public ActionResult ChangePrimary(string phone_number) { string delete_status = FreebieStatus.MobileDeleted(); AccountMobile am = db.AccountMobiles.Where(x => x.Mobile_Number.Equals(phone_number)).Where(x => !x.Status_Cd.Equals(delete_status)).SingleOrDefault(); if (am == null) { return(HttpNotFound()); } int account_id = am.Account_Id; Account account = db.Accounts.SingleOrDefault(x => x.Account_Id == account_id); IEnumerable <AccountMobile> account_numbers = db.AccountMobiles.Where(x => x.Account_Id.Equals(account_id)).Where(x => !x.Status_Cd.Equals(delete_status)); foreach (var number in account_numbers) { if (number.Mobile_Number.Equals(phone_number)) { number.Primary_Flag = true; } else { number.Primary_Flag = false; } number.Updated_By = System.Configuration.ConfigurationManager.AppSettings["SystemUsername"]; number.Updated_Dttm = DateTime.Now; } db.SaveChanges(); FreebieEvent.UpdateMobile(account, phone_number, "A04", Permission.f_update_number_page_id); return(RedirectToAction("ViewNumber", "AccInfo")); }
public ActionResult CreateStaffAcct(User u) { if (string.IsNullOrWhiteSpace(u.First_Name)) { ModelState.AddModelError("First_Name", "กรุณาระบุชื่อ"); } if (string.IsNullOrWhiteSpace(u.Last_Name)) { ModelState.AddModelError("Last_Name", "กรุณาระบุนามสกุล"); } if (ModelState.IsValid) { string pwd = PasswordGenerator.Get(); u.Role_Cd = "ST"; u.Password = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "SHA1"); u.Created_By = System.Configuration.ConfigurationManager.AppSettings["SystemUsername"]; u.Updated_By = System.Configuration.ConfigurationManager.AppSettings["SystemUsername"]; u.Created_Dttm = DateTime.Now; u.Updated_Dttm = DateTime.Now; db.Users.Add(u); db.SaveChanges(); FreebieEvent.UserCreateEvent(Permission.staff_acct_page_id); return(RedirectToAction("AssignUserName", new { user_id = u.User_Id, pwd = pwd })); } else { init_dropdown(u); return(View(u)); } }
public ActionResult UpdateBaseQuota(string state) { using (var db = new EchoContext()) { IEnumerable <Quota> quotas = db.Quotas.Where(x => x.Quota_Type_Cd.Equals("B")); string user_no = Session["User_No"].ToString(); foreach (var item in quotas) { string fv = Request.Form["Quota_Freq_Val_" + item.Quota_Cd]; string dv = Request.Form["Quota_Dur_Val_" + item.Quota_Cd]; try { item.Quota_Freq_Val = Convert.ToByte(fv); item.Quota_Dur_Val = Convert.ToByte(dv); item.Updated_By = user_no; item.Updated_Dttm = DateTime.Now; db.Entry(item).State = EntityState.Modified; } catch { return(View(quotas)); } } db.SaveChanges(); FreebieEvent.UserUpdateEvent(Permission.base_quota_page_id, "A04"); return(RedirectToAction("BaseQuota")); } }
public ActionResult UpdateStaffAcct(int?user_id, string state) { if (user_id == null) { return(HttpNotFound()); } user_id = Convert.ToInt32(user_id); User user = db.Users.SingleOrDefault(x => x.User_Id == user_id); if (user == null) { return(HttpNotFound()); } if (string.IsNullOrWhiteSpace(Request.Form["First_Name"])) { ModelState.AddModelError("First_Name", "กรุณาระบุชื่อ"); } if (string.IsNullOrWhiteSpace(Request.Form["Last_Name"])) { ModelState.AddModelError("Last_Name", "กรุณาระบุนามสกุล"); } bool can_crud_this_user = Permission.can_update_this_staff(user); if (!can_crud_this_user) { return(HttpNotFound()); } user.First_Name = Request.Form["First_Name"]; user.Last_Name = Request.Form["Last_Name"]; user.Dept_Cd = Request.Form["Dept_Cd"]; user.Group_Id = Convert.ToByte(Request.Form["Group_Id"]); user.Status_Cd = Request.Form["Status_Cd"]; if (!string.IsNullOrWhiteSpace(Request.Form["PlainPwd"])) { string pwd = Request.Form["PlainPwd"]; user.Password = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "SHA1"); } if (ModelState.IsValid) { db.Entry(user).State = EntityState.Modified; db.SaveChanges(); FreebieEvent.UserUpdateEvent(Permission.staff_acct_page_id, "A04"); //init_dropdown(user); return(View("ViewStaffAcct", user)); } else { init_dropdown(user); return(View(user)); } }
