c#程式碼:
using MySql.Data.MySqlClient; using System.Data; using Newtonsoft.Json; using System.Security.Cryptography; using System.Text; int pagesize = 20; string secretKey = "saacac3423@21212"; var builder = WebApplication.CreateSlimBuilder(args); var app = builder.Build(); app.UseHttpsRedirection(); app.Use((context, next) => { context.Response.Headers.Add("Server", "c#-webframework"); return next(context); }); app.MapGet("/", () => { string retstr = "此站介面使用c#實現,<a href='api.html' target='_blank'>介面列表</a>"; return Results.Text(retstr); }); app.MapGet("/user/register", (string username, string password, string nickname) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select id,username,nickname,addTime,sessionId from user where username='" + username + "'"; cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); Dictionary<string, string> userinfo1 = new Dictionary<string, string>(); if (reader.Read()) { userinfo1.Add("id", reader.GetInt32("id").ToString()); userinfo1.Add("username", reader.GetString("username")); userinfo1.Add("nickname", reader.GetString("nickname")); userinfo1.Add("addTime", reader.GetDateTime("addTime").ToString("yyyy-MM-dd HH:mm:ss")); userinfo1.Add("sessionId", reader.GetString("sessionId")); } reader.Close(); RetinfoSp retinfo1 = new RetinfoSp(); if (userinfo1.ContainsKey("id") && String.Compare(userinfo1["id"], "") != 0) { retinfo1.code = 1; retinfo1.msg = "使用者名稱已經存在"; retinfo1.data = ""; } else { string passwordMd5 = string.Join("", MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(password)).Select(m => m.ToString("X2"))); string sql2 = "insert into user(username, password, nickname) value('"+username+"', '"+ passwordMd5 + "', '"+nickname+"')"; cmd = new MySqlCommand(sql2, conn); cmd.ExecuteNonQuery(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = cmd.LastInsertedId.ToString(); } conn.Clone(); string json = JsonConvert.SerializeObject(retinfo1); return Results.Text(json); }); app.MapGet("/user/login", (string username, string password) => { string passwordMd5 = string.Join("", MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(password)).Select(m => m.ToString("X2"))); string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select id,username,nickname,addTime,sessionId from user where username='" + username + "' and password='"+ passwordMd5 + "'"; cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); Dictionary<string, string> userinfo1 = new Dictionary<string, string>(); if (reader.Read()) { userinfo1.Add("id", reader.GetInt32("id").ToString()); userinfo1.Add("username", reader.GetString("username")); userinfo1.Add("nickname", reader.GetString("nickname")); userinfo1.Add("addTime", reader.GetDateTime("addTime").ToString("yyyy-MM-dd HH:mm:ss")); userinfo1.Add("sessionId", reader.GetString("sessionId")); } reader.Close(); Retinfo retinfo1 = new Retinfo(); if (!userinfo1.ContainsKey("id") || String.Compare(userinfo1["id"], "") == 0) { retinfo1.code = 1; retinfo1.msg = "使用者名稱或者密碼錯誤"; retinfo1.data = userinfo1; } else { string tmpSessionId = string.Join("", MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(secretKey + userinfo1["id"] + userinfo1["addTime"])).Select(m => m.ToString("X2"))); string sql2 = "update user set sessionId='" + tmpSessionId + "' where id='" + userinfo1["id"] + "'"; cmd = new MySqlCommand(sql2, conn); cmd.ExecuteNonQuery(); userinfo1["sessionId"] = tmpSessionId; retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = userinfo1; } conn.Clone(); string json = JsonConvert.SerializeObject(retinfo1); return Results.Text(json); }); app.MapGet("/user/logout", (string sessionId) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select id,username,nickname,addTime,sessionId from user where sessionId='" + sessionId + "'"; cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); Dictionary<string, string> userinfo1 = new Dictionary<string, string>(); if (reader.Read()) { userinfo1.Add("id", reader.GetInt32("id").ToString()); userinfo1.Add("username", reader.GetString("username")); userinfo1.Add("nickname", reader.GetString("nickname")); userinfo1.Add("addTime", reader.GetDateTime("addTime").ToString("yyyy-MM-dd HH:mm:ss")); userinfo1.Add("sessionId", reader.GetString("sessionId")); } reader.Close(); string sql2 = "update user set sessionId='' where sessionId='" + sessionId + "'"; cmd = new MySqlCommand(sql2, conn); cmd.ExecuteNonQuery(); Retinfo retinfo1 = new Retinfo(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = userinfo1; conn.Clone(); string json = JsonConvert.SerializeObject(retinfo1); return Results.Text(json); }); app.MapGet("/user/getuserinfo", (string sessionId) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select