
374 {
375 return 256;
376 }
377
378
379 [WebMethod(Description="Returns max length of a comment.")]
380 public int GetCommentLength()
381 {
382 return 2048;
383 }
384
385
386 [WebMethod(Description="If the userID and password match, it writes the " +
387 "title/blog to the database. Returns the blogID if the action succeeds. " +
388 "Returns -1 if anything fails.")]
389 public int PostBlog(string userID, string password, string title, string body)
390 {
391 if ((userID.Length >= 16) || (title.Length >= 256) || (password.Length >= 16))
392 {
393 return -1;
394 }
395 userID = ReplaceChars(userID);
396 password = ReplaceChars(password);
397
398 try
399 {
400 if ((userID == null) || (password == null) || (title == null) || (body == null))
401 {
402 return -1;
403 }
404
405 title = title.Trim();
406 body = body.Trim();
407
408 if (title.Length > GetTitleLength())
409 {
410 return -1;
411 }
412
413 userID = userID.Trim();
414 password = password.Trim();
415 if ((userID == "") || (password == ""))
416 {
417 return -1;
418 }
419
420 if (PasswordOK(userID, password))
421 {
422 int pageLength = GetPageLength();
423
424 body = body.Replace("'", "''");
425 title = title.Replace("'", "''");
426
427 int nPages =
428 (int) Math.Ceiling( ((double) body.Length) / ((double) pageLength));
429 string[] pages = new string[nPages];
430 for (int i = 0; i < nPages; i++)
431 {
432 int startIndex = i * pageLength;
433 int len = Math.Min(pageLength, body.Length - startIndex);
434 pages[i] = body.Substring(startIndex, len);
435 }
436
437 int id = GenerateBlogID();
438 DateTime blogDate = DateTime.Now;
439
440 BlinkySQL.Open();
441
442 string columns = "(UserID, BlogID, DatePosted, BlogTitle, BlogBody)";
443 string table = "Blogs";
444 string insertstring = GetInsertString(userID, id, blogDate, title, pages[0]);
445 string querystring = "insert into " + table + " " + columns +
446 " values " + insertstring;
447 System.Data.SqlClient.SqlCommand c =
448 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
449 c.ExecuteNonQuery();
450
451 columns = "(BlogID, PageNumber, PageBody)";
452 table = "BlogPages";
453 for (int i = 1; i < nPages; i++)
454 {
455 insertstring = GetInsertString(id, i, pages[i]);
456 querystring = "insert into " + table + " " + columns +
457 " values " + insertstring;
458 c = new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
459 c.ExecuteNonQuery();
460 }
461
462 BlinkySQL.Close();
463 return id;
464 }
465 }
466 catch
467 {
468
469 }
470 return -1;
471 } // end PostBlog
472
473
474 [WebMethod(Description="If the userID and password match, it writes " +
475 "the comment with body to the blog with id blogID. Returns " +
476 "the commentID if the action succeeds. Returns -1 if anything fails.")]
477 public int PostBlogComment(string userID, string password, int blogID, string body)
478 {
479 if ((userID.Length >= 16) || (body.Length >= 2048) || (password.Length >= 16))
480 {
481 return -1;
482 }
483 userID = ReplaceChars(userID);
484 password = ReplaceChars(password);
485 try
486 {
487 if ((userID == null) || (password == null) || (body == null))
488 {
489 return -1;
490 }
491
492 body = body.Trim();
493
494 if (body.Length > GetCommentLength())
495 {
496 return -1;
497 }
498
499 userID = userID.Trim();
500 password = password.Trim();
501 if ((userID == "") || (password == ""))
502 {
503 return -1;
504 }
505
506 if (!BlogIDExists(blogID))
507 {
508 return -1;
509 }
510
511 if (PasswordOK(userID, password))
512 {
513 body = body.Replace("'", "''");
514 int id = GenerateCommentID();
515
516 DateTime commentDate = DateTime.Now;
517
518 BlinkySQL.Open();
519
520 string columns =
521 "(OrgBlogID, CommentID, CommentDate, CommentUserID, CommentBody)";
522 string table = "BlogComments";
523 string insertstring = GetInsertString(blogID, id, commentDate, userID, body);
524
525 string querystring = "insert into " + table + " " + columns +
526 " values " + insertstring;
527 System.Data.SqlClient.SqlCommand c =
528 new System.Data.SqlClient.SqlCommand(querystring, BlinkySQL);
529 c.ExecuteNonQuery();
530
531 BlinkySQL.Close();
532 return id;
533 }
534 }
535 catch
536 {
537
538 }
539
540 return -1;
541 } // end PostBlogComment
542
543
544 private string GetInsertString(object a)
545 {
546 string start = "('";
547 string end = "')";
548 return start + a.ToString() + end;
549 }
550
551
552 private void BlinkySQL_InfoMessage_1(object sender,
553 System.Data.SqlClient.SqlInfoMessageEventArgs e)
554 {
555
556 }
557
558
559 private void BlinkySQL_InfoMessage(object sender,
560 System.Data.SqlClient.SqlInfoMessageEventArgs e)
561 {
562
563 }
564
565
566 private string GetInsertString(object a, object b)
567 {
568 string start = "('";
569 string middle = "', '";
570 string end = "')";
571 return start + a.ToString() + middle + b.ToString() + end;
572 }
573
574
575 private string GetInsertString(object a, object b, object c)
576 {
577 string start = "('";
578 string middle = "', '";
579 string end = "')";
580 return start + a.ToString() + middle + b.ToString() +
581 middle + c.ToString() + end;
582 }
583
584
585 private string GetInsertString(object a, object b, object c, object d)
586 {
587 string start = "('";
588 string middle = "', '";
589 string end = "')";
590 return start + a.ToString() + middle + b.ToString() +
591 middle + c.ToString() + middle + d.ToString() + end;
592 }
593
594
595 private string GetInsertString(object a, object b, object c, object d, object e)
596 {
597 string start = "('";
598 string middle = "', '";
599 string end = "')";
600 return start + a.ToString() + middle + b.ToString() +
601 middle + c.ToString() + middle + d.ToString() + middle + e.ToString() + end;
602 }
603
604
605 } // end class