public ActionResult ChangeUsername(Account ac) { int account_id = Convert.ToInt32(Session["Account_Id"].ToString()); var account = db.Accounts.SingleOrDefault(x => x.Account_Id == account_id); if (account == null) { return(HttpNotFound()); } //ModelState.AddModelError("ConfirmPassword", System.Configuration.ConfigurationManager.AppSettings["Validate008"]); var new_username = Request.Form["New_User_Name"]; var confirm_username = Request.Form["Confirm_User_Name"]; ViewBag.New_User_Name = new_username; ViewBag.Confirm_User_Name = confirm_username; string strPattern = CustomValidate.EmailRegEx(); if (!System.Text.RegularExpressions.Regex.IsMatch(new_username, strPattern)) { ModelState.AddModelError("New_User_Name", System.Configuration.ConfigurationManager.AppSettings["Account016"]); return(View(account)); } var check_ac = db.Accounts.Where(x => x.User_Name.Equals(new_username)).SingleOrDefault(); if (check_ac != null) { ModelState.AddModelError("New_User_Name", System.Configuration.ConfigurationManager.AppSettings["Account015"]); return(View(account)); } if (new_username.ToLower() == confirm_username.ToLower()) { account.User_Name = new_username; account.Updated_Dttm = DateTime.Now; db.Entry(account).State = EntityState.Modified; db.SaveChanges(); FormsAuthentication.SetAuthCookie(new_username, true); FreebieEvent.AccountUpdateEvent(account, null, null, Permission.f_update_username_page_id); ViewBag.Type = 3; return(View("RenderStatics")); } else { ModelState.AddModelError("Confirm_User_Name", System.Configuration.ConfigurationManager.AppSettings["Account017"]); } return(View(account)); }
public ActionResult UpdateStaffPwd(string status) { string current_pwd = Request.Form["CurrentPassword"]; string new_pwd = Request.Form["NewPassword"]; string confirm_pwd = Request.Form["ConfirmNewPassword"]; if (string.IsNullOrEmpty(current_pwd) || string.IsNullOrEmpty(new_pwd) || string.IsNullOrEmpty(confirm_pwd)) { ViewBag.Error = System.Configuration.ConfigurationManager.AppSettings["STAFF_PWD"]; return(View()); } if (new_pwd.Length < 6 || new_pwd.Length > 15) { ViewBag.Error = System.Configuration.ConfigurationManager.AppSettings["Validate008"]; return(View()); } if (new_pwd != confirm_pwd) { ViewBag.Error = System.Configuration.ConfigurationManager.AppSettings["Validate006"]; return(View()); } var enc = FormsAuthentication.HashPasswordForStoringInConfigFile(current_pwd, "SHA1"); string user_no = Session["User_No"].ToString(); User user = db.Users.SingleOrDefault(x => x.User_No.Equals(user_no)); if (user != null) { if (!user.Password.Equals(enc)) { ViewBag.Error = System.Configuration.ConfigurationManager.AppSettings["Validate007"]; return(View()); } var new_pwd_enc = FormsAuthentication.HashPasswordForStoringInConfigFile(new_pwd, "SHA1"); user.Password = new_pwd_enc; UpdateModel(user); db.SaveChanges(); FreebieEvent.UserUpdateEvent(Permission.staff_profile_page_id, "A04"); } return(RedirectToAction("StaffProfile")); }
public ActionResult UpdateActivationLimit(ActivationLimit al) { using (var db = new EchoContext()) { AdminConfiguration ac = db.AdminConfigurations.SingleOrDefault(); string user_no = Session["User_No"].ToString(); ac.No_Activation_Limit_Total = Convert.ToInt32(al.no_activation_limit_total); ac.No_Activation_Limit_Daily = Convert.ToInt32(al.no_activation_limit_daily); ac.Updated_By = user_no; ac.Updated_Dttm = DateTime.Now; db.Entry(ac).State = EntityState.Modified; db.SaveChanges(); FreebieEvent.UserUpdateEvent(Permission.activation_page_id, "A04"); return(RedirectToAction("ActivationLimit")); } }
public ActionResult Logout() { using (var db = new EchoContext()) { if (Session["User_No"] != null) { string user_no = Session["User_No"].ToString(); User current_user = db.Users.SingleOrDefault(x => x.User_No.Equals(user_no)); HttpRuntime.Cache.Remove(user_no.Trim()); FormsAuthentication.SignOut(); RemoveCoookie("freebie"); Session.Clear(); FreebieEvent.UserEvent(current_user, "A02", Permission.staff_home_page_id); } return(View("Login")); } }
public ActionResult UpdateFreeTrialQuota(TrialQuota tq) { using (var db = new EchoContext()) { AdminConfiguration ac = db.AdminConfigurations.SingleOrDefault(); string user_no = Session["User_No"].ToString(); ac.Trial_Limit_Total = Convert.ToInt32(tq.trial_limit_total); ac.Trial_Dur_Val = Convert.ToInt32(tq.trial_dur_val); ac.Trial_Enable_Flag = Convert.ToBoolean(tq.trial_enable_flag); ac.Updated_By = user_no; ac.Updated_Dttm = DateTime.Now; db.Entry(ac).State = EntityState.Modified; db.SaveChanges(); FreebieEvent.UserUpdateEvent(Permission.free_trial_page_id, "A04"); return(RedirectToAction("FreeTrialQuota")); } }
public ActionResult ChangePassword(Account ac) { int account_id = Convert.ToInt32(Session["Account_Id"].ToString()); var account = db.Accounts.SingleOrDefault(x => x.Account_Id == account_id); if (account == null) { return(HttpNotFound()); } var current_password = Request.Form["Password"]; var new_password = Request.Form["New_Password"]; var comfirm_password = Request.Form["Confirm_Password"]; if (new_password.Length < 6 || new_password.Length > 15) { ModelState.AddModelError("New_Password", System.Configuration.ConfigurationManager.AppSettings["Validate008"]); return(View(account)); } var current_password_enc = FormsAuthentication.HashPasswordForStoringInConfigFile(current_password, "SHA1"); if (current_password_enc != account.Password) { ModelState.AddModelError("Password", System.Configuration.ConfigurationManager.AppSettings["Account013"]); return(View(account)); } if (new_password == comfirm_password) { var new_password_enc = FormsAuthentication.HashPasswordForStoringInConfigFile(new_password, "SHA1"); account.Password = new_password_enc; account.Updated_By = account.Account_No; account.Updated_Dttm = DateTime.Now; db.Entry(account).State = EntityState.Modified; db.SaveChanges(); FreebieEvent.AccountUpdateEvent(account, null, null, Permission.f_update_password_page_id); ViewBag.Type = 4; return(View("RenderStatics")); } else { ModelState.AddModelError("New_Password", System.Configuration.ConfigurationManager.AppSettings["Account014"]); } return(View(account)); }
public ActionResult RemoveNumber(string phone_number) { string delete_status = FreebieStatus.MobileDeleted(); AccountMobile am = db.AccountMobiles.Where(x => x.Mobile_Number.Equals(phone_number)).Where(x => !x.Status_Cd.Equals(delete_status)).SingleOrDefault(); if (am == null) { return(HttpNotFound()); } else { // db.AccountMobiles.Remove(am); am.Status_Cd = FreebieStatus.MobileDeleted(); am.Updated_By = System.Configuration.ConfigurationManager.AppSettings["SystemUsername"]; am.Updated_Dttm = DateTime.Now; db.SaveChanges(); FreebieEvent.UpdateMobile(am.Account, phone_number, "A05", Permission.f_update_number_page_id); } return(RedirectToAction("ViewNumber", "AccInfo")); }
public ActionResult CreateSupervisorAcct(User u) { int group_id = Convert.ToInt16(u.Group_Id); string dept_cd = u.Dept_Cd; if (string.IsNullOrWhiteSpace(u.First_Name)) { ModelState.AddModelError("First_Name", "กรุณาระบุชื่อ"); } if (string.IsNullOrWhiteSpace(u.Last_Name)) { ModelState.AddModelError("Last_Name", "กรุณาระบุนามสกุล"); } User check_existing = db.Users.Where(x => x.Dept_Cd.Equals(dept_cd)).Where(x => x.Group_Id == group_id).Where(x => x.Role_Cd.Equals("SU")).SingleOrDefault(); if (check_existing != null) { ModelState.AddModelError("User_Name", System.Configuration.ConfigurationManager.AppSettings["SU_EXISTS"]); } if (ModelState.IsValid) { string pwd = PasswordGenerator.Get(); u.Role_Cd = "SU"; u.Password = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "SHA1"); u.Created_By = System.Configuration.ConfigurationManager.AppSettings["SystemUsername"]; u.Updated_By = System.Configuration.ConfigurationManager.AppSettings["SystemUsername"]; u.Created_Dttm = DateTime.Now; u.Updated_Dttm = DateTime.Now; db.Users.Add(u); db.SaveChanges(); FreebieEvent.UserCreateEvent(Permission.sup_acct_page_id); return(RedirectToAction("AssignUserName", new { user_id = u.User_Id, pwd = pwd })); } else { init_dropdown(u); return(View(u)); } }
public ActionResult RemoveStaff(int?user_id) { if (user_id == null) { return(HttpNotFound()); } user_id = Convert.ToInt32(user_id); User u = db.Users.SingleOrDefault(x => x.User_Id == user_id); if (u == null) { return(HttpNotFound()); } bool can_crud_this_user = Permission.can_update_this_staff(u); if (!can_crud_this_user) { return(HttpNotFound()); } bool is_sup = false; if (u.Role_Cd.Equals("SU")) { is_sup = true; } db.Users.Remove(u); db.SaveChanges(); if (is_sup) { FreebieEvent.UserUpdateEvent(Permission.sup_acct_page_id, "A05"); return(RedirectToAction("SupervisorAcct")); } FreebieEvent.UserUpdateEvent(Permission.staff_acct_page_id, "A05"); return(RedirectToAction("StaffAcct")); }
public ActionResult UpdateAccProfile(Account account) { var selected_interests = Request.Form["selectedInterests"]; var agree_flag = Request.Form["Agree"]; ViewBag.NotAgree = ""; ViewBag.ViewProfile = "true"; int account_id = Convert.ToInt32(Session["Account_Id"].ToString()); account = db.Accounts.SingleOrDefault(x => x.Account_Id == account_id); AccountQuota account_quota = db.AccountQuotas.SingleOrDefault(x => x.Account_Id == account_id); Quota quota = new Quota(); if (account_quota == null) { account_quota = new AccountQuota(); } else { quota = account_quota.Quota; } ViewBag.Quota_Freq_Val = Convert.ToInt16(quota.Quota_Freq_Val); ViewBag.Quota_Dur_Val = Convert.ToInt16(quota.Quota_Dur_Val); Hashtable quotas = new Hashtable(); quotas["low"] = new Hashtable(); quotas["medium"] = new Hashtable(); quotas["high"] = new Hashtable(); IEnumerable <Quota> base_quotas = db.Quotas.Where(x => x.Quota_Type_Cd.Equals("B")).OrderBy(x => x.Quota_Cd); int q_count = 1; foreach (var q in base_quotas) { switch (q_count) { case 1: quotas["low"] = q; break; case 2: quotas["medium"] = q; break; case 3: quotas["high"] = q; break; default: break; } q_count += 1; } ViewBag.Quotas = quotas; string old_idcard = account.Identification_Number == null ? string.Empty : account.Identification_Number.Trim(); //Account old_account = account; if (account == null) { return(HttpNotFound()); } if (ModelState.ContainsKey("User_Name")) { ModelState["User_Name"].Errors.Clear(); } if (ModelState.ContainsKey("User_Name")) { ModelState["Password"].Errors.Clear(); } var form_vals = Request.Form; if (string.IsNullOrWhiteSpace(form_vals["First_Name"])) { ModelState.AddModelError("First_Name", System.Configuration.ConfigurationManager.AppSettings["Account003"]); } if (string.IsNullOrWhiteSpace(form_vals["Last_Name"])) { ModelState.AddModelError("Last_Name", System.Configuration.ConfigurationManager.AppSettings["Account004"]); } if (string.IsNullOrWhiteSpace(form_vals["Income_Range_Cd"])) { ModelState.AddModelError("Income_Range_Cd", System.Configuration.ConfigurationManager.AppSettings["Account025"]); } if (CustomValidate.ValidateZipcode(form_vals["ZipCode"]) != 1) { ModelState.AddModelError("ZipCode", System.Configuration.ConfigurationManager.AppSettings["Account023"]); } account.First_Name = form_vals["First_Name"]; account.Last_Name = form_vals["Last_Name"]; if (string.IsNullOrEmpty(form_vals["Day_Of_Birth"])) { account.Day_Of_Birth = null; } else { account.Day_Of_Birth = Convert.ToByte(form_vals["Day_Of_Birth"]); } if (string.IsNullOrEmpty(form_vals["Month_Of_Birth"])) { account.Month_Of_Birth = null; } else { account.Month_Of_Birth = Convert.ToByte(form_vals["Month_Of_Birth"]); } if (string.IsNullOrEmpty(form_vals["Year_Of_Birth"])) { account.Year_Of_Birth = null; } else { account.Year_Of_Birth = Convert.ToInt16(form_vals["Year_Of_Birth"]); } account.Gender_Cd = form_vals["Gender_Cd"]; account.Marital_Status_Cd = form_vals["Marital_Status_Cd"]; bool no_child = true; if (!string.IsNullOrEmpty(form_vals["Children_Flag"])) { if (form_vals["Children_Flag"].Equals("Y")) { account.Children_Flag = "Y"; no_child = false; } else { account.Children_Flag = "N"; } } if (no_child || string.IsNullOrEmpty(form_vals["Year_Of_Birth_Child1"])) { account.Year_Of_Birth_Child1 = null; } else { account.Year_Of_Birth_Child1 = Convert.ToInt16(form_vals["Year_Of_Birth_Child1"]); } if (no_child || string.IsNullOrEmpty(form_vals["Year_Of_Birth_Child2"])) { account.Year_Of_Birth_Child2 = null; } else { account.Year_Of_Birth_Child2 = Convert.ToInt16(form_vals["Year_Of_Birth_Child2"]); } if (no_child || string.IsNullOrEmpty(form_vals["Year_Of_Birth_Child3"])) { account.Year_Of_Birth_Child3 = null; } else { account.Year_Of_Birth_Child3 = Convert.ToInt16(form_vals["Year_Of_Birth_Child3"]); } account.Income_Range_Cd = form_vals["Income_Range_Cd"]; account.Occupation_Cd = form_vals["Occupation_Cd"]; account.Education_Cd = form_vals["Education_Cd"]; account.Identification_Number = form_vals["Identification_Number"]; string idcard = form_vals["Identification_Number"] == null ? string.Empty : form_vals["Identification_Number"].Trim(); if (!string.IsNullOrEmpty(idcard)) { switch (CustomValidate.ValidateIndentification(idcard)) { case 0: ModelState.AddModelError("Identification_Number", System.Configuration.ConfigurationManager.AppSettings["Account007"]); break; case 2: ModelState.AddModelError("Identification_Number", System.Configuration.ConfigurationManager.AppSettings["Account007"]); break; case 3: ModelState.AddModelError("Identification_Number", System.Configuration.ConfigurationManager.AppSettings["Account008"]); break; default: break; } } if (!string.IsNullOrEmpty(account.Children_Flag)) { if (account.Children_Flag.Equals("Y")) { if (account.Year_Of_Birth_Child1 == null) { ModelState.AddModelError("Year_Of_Birth_Child1", System.Configuration.ConfigurationManager.AppSettings["Account021"]); } } } if (account.Day_Of_Birth == null || account.Month_Of_Birth == null || account.Year_Of_Birth == null) { ModelState.AddModelError("Day_Of_Birth", System.Configuration.ConfigurationManager.AppSettings["Account020"]); } if (account.Month_Of_Birth == 2) { if (account.Day_Of_Birth > 29) { ModelState.AddModelError("Day_Of_Birth", System.Configuration.ConfigurationManager.AppSettings["Account019"]); } else { if (!(account.Year_Of_Birth % 400 == 0 || (account.Year_Of_Birth % 100 != 0 && account.Year_Of_Birth % 4 == 0))) { if (account.Day_Of_Birth == 29) { ModelState.AddModelError