Ejemplo n.º 1
0
        // Retrieve data from user input
        public ActionResult Registration(UserModels user)
        {
            if (ModelState.IsValid) // Check for valid ModelState
            {
                try
                {
                    GDbContext db = new GDbContext();                                                 // Establish connection to the database
                    user.USER_PASSWORD_SALT = GenerateSalt();                                         // Generate password salt
                    user.USER_PASSWORD      = Hash(Encoding.ASCII.GetBytes(user.USER_PASSWORD),
                                                   Encoding.ASCII.GetBytes(user.USER_PASSWORD_SALT)); // Hash password with password salt

                    db.User.Add(user);                                                                // Add user to the datebase
                    db.SaveChanges();                                                                 // Save changes to the database
                    return(RedirectToAction("Login"));                                                // Redirect to login page
                } catch (Exception)                                                                   // Catch unique constraint violation for email
                {
                    user.USER_PASSWORD = string.Empty;                                                // Clear password
                    ModelState.AddModelError(string.Empty, "This email is already in use.");
                    return(View(user));
                }
            }
            else
            {
                return(View(user));
            }
        }
        // Hotels

        // View Hotels in the database
        public ActionResult HotelList()
        {
            List <Hotels> hotels = new List <Hotels>(); // Holds hotels

            GDbContext db = new GDbContext();           // Establish connection to database

            hotels = db.Hotel.ToList();                 // Retrieve hotels from database

            return(View(hotels));                       // Send hotels in a list view
        }
        // View users in the database
        public ActionResult UserList()
        {
            List <UserModels> users = new List <UserModels>(); // Holds users

            GDbContext db = new GDbContext();                  // Establish connection to database

            users = db.User.ToList();                          // Retrieve users from database

            return(View(users));                               // Send users in a list view
        }
        public ActionResult HotelDetails(int id)
        {
            GDbContext db = new GDbContext(); // Establish connection to database

            // Retrieve hotel from database
            Hotels hotel = db.Hotel.SingleOrDefault(h => h.HOTEL_ID == id) as Hotels;

            if (hotel == null) // Return error if hotel isn't found
            {
                return(HttpNotFound());
            }
            return(View(hotel)); // Send hotel in a detail view
        }
        // Inquite specific user
        public ActionResult UserDetails(int id)
        {
            GDbContext db = new GDbContext(); // Establish connection to database

            // Retrieve user from database
            UserModels user = db.User.SingleOrDefault(u => u.USER_ID == id) as UserModels;

            if (user == null) // Return error if user isn't found
            {
                return(HttpNotFound());
            }
            return(View(user)); // Send user in a detail view
        }
        public ActionResult UserDelete(int id)
        {
            GDbContext db = new GDbContext(); // Establish connection to database

            // Retrieve user from database
            UserModels user = db.User.SingleOrDefault(u => u.USER_ID == id) as UserModels;

            if (user == null) // Return error if user isn't found
            {
                return(HttpNotFound());
            }

            if (ModelState.IsValid)                   // Check for valid ModelState
            {
                user.DELETE_STAT = !user.DELETE_STAT; // Soft delete or undelete based on current status
                db.SaveChanges();                     // Save changes to datebase

                return(RedirectToAction("UserList")); // Return updated user list page
            }

            return(View(user)); // Returns view, should not occur
        }
        public ActionResult HotelDelete(int id)
        {
            GDbContext db = new GDbContext(); // Establish connection to database

            // Retrieve hotel from database
            Hotels hotel = db.Hotel.SingleOrDefault(h => h.HOTEL_ID == id) as Hotels;

            if (hotel == null) // Return error if hotel isn't found
            {
                return(HttpNotFound());
            }

            if (ModelState.IsValid)                     // Check for valid ModelState
            {
                hotel.DELETE_STAT = !hotel.DELETE_STAT; // Soft delete or undelete based on current status
                db.SaveChanges();                       // Save changes to datebase

                return(RedirectToAction("HotelList"));  // Return to hotel list
            }

            return(View(hotel)); // Returns view, should not occur
        }
Ejemplo n.º 8
0
        // Retrieve data from user input
        public ActionResult Login(UserModels login)
        {
            if (login.USER_EMAIL == null || login.USER_PASSWORD == null)
            {
                ModelState.AddModelError(string.Empty, "missing username and/or password");
                return(View(login));
            }

            if (!new EmailAddressAttribute().IsValid(login.USER_EMAIL))
            {
                ModelState.AddModelError(string.Empty, "invalid e-mail address");
                return(View(login));
            }

            GDbContext db   = new GDbContext();
            UserModels user = db.User.SingleOrDefault(u => u.USER_EMAIL == login.USER_EMAIL) as UserModels;

            if (user == null) // User doesn't exist
            {
                ModelState.AddModelError(string.Empty, "User/password combination does not exist.");
                login.USER_PASSWORD = string.Empty; // Clear password
                return(View(login));
            }

            if (user != null) // If user exists
            {
                login.USER_PASSWORD = Hash(Encoding.ASCII.GetBytes(login.USER_PASSWORD),
                                           Encoding.ASCII.GetBytes(user.USER_PASSWORD_SALT)); // Hash user input for password comparison
            }

            // Compare user input to users in the database
            if (login.USER_EMAIL.Equals(user.USER_EMAIL) &&     // Matching user email and password
                login.USER_PASSWORD.Equals(user.USER_PASSWORD)) // was found in the database
            {
                if (user.DELETE_STAT == true)
                {
                    ModelState.AddModelError(string.Empty, "This account has been disabled.");
                    login.USER_PASSWORD = string.Empty; // Clear password
                    return(View(login));
                }

                if (user.ADMIN_CONTROLS == true)                                                 // Admin role
                {
                    string roles = "Admin";                                                      // Administrator
                    FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
                        2,                                                                       // Version
                        login.USER_EMAIL,                                                        // User email
                        DateTime.Now,                                                            // Time issued
                        DateTime.Now.AddMinutes(120),                                            // Expire time
                        false,                                                                   // Do not remember cookie
                        roles,                                                                   // Role(s)
                        "/");                                                                    // Cookie path
                    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
                                                       FormsAuthentication.Encrypt(authTicket)); // Set cookie
                    Response.Cookies.Add(cookie);                                                // Add cookie
                    return(Redirect("/Admin/"));                                                 // Redirect to admin page
                }
                else // User role
                {
                    string roles = "User";                                                       // User
                    FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
                        2,                                                                       // Version
                        login.USER_EMAIL,                                                        // User email
                        DateTime.Now,                                                            // Time issued
                        DateTime.Now.AddMinutes(120),                                            // Expire time
                        false,                                                                   // Do not remember cookie
                        roles,                                                                   // Role(s)
                        "/");                                                                    // Cookie path
                    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
                                                       FormsAuthentication.Encrypt(authTicket)); // Set cookie
                    Response.Cookies.Add(cookie);                                                // Add cookie
                }

                return(Redirect("/"));
            }

            else
            {
                ModelState.AddModelError(string.Empty, "User/password combination does not exist.");
                login.USER_PASSWORD = string.Empty; // Clear password
                return(View(login));
            }
        }