id,username,nickname,addTime,sessionId from user where sessionId='" + sessionId + "'"; cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); Dictionary<string, string> userinfo1 = new Dictionary<string, string>(); if (reader.Read()){ userinfo1.Add("id", reader.GetInt32("id").ToString()); userinfo1.Add("username", reader.GetString("username")); userinfo1.Add("nickname", reader.GetString("nickname")); userinfo1.Add("addTime", reader.GetDateTime("addTime").ToString("yyyy-MM-dd HH:mm:ss")); userinfo1.Add("sessionId", reader.GetString("sessionId")); } reader.Close(); Retinfo retinfo1 = new Retinfo(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = userinfo1; conn.Clone(); string json = JsonConvert.SerializeObject(retinfo1); return Results.Text(json); }); app.MapGet("/post/list", (string keyword = "", int page = 1) => { if (page <= 0) { page = 1; } int start = (page - 1) * pagesize; string addsql = " isDel=0 "; if (String.Compare(keyword, "") != 0) { addsql = " isDel=0 and title like '%" + keyword + "%' "; } string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select count(1) as count from content where " + addsql; cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); int count = 0; if (reader.Read()) { count = reader.GetInt32("count"); } reader.Close(); int totalpage = Convert.ToInt32(Math.Ceiling((double)count / (double)pagesize)); string sql2 = "select id,title,userId,userNickename,replyNum,updateTime from content where " + addsql + " order by updateTime desc limit " + start + "," + pagesize; cmd = new MySqlCommand(sql2, conn); reader = cmd.ExecuteReader(); List<Dictionary<string, string>> postlist = new List<Dictionary<string, string>>(); while (reader.Read()) { Dictionary<string, string> postitem = new Dictionary<string, string>(); postitem.Add("id", reader.GetInt32("id").ToString()); postitem.Add("title", reader.GetString("title")); postitem.Add("userId", reader.GetInt32("userId").ToString()); postitem.Add("userNickename", reader.GetString("userNickename")); postitem.Add("replyNum", reader.GetInt32("replyNum").ToString()); postitem.Add("updateTime", reader.GetDateTime("updateTime").ToString("yyyy-MM-dd HH:mm:ss")); postlist.Add(postitem); } reader.Close(); Listdata listdata1 = new Listdata(); listdata1.totalpage = totalpage; listdata1.data = postlist; Retlist retlist1 = new Retlist(); retlist1.code = 0; retlist1.msg = ""; retlist1.data = listdata1; conn.Clone(); string json = JsonConvert.SerializeObject(retlist1); return Results.Text(json); }); app.MapGet("/post/detail", (int id) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select id,title,content,userId,userNickename,replyNum,updateTime from content where isDel=0 and id="+ id.ToString(); cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); Dictionary<string, string> postinfo1 = new Dictionary<string, string>(); if (reader.Read()) { postinfo1.Add("id", reader.GetInt32("id").ToString()); postinfo1.Add("title", reader.GetString("title")); postinfo1.Add("content", reader.GetString("content")); postinfo1.Add("userId", reader.GetInt32("userId").ToString()); postinfo1.Add("userNickename", reader.GetString("userNickename")); postinfo1.Add("replyNum", reader.GetInt32("replyNum").ToString()); postinfo1.Add("updateTime", reader.GetDateTime("updateTime").ToString("yyyy-MM-dd HH:mm:ss")); } reader.Close(); Retinfo retinfo1 = new Retinfo(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = postinfo1; conn.Clone(); string json = JsonConvert.SerializeObject(retinfo1); return Results.Text(json); }); app.MapGet("/post/add", (string title, string content, string sessionId) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; Userinfo userinfo1 = new Userinfo(); Dictionary<string, string> userinfo2 = userinfo1.getloginuserinfo(sessionId); RetinfoSp retinfo1 = new RetinfoSp(); string json = ""; if (!userinfo2.ContainsKey("id") || String.Compare(userinfo2["id"], "") == 0) { retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = "請先登入"; json = JsonConvert.SerializeObject(retinfo1); } else { string sql1 = "insert into content(title, content, userId, userNickename) value('" + title + "', '" + content + "', " + userinfo2["id"] + ", '" + userinfo2["nickname"] + "')"; cmd = new MySqlCommand(sql1, conn); cmd.ExecuteNonQuery(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = cmd.LastInsertedId.ToString(); json = JsonConvert.SerializeObject(retinfo1); } conn.Clone(); return Results.Text(json); }); app.MapGet("/post/edit", (int id, string title, string content, string sessionId) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; Userinfo userinfo1 = new Userinfo(); Dictionary<string, string> userinfo2 = userinfo1.getloginuserinfo(sessionId); RetinfoSp retinfo1 = new RetinfoSp(); string json = ""; if (!userinfo2.ContainsKey("id") || String.Compare(userinfo2["id"], "") == 0) { retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = "請先登入"; json = JsonConvert.SerializeObject(retinfo1); } else { string sql1 = "update content set title='"+title+"',content='"+content+"',userId="+ userinfo2["id"].ToString() + ",userNickename='"+ userinfo2["nickname"] + "' where id="+ id.ToString()+ " and userId="+ userinfo2["id"].ToString(); cmd = new MySqlCommand(sql1, conn); cmd.ExecuteNonQuery(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = ""; json = JsonConvert.SerializeObject(retinfo1); } conn.Clone(); return Results.Text(json); }); app.MapGet("/post/delete", (int id, string sessionId) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; Userinfo userinfo1 = new Userinfo(); Dictionary<string, string> userinfo2 = userinfo1.getloginuserinfo(sessionId); RetinfoSp retinfo1 = new RetinfoSp(); string json = ""; if (!userinfo2.ContainsKey("id") || String.Compare(userinfo2["id"], "") == 0) { retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = "請先登入"; json = JsonConvert.SerializeObject(retinfo1); } else { string sql1 = "update content set isDel=1 where id=" + id.ToString() + " and userId=" + userinfo2["id"].ToString(); cmd = new MySqlCommand(sql1, conn); cmd.ExecuteNonQuery(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = ""; json = JsonConvert.SerializeObject(retinfo1); } conn.Clone(); return Results.Text(json); }); app.MapGet("/reply/list", (int contentId = 0, int page = 1) => { if (page <= 0) { page = 1; } int start = (page - 1) * pagesize; string addsql = " isDel=0 and contentId="+ contentId.ToString() + " "; string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select count(1) as count from reply where " + addsql; cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); int count = 0; if (reader.Read()) { count = reader.GetInt32("count"); } reader.Close(); int totalpage = Convert.ToInt32(Math.Ceiling((double)count / (double)pagesize)); string sql2 = "select id,content,replyUserId,replyUserNickename,addTime from reply where " + addsql + " order by id asc limit " + start + "," + pagesize; cmd = new MySqlCommand(sql2, conn); reader = cmd.ExecuteReader(); List<Dictionary<string, string>> postlist = new List<Dictionary<string, string>>(); while (reader.Read()) { Dictionary<string, string> postitem = new Dictionary<string, string>(); postitem.Add("id", reader.GetInt32("id").ToString()); postitem.Add("content", reader.GetString("content")); postitem.Add("replyUserId", reader.GetInt32("replyUserId").ToString()); postitem.Add("replyUserNickename", reader.GetString("replyUserNickename")); postitem.Add("addTime", reader.GetDateTime("addTime").ToString("yyyy-MM-dd HH:mm:ss")); postlist.Add(postitem); } reader.Close(); Listdata listdata1 = new Listdata(); listdata1.totalpage = totalpage; listdata1.data = postlist; Retlist retlist1 = new Retlist(); retlist1.code = 0; retlist1.msg = ""; retlist1.data = listdata1; conn.Clone(); string json = JsonConvert.SerializeObject(retlist1); return Results.Text(json); }); app.MapGet("/reply/detail", (int id) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select id,content,replyUserId,replyUserNickename,addTime from reply where isDel=0 and id=" + id.ToString(); cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); Dictionary<string, string> postinfo1 = new Dictionary<string, string>(); if (reader.Read()) { postinfo1.Add("id", reader.GetInt32("id").ToString()); postinfo1.Add("content", reader.GetString("content")); postinfo1.Add("replyUserId", reader.GetInt32("replyUserId").ToString()); postinfo1.Add("replyUserNickename", reader.GetString("replyUserNickename")); postinfo1.Add("addTime", reader.GetDateTime("addTime").ToString("yyyy-MM-dd HH:mm:ss")); } reader.Close(); Retinfo retinfo1 = new Retinfo(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = postinfo1; conn.Clone(); string json = JsonConvert.SerializeObject(retinfo1); return Results.Text(json); }); app.MapGet("/reply/add", (int contentId, string content, string sessionId) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; Userinfo userinfo1 = new Userinfo(); Dictionary<string, string> userinfo2 = userinfo1.getloginuserinfo(sessionId); RetinfoSp retinfo1 = new RetinfoSp(); string json = ""; if (!userinfo2.ContainsKey("id") || String.Compare(userinfo2["id"], "") == 0) { retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = "請先登入"; json = JsonConvert.SerializeObject(retinfo1); } else { string sql2 = "update content set replyNum=replyNum+1 where id="+contentId.ToString(); cmd = new MySqlCommand(sql2, conn); cmd.ExecuteNonQuery(); string sql1 = "insert into reply(contentId, content, replyUserId, replyUserNickename) value("+ contentId.ToString() + ", '"+ content + "', "+ userinfo2["id"] + ", '"+ userinfo2["nickname"] + "')"; cmd = new MySqlCommand(sql1, conn); cmd.ExecuteNonQuery(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = cmd.LastInsertedId.ToString(); json = JsonConvert.SerializeObject(retinfo1); } conn.Clone(); return Results.Text(json); }); app.MapGet("/reply/edit", (int id, string content, string sessionId) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; Userinfo userinfo1 = new Userinfo(); Dictionary<string, string> userinfo2 = userinfo1.getloginuserinfo(sessionId); RetinfoSp retinfo1 = new RetinfoSp(); string json = ""; if (!userinfo2.ContainsKey("id") || String.Compare(userinfo2["id"], "") == 0) { retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = "請先登入"; json = JsonConvert.SerializeObject(retinfo1); } else { string sql1 = "update reply set content='"+ content + "',replyUserId="+ userinfo2["id"] + ",replyUserNickename='"+ userinfo2["nickname"] + "' where id="+id.ToString()+" and replyUserId=" + userinfo2["id"]; cmd = new MySqlCommand(sql1, conn); cmd.ExecuteNonQuery(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = ""; json = JsonConvert.SerializeObject(retinfo1); } conn.Clone(); return Results.Text(json); }); app.MapGet("/reply/delete", (int id, string sessionId) => { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; Userinfo userinfo1 = new Userinfo(); Dictionary<string, string> userinfo2 = userinfo1.getloginuserinfo(sessionId); RetinfoSp retinfo1 = new RetinfoSp(); string json = ""; if (!userinfo2.ContainsKey("id") || String.Compare(userinfo2["id"], "") == 0) { retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = "請先登入"; json = JsonConvert.SerializeObject(retinfo1); } else { string sql3 = "select id,content,replyUserId,replyUserNickename,addTime,contentId from reply where isDel=0 and id=" + id.ToString(); cmd = new MySqlCommand(sql3, conn); reader = cmd.ExecuteReader(); Dictionary<string, string> postinfo1 = new Dictionary<string, string>(); if (reader.Read()) { postinfo1.Add("id", reader.GetInt32("id").ToString()); postinfo1.Add("content", reader.GetString("content")); postinfo1.Add("replyUserId", reader.GetInt32("replyUserId").ToString()); postinfo1.Add("replyUserNickename", reader.GetString("replyUserNickename")); postinfo1.Add("addTime", reader.GetDateTime("addTime").ToString("yyyy-MM-dd HH:mm:ss")); postinfo1.Add("contentId", reader.GetInt32("contentId").ToString()); } reader.Close(); if (postinfo1.ContainsKey("id") && String.Compare(postinfo1["id"], "") != 0) { string sql2 = "update content set replyNum=replyNum-1 where id=" + postinfo1["contentId"]; cmd = new MySqlCommand(sql2, conn); cmd.ExecuteNonQuery(); string sql1 = "update reply set isDel=1 where id=" + id.ToString() + " and replyUserId=" + userinfo2["id"]; cmd = new MySqlCommand(sql1, conn); cmd.ExecuteNonQuery(); retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = ""; json = JsonConvert.SerializeObject(retinfo1); } else { retinfo1.code = 0; retinfo1.msg = ""; retinfo1.data = "回覆不存在"; json = JsonConvert.SerializeObject(retinfo1); } } conn.Clone(); return Results.Text(json); }); app.Urls.Add("http://localhost:2086"); app.Urls.Add("http://localhost:1086"); app.Run(); public struct Listdata { public int totalpage; public List<Dictionary<string, string>> data; }; public struct Retlist { public int code; public string msg; public Listdata data; }; public struct Retinfo { public int code; public string msg; public Dictionary<string, string> data; }; public struct RetinfoSp { public int code; public string msg; public string data; }; class Userinfo { public Dictionary<string, string> getloginuserinfo(string sessionId) { string mysqlcon = "server=127.0.0.1;database=my_bbs;user=root;password=123456"; MySqlConnection conn = new MySqlConnection(mysqlcon); conn.Open(); MySqlCommand cmd; MySqlDataReader reader; string sql1 = "select id,username,nickname,addTime,sessionId from user where sessionId='" + sessionId + "'"; cmd = new MySqlCommand(sql1, conn); reader = cmd.ExecuteReader(); Dictionary<string, string> userinfo1 = new Dictionary<string, string>(); if (reader.Read()) { userinfo1.Add("id", reader.GetInt32("id").ToString()); userinfo1.Add("username", reader.GetString("username")); userinfo1.Add("nickname", reader.GetString("nickname")); userinfo1.Add("addTime", reader.GetDateTime("addTime").ToString("yyyy-MM-dd HH:mm:ss")); userinfo1.Add("sessionId", reader.GetString("sessionId")); } reader.Close(); return userinfo1; } }
啟動畫面: