QkoSad
76 lines
2.2 KiB
C#
76 lines
2.2 KiB
C#
using System.Net;
|
|
using MySql.Data.MySqlClient;
|
|
|
|
namespace Server;
|
|
|
|
public class CreateExperience : SecuredRoute
|
|
{
|
|
public static void HandleRequest(HttpListenerRequest request, HttpListenerResponse response)
|
|
{
|
|
try
|
|
{
|
|
List<string> bodyParamNames =
|
|
[
|
|
"job",
|
|
"company",
|
|
"location",
|
|
"from_date",
|
|
"to_date",
|
|
"description",
|
|
];
|
|
string user_id = ExtractUserId(request);
|
|
var bodyParamValues = ExtractBody(request, bodyParamNames);
|
|
ValidateParams(bodyParamValues);
|
|
|
|
bodyParamNames.Add("user_id");
|
|
bodyParamValues["user_id"] = user_id;
|
|
|
|
MySqlCommand cmd = new(CreateInsertQuery("experience", bodyParamNames));
|
|
|
|
cmd = AddValuesToCmd(bodyParamValues, cmd);
|
|
|
|
using MySqlConnection conn = new(connectionString);
|
|
conn.Open();
|
|
cmd.Connection = conn;
|
|
cmd.ExecuteNonQuery();
|
|
|
|
SendSuccess(response);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
SendError(response, ex);
|
|
}
|
|
}
|
|
|
|
private static void ValidateParams(Dictionary<string, string> paramsToValidate)
|
|
{
|
|
string format = "yyyy-MM-dd";
|
|
if (
|
|
paramsToValidate["job"].Length > 70
|
|
|| string.IsNullOrEmpty(paramsToValidate["job"])
|
|
|| paramsToValidate["company"].Length > 120
|
|
|| string.IsNullOrEmpty(paramsToValidate["company"])
|
|
|| paramsToValidate["location"].Length > 100
|
|
|| string.IsNullOrEmpty(paramsToValidate["location"])
|
|
|| !DateTime.TryParseExact(
|
|
paramsToValidate["from_date"],
|
|
format,
|
|
null,
|
|
System.Globalization.DateTimeStyles.None,
|
|
out _
|
|
)
|
|
|| !DateTime.TryParseExact(
|
|
paramsToValidate["to_date"],
|
|
format,
|
|
null,
|
|
System.Globalization.DateTimeStyles.None,
|
|
out _
|
|
)
|
|
|| paramsToValidate["description"].Length > 1000
|
|
)
|
|
{
|
|
throw new Exception("Wrong parameters");
|
|
}
|
|
}
|
|
}
|