/// <summary>
/// Get a specific user by his\her username
/// </summary>
/// <param name="Username">Username to check for</param>
/// <returns></returns>
// GET: api/User/?Username=
public User Get(string Username)
{
User udtResult = new User();
User ResultUser = UserPersistence.GetUser(Username);
if (Request.Headers.Contains("Password"))
{
string Password = Request.Headers.GetValues("Password").First();
}
if (ResultUser != null)
{
udtResult.UserID = ResultUser.UserID;
udtResult.Username = ResultUser.Username;
udtResult.FirstName = ResultUser.FirstName;
udtResult.LastName = ResultUser.LastName;
udtResult.Email = ResultUser.Email;
udtResult.Password = ResultUser.Password;
}
else
{
/*To be Changed*/
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound));
}
return(ResultUser);
}
public static bool AuthenticateUser(Credential credential, HttpSessionStateBase httpSessionStateBase)
{
httpSessionStateBase["LoggedIn"] = false;//comment2
httpSessionStateBase["IsAdmin"] = false;
httpSessionStateBase["IsProvider"] = false;
User user = UserPersistence.GetUser(credential.UserId);
if (user == null)
{
System.Diagnostics.Debug.WriteLine("Nulllll user ");
return(false);
}
String pHash = EncryptionManager.EncodePassword(credential.Password, user.Salt);
System.Diagnostics.Debug.WriteLine("realOne: " + EncryptionManager.EncodePassword("sa", user.Salt));
System.Diagnostics.Debug.WriteLine("phash: " + pHash);
System.Diagnostics.Debug.WriteLine("user passsHash: " + user.PasswordHash);
if (pHash != user.PasswordHash)
{
return(false);
}
else
{
httpSessionStateBase["LoggedIn"] = true;
httpSessionStateBase["IsAdmin"] = user.IsAdmin;
httpSessionStateBase["IsProvider"] = user.IsProvider;
return(true);
}
}
public ActionResult AddComment(Comment comment, String sTitle)
{
System.Diagnostics.Debug.WriteLine("sesss" + Session["LoggedIn"]);
if (Session["LoggedIn"] == null || Session["LoggedIn"].Equals(false) || Session["LoggedIn"].ToString().Length == 0)
{
TempData["commentAdded"] = "Please Log in.";
return(View(comment));
}
comment.Writer = UserPersistence.GetUser(Session["userId"].ToString());
comment.CommentId = CommentPersistence.getMaxId() + 1;
System.Diagnostics.Debug.WriteLine("***" + sTitle);
comment.Service = ServicePersistence.GetService(sTitle);
bool?acceptible = false;
acceptible = CommentManager.AddNewComment(comment);
if ((acceptible != null))
{
if (acceptible == true)
{
TempData["commentAdded"] = "Comment is added successfully.";
return(RedirectToAction("Index", "Home"));
}
else
{
TempData["commenteAdded"] = "Comment could not be added.";
return(View(comment));
}
}
else
{
TempData["commentAdded"] = "Comment could not be added.";
return(View(comment));
}
}
public ActionResult ProfilePage()
{
User user = UserPersistence.GetUser(Session["UserId"].ToString());
if (user != null && user.IsAdmin)
{
return(RedirectToAction("AdminPage", "Admin"));
}
return(View(user));
}
/*
* Transaction: Update a user in the database
* Returns true iff the user exists in the database and
* it was successfully changed.
*/
public static bool ChangeUser(User upUser)
{
// Verify that the user already exists
User oldUser = UserPersistence.GetUser(upUser.UserId);
// oldUser should not be null, if this is a existing user
if (oldUser == null)
{
return(false);
}
return(UserPersistence.UpdateUser(upUser));
}
/*
* Transaction: Delete a book from the database
* Returns true iff the book exists in the database and
* it was successfully deleted.
*/
public static bool DeleteUser(User delUser)
{
// Verify that the user already exists
User oldUser = UserPersistence.GetUser(delUser.UserId);
// oldUser shouldnot be null, if this is a old user
if (oldUser == null)
{
return(false);
}
return(UserPersistence.DeleteUser(delUser));
}
public ActionResult Login(Credential credential)
{
if (credential == null)
{
return(View(new Credential()));
}
if (credential.Password == null || credential.UserId == null)
{
string err = "Both User ID and Password are required. Please try again.";
TempData["message"] = err;
return(View(credential));
}
if (credential.Password.Length == 0 || credential.UserId.Length == 0)
{
string err = "Both User ID and Password are required. Please try again.";
TempData["message"] = err;
return(View(credential));
}
User user = UserPersistence.GetUser(credential.UserId); // Get the user
if (user.status != "I") // If user is active, Authenticate the user.
{
bool result = UserManager.AuthenticateUser(credential, Session);
if (result) //If username or password is matched with the database value, login the user.
{
TempData["message"] = "";
Session["UserId"] = user.UserId;
Session["LoggedIn"] = true;
if (user.IsAdmin)
{
return(RedirectToAction("AdminPage", "Admin"));
}
else
{
return(RedirectToAction("ProfilePage", "ProfilePage"));
}
}
else
{
TempData["message"] = "Invalid login credentials";
return(View(credential));
}
}
else // If user is inactive, do not login the user.
