public ActionResult Delete_staff(int?id)
{
list_staff f = new list_staff();
SqlConnection con = conD.getConnection();
if (con.State == System.Data.ConnectionState.Open)
{
SqlDataAdapter sda1 = new SqlDataAdapter("Select * From Staff", con);
DataTable TT = new DataTable();
sda1.Fill(TT);
foreach (DataRow dr in TT.Rows) // dt is a DataTable
{
if (id == Convert.ToInt32(dr["Id"]))
{
string q = "Delete From Staff where Staff.Id='" + id + "'";
SqlCommand cmd = new SqlCommand(q, con);
cmd.ExecuteNonQuery();
}
}
SqlDataAdapter sda11 = new SqlDataAdapter("Select * From Staff", con);
DataTable TT1 = new DataTable();
sda11.Fill(TT1);
con.Close();
foreach (DataRow dr in TT1.Rows) // dt is a DataTable
{
f.list.Add(new Addstaff {
Id = Convert.ToInt32(dr["Id"]), Username = dr["Username"].ToString(), Email = dr["Email"].ToString(), Contact = dr["Contact"].ToString(), Address = dr["Address"].ToString()
});
}
}
return(RedirectToAction("Addstaff"));
}
public ActionResult Addstaff()
{
list_staff f = new list_staff();
SqlConnection con = conD.getConnection();
if (con.State == System.Data.ConnectionState.Open)
{
SqlDataAdapter sda1 = new SqlDataAdapter("Select * From Staff", con);
DataTable TT = new DataTable();
sda1.Fill(TT);
foreach (DataRow dr in TT.Rows) // dt is a DataTable
{
f.list.Add(new Addstaff {
Id = Convert.ToInt32(dr["Id"]), Username = dr["Username"].ToString(), Email = dr["Email"].ToString(), Contact = dr["Contact"].ToString(), Address = dr["Address"].ToString()
});
}
con.Close();
return(View(f));
}
else
{
return(View());
}
}
//httppost for edit
public ActionResult Edit_staff(int?id, list_staff s)
{
SqlConnection con = conD.getConnection();
if (con.State == System.Data.ConnectionState.Open)
{
string q = "UPDATE [Staff] SET Staff.Username='******',Staff.Email='" + s.staff.Email.ToString() + "',Staff.Contact='" + s.staff.Contact.ToString() + "',Staff.Address='" + s.staff.Address.ToString() + "' where Staff.Id='" + Convert.ToInt32(s.staff.Id) + "'";
SqlCommand cmd = new SqlCommand(q, con);
cmd.ExecuteNonQuery();
con.Close();
return(RedirectToAction("Addstaff"));
}
return(View());
}
public ActionResult Addstaff(list_staff s)
{
ViewBag.Errormessage = "";
SqlConnection con = conD.getConnection();
if (con.State == System.Data.ConnectionState.Open)
{
try {
SqlDataAdapter sda1 = new SqlDataAdapter("Select * From Staff", con);
DataTable TT = new DataTable();
sda1.Fill(TT);
foreach (DataRow dr in TT.Rows) // dt is a DataTable
{
s.list.Add(new Addstaff {
Id = Convert.ToInt32(dr["Id"]), Username = dr["Username"].ToString(), Email = dr["Email"].ToString(), Contact = dr["Contact"].ToString(), Address = dr["Address"].ToString()
});
}
foreach (DataRow dr in TT.Rows) // dt is a DataTable
{
if (dr["Email"].ToString() == s.staff.Email)
{
ViewBag.Error = "->>Email already Exists ";
return(View("Addstaff", s));
}
}
string q = "Insert INTO [Staff] VALUES('" + s.staff.Username.ToString() + "','" + s.staff.Email.ToString() + "','" + s.staff.Contact.ToString() + "','" + s.staff.Address.ToString() + "')";
SqlCommand cmd = new SqlCommand(q, con);
cmd.ExecuteNonQuery();
con.Close();
///////////////////Staff Login Account Functionality/////////////////
string random = GetRandomString(5);
SmtpClient client = new SmtpClient("smtp.gmail.com", 587);
client.EnableSsl = true;
client.DeliveryMethod = SmtpDeliveryMethod.Network;
client.UseDefaultCredentials = false;
client.Credentials = new NetworkCredential("*****@*****.**", "risingPearls471912");
MailMessage msg = new MailMessage();
msg.To.Add(s.staff.Email);
msg.From = new MailAddress("*****@*****.**");
msg.Subject = "Staff Added by Admin";
msg.Body = "Your Username is :" + s.staff.Username + "password is : " + random;
client.Send(msg);
string loginQuery = "select max(Id) from Staff";
int staffId = DataBaseConnection.getInstance().executeScalar(loginQuery);
string query = string.Format("insert into Login(Id,Username,Email,Password,Role) values('{0}','{1}','{2}','{3}','{4}')", staffId, s.staff.Username, s.staff.Email, random, "Staff");
DataBaseConnection.getInstance().executeQuery(query);
////////////////////////////////////////////////////////////////////////
return(RedirectToAction("Addstaff"));
}
catch
{
return(View(s));
}
}
return(View());
}
