Beispiel #1
0
        public ActionResult Create([Bind(Include = "Username,Employee_ID,Email,Full_Name,Password,Confirm_Password,Join_Date,Position,Team,Security_Phrase,Status")] EmployeeCreateViewModel employee_view)
        {
            if (ModelState.IsValid)
            {
                Employee employee = EmployeeViewModel.CreateViewToEmployee(employee_view);
                if (db.Employees.Find(employee.Employee_ID) != null)
                {
                    ModelState.AddModelError(string.Empty, "Employee ID existed in Database");
                }

                if (db.Employees.Where(x => x.Username.Equals(employee.Username)).Count() != 0)
                {
                    ModelState.AddModelError(string.Empty, "Username existed");
                }
                else
                {
                    employee.Password = Hashing.HashPassword(employee.Password);
                    db.Employees.Add(employee);
                    db.SaveChanges();
                    return(RedirectToAction("Index"));
                }
            }

            ViewBag.Position = new SelectList(db.Positions, "Position_ID", "Name", employee_view.Position);
            ViewBag.Status   = new SelectList(db.Status, "Status_ID", "Name", employee_view.Status);
            ViewBag.Team     = new SelectList(db.Teams, "Team_ID", "Name", employee_view.Team);
            return(View(employee_view));
        }
Beispiel #2
0
        public ActionResult Create([Bind(Include = "Id,Category1,Description,Active,CreateDateTime,UpdateDateTime")] Category category)
        {
            if (ModelState.IsValid)
            {
                db.Categories.Add(category);
                db.SaveChanges();
                return(RedirectToAction("Index"));
            }

            return(View(category));
        }
Beispiel #3
0
        public ActionResult Create([Bind(Include = "Id,Description,ImagURL,ProductId,Active,CreateDateTime,UpdateDateTime")] ProductImage productImage)
        {
            if (ModelState.IsValid)
            {
                db.ProductImages.Add(productImage);
                db.SaveChanges();
                return RedirectToAction("Index");
            }

            ViewBag.ProductId = new SelectList(db.Products, "Id", "Description", productImage.ProductId);
            return View(productImage);
        }
Beispiel #4
0
        public ActionResult Create([Bind(Include = "Id,Description,Model,Price,Keywords,CategoryId,Active,CreateDateTime,UpdateDateTime")] Product product)
        {
            if (ModelState.IsValid)
            {
                db.Products.Add(product);
                db.SaveChanges();
                return(RedirectToAction("Index"));
            }

            ViewBag.CategoryId = new SelectList(db.Categories, "Id", "Category1", product.CategoryId);
            return(View(product));
        }
Beispiel #5
0
        public ActionResult ValidateUser([Bind(Include = "username,password")] EmployeeLoginViewModel emp_login_view)
        {
            if (ModelState.IsValid)
            {
                string username = emp_login_view.Username;
                string password = emp_login_view.Password;

                Employee employee_logon = db.Employees.Where(emp => emp.Username.ToLower().Equals(username.ToLower())).FirstOrDefault();

                string ipv4    = GetIp();
                Log    new_log = new Log {
                    Attempt_Time = DateTime.Now,
                    Ipv4         = ipv4,
                };

                if (db.Ipv4Blacklist.Any(r => r.Ipv4.Equals(ipv4)))
                {
                    return(Json(new { EnableError = true, ErrorTitle = "Error", ErrorMsg = "Blacklisted IP Address. Please contact system admin." }));
                }

                // Check if valid username
                if (employee_logon != null)
                {
                    // Check if the user is suspended
                    if (employee_logon.Status == 3 || employee_logon.Status == 2)
                    {
                        new_log.successful  = false;
                        new_log.Employee_ID = employee_logon.Employee_ID;
                        db.Logs.Add(new_log);
                        db.SaveChanges();

                        string error_msg = "Your account has been suspended or disabled. Please contact admin";
                        return(Json(new { EnableError = true, ErrorTitle = "Error", ErrorMsg = error_msg }));
                    }
                    // Check if the password is correct
                    else if (Hashing.ValidatePassword(password, employee_logon.Password))
                    {
                        new_log.successful  = true;
                        new_log.Employee_ID = employee_logon.Employee_ID;
                        db.Logs.Add(new_log);
                        db.SaveChanges();

                        HttpApplicationStateBase app_state = HttpContext.Application;

                        FormsAuthentication.SetAuthCookie(new_log.Employee_ID.ToString(), false);
                        // Create a new logon session
                        Session["logon"] = new_log;

                        app_state.Lock();
                        // If the username didnt logon in before
                        if (app_state[new_log.Employee_ID.ToString()] == null)
                        {
                            app_state.Add(new_log.Employee_ID.ToString(), Session.SessionID);
                        }
                        // If the username is logged in and have active session
                        else
                        {
                            string sess_ID = app_state[new_log.Employee_ID.ToString()] as string;
                            if (!sess_ID.Equals(Session.SessionID))
                            {
                                app_state[new_log.Employee_ID.ToString()] = Session.SessionID;
                            }
                        }
                        app_state.UnLock();

                        return(Json(new { EnableSuccess = true, RedirectUrl = "/Employees" }));
                    }
                    // if user is suspended or password is incorrect
                    else
                    {
                        new_log.successful  = false;
                        new_log.Employee_ID = employee_logon.Employee_ID;
                        db.Logs.Add(new_log);
                        db.SaveChanges();
                    }
                }

                // if username is invalid
                else
                {
                    new_log.successful = false;
                    db.Logs.Add(new_log);
                    db.SaveChanges();
                }
            }

            return(Json(new { EnableError = true, ErrorTitle = "Error", ErrorMsg = "Invalid username or password" }));
        }
Beispiel #6
0
 public void Save()
 {
     _context.SaveChanges();
 }