{
TempData["invalid"] = "Your account has been banned";
return(RedirectToAction("Index", "Home"));
}
}
//GET: api/User/5
public User Get(int id)
{
UserPersistence u = new UserPersistence();
User User = u.GetUser(id);
if (User == null)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.NotFound));
}
return(User);
}
public User Get(int id)
{
UserPersistence userPersistance = new UserPersistence();
User user = userPersistance.GetUser(id);
if (user.Id != 0)
{
return(user);
}
else
{
return(null);
}
}
/*
* Transaction: Add a new user to the database
* Returns true iff the new user has a unique userId
* and it was successfully added.
*/
public static bool AddNewUser(User newUser)
{
// Verify that the book doesn't already exist
User oldUser = UserPersistence.GetUser(newUser.UserId);
// oldBook should be null, if this is a new book
if (oldUser != null)
{
return(false);
}
// set tomorrow as the official date added
newUser.RegisterDate = DateTime.Now;
newUser.RegisterDate.AddDays(1);
return(UserPersistence.AddUser(newUser));
}
public ActionResult AddComment(Comment comment, String sTitle)
{
System.Diagnostics.Debug.WriteLine("sesss" + Session["LoggedIn"]);
if (Session["LoggedIn"] == null || Session["LoggedIn"].Equals(false) || Session["LoggedIn"].ToString().Length == 0)
{
TempData["commentAdded"] = "Please Log in.";
return(RedirectToAction("ServiceDetail", "Service", new { title = sTitle }));
}
comment.Writer = UserPersistence.GetUser(Session["userId"].ToString());
comment.CommentId = CommentPersistence.getMaxId() + 1;
System.Diagnostics.Debug.WriteLine("***" + sTitle);
comment.Service = ServicePersistence.GetService(sTitle);
bool?acceptible = false;
string t = comment.Content.Replace("<", "<");
string t1 = t.Replace(">", ">");
string t2 = t1.Replace("(", "(");
string t3 = t2.Replace(")", ")");
string t4 = t3.Replace("&", "&");
t4 = t4.Replace("'", "");
string tfinal = t4.Replace("|", "|");
comment.Content = tfinal;
acceptible = CommentManager.AddNewComment(comment);
if ((acceptible != null))
{
if (acceptible == true)
{
TempData["commentAdded"] = "Comment is added successfully.";
return(RedirectToAction("Index", "Home"));
}
else
{
TempData["commentAdded"] = "Comment could not be added.";
return(RedirectToAction("ServiceDetail", "Service", new { title = sTitle }));
}
}
else
{
TempData["commentAdded"] = "Comment could not be added.";
return(RedirectToAction("ServiceDetail", "Service", new { title = sTitle }));
}
}
public ActionResult AddService(Service service)
{
if (Session["userId"] == null || Session["IsProvider"].Equals(false))
{
TempData["serviceAdded"] = "Please Log in.";
return(View(service));
}
service.Owner = UserPersistence.GetUser(Session["userId"].ToString());
service.Comments = CommentPersistence.getCommentsForaService(service);
service.date = DateTime.Now;
string t = service.Description.Replace("<", "<");
string t1 = t.Replace(">", ">");
string t2 = t1.Replace("(", "(");
string t3 = t2.Replace(")", ")");
string t4 = t3.Replace("&", "&");
t4 = t4.Replace("'", "");
string tfinal = t4.Replace("|", "|");
service.Description = tfinal;
bool?acceptible = false;
acceptible = ServiceManager.AddNewService(service);
if ((acceptible != null))
{
if (acceptible == true)
{
TempData["serviceAdded"] = "Service is added successfully.";
return(RedirectToAction("Index", "Home"));
}
else
{
TempData["serviceAdded"] = "Service could not be added.";
return(View(service));
}
}
else
{
TempData["serviceAdded"] = "Service could not be added.";
return(View(service));
}
}
public ActionResult UpdateName(string name)
{
bool result = UserPersistence.UpdateUser(name.Replace("'", "'"), (string)Session["UserId"], 1);
if (result)
{
ViewBag.message = "Name successfully changed.";
}
else
{
ViewBag.message = "Name cannot be changed. Try again.";
}
User user = UserPersistence.GetUser((string)Session["UserId"]);
if (user.IsAdmin)
{
return(RedirectToAction("AdminPage", "Admin"));
}
return(View("ProfilePage", user));
}
/// <summary>
/// Authenticates the user if the credentials are true and verified.
/// </summary>
/// <param name="cr"></param>
/// <param name="baseState"></param>
/// <returns>Boolean value whether the entered credentials are valid or not.</returns>
public static bool AuthenticateUser(Credential cr, HttpSessionStateBase baseState)
{
baseState["LoggedIn"] = false;
baseState["IsAdmin"] = false;
User user = UserPersistence.GetUser(cr.UserId);
if (user == null) // If user is not found, that means there is no user with that UserId.
{
return(false);
}
string passwordHash = EncryptionManager.EncodePassword(cr.Password, user.Salt);
if (passwordHash != user.PasswordHash) // Check the hashed password with the database hashed password.
{
return(false); // If they are not matched , that means user entered a wrong password.
}
else
{
baseState["LoggedIn"] = true;
baseState["IsAdmin"] = user.IsAdmin;
return(true);
}
}
public ActionResult EditProfile()
{
return(View(UserPersistence.GetUser(Session["UserId"].ToString())));
}
