public ActionResult CreateUser([Bind(Exclude = "uniqueUserId")] UserInfo ui)
{
SetRolesForViewBag();
SetTypeOfActionWithRequestForm("Create");
if (!ModelState.IsValid) //Checks if input fields have the correct format
{
return(View(ui)); //Returns the view with the input values so that the user doesn't have to retype again
}
else
{
try
{
string decryptedPassword = CustomEncrypt.Encrypt(ui.userPwd);
if (CheckIfSuchUserAlreadyExistsInDatabase(ui.userId, false) == true)
{
ModelState.AddModelError("userId", "Username must be unique");
return(View(ui));
}
else
{
string uniqueEightDigitNumber = GenerateUniqueValues.ReturnUniqueEightDigitNumber();
string connectionStringCommon = CommonManager.ReturnNeededConnectionStringForCommonDatabase();
string sqlToCreateUser = @"INSERT INTO tblUser (userId, userPwd, userEmployer, userUniqueDatabaseId, ifRemoved) VALUES
(@userId, @userPwd, @userEmployer, @userUniqueDatabaseId, @ifRemoved)";
using (SqlConnection conn = new SqlConnection(connectionStringCommon))
{
conn.Open();
SqlCommand cmdToCreateUser = new SqlCommand(sqlToCreateUser, conn);
cmdToCreateUser.Parameters.AddWithValue("@userId", ui.userId);
cmdToCreateUser.Parameters.AddWithValue("@userPwd", decryptedPassword);
cmdToCreateUser.Parameters.AddWithValue("@userEmployer", GetCurrentClaimValues.GetCurrentUserEmployer());
cmdToCreateUser.Parameters.AddWithValue("@userUniqueDatabaseId", uniqueEightDigitNumber);
cmdToCreateUser.Parameters.AddWithValue("@ifRemoved", 0);
cmdToCreateUser.ExecuteNonQuery();
}
string connectionStringHotel = CommonManager.ReturnNeededConnectionStringForHotel();
string sqlToCreateInfoAboutUser = @"INSERT INTO tblUserInformation (userFullName, userType,
userId, userUniqueDatabaseId, userEmail, userPhoneNumber, ifRemoved) VALUES
(@userFullName, @userType, @userId, @userUniqueDatabaseId, @userEmail, @userPhoneNumber, @ifRemoved)";
using (SqlConnection conn = new SqlConnection(connectionStringHotel))
{
conn.Open();
SqlCommand cmdToCreateMainUser = new SqlCommand(sqlToCreateInfoAboutUser, conn);
cmdToCreateMainUser.Parameters.AddWithValue("@userId", ui.userId);
cmdToCreateMainUser.Parameters.AddWithValue("@userFullName", ui.userFullName);
cmdToCreateMainUser.Parameters.AddWithValue("@userType", ui.userType);
cmdToCreateMainUser.Parameters.AddWithValue("@userUniqueDatabaseId", uniqueEightDigitNumber);
cmdToCreateMainUser.Parameters.AddWithValue("@userEmail", ui.userEmail);
cmdToCreateMainUser.Parameters.AddWithValue("@userPhoneNumber", ui.userPhoneNumber);
cmdToCreateMainUser.Parameters.AddWithValue("@ifRemoved", 0);
cmdToCreateMainUser.ExecuteNonQuery();
if (ui.userType == "Driver")
{
string sqlDriverAvailability = @"INSERT INTO tblDriverAvailability VALUES
(@driverUniqueId, @driverAvailability)";
SqlCommand cmdToCreateDriverAvailability = new SqlCommand(sqlDriverAvailability, conn);
cmdToCreateDriverAvailability.Parameters.AddWithValue("@driverUniqueId", uniqueEightDigitNumber);
cmdToCreateDriverAvailability.Parameters.AddWithValue("@driverAvailability", true);
cmdToCreateDriverAvailability.ExecuteNonQuery();
}
}
return(RedirectToAction("Index"));
}
}
catch (Exception ex)
{
//Console.WriteLine(ex);
return(HttpNotFound("Something went wrong. Please, contact the administration"));
}
}
}
public static string ReturnNeededConnectionStringForHotel()
{
return(ConfigurationManager.ConnectionStrings[CommonPaths.RerurnConnectionString() + GetCurrentClaimValues.GetCurrentUserEmployer()].ConnectionString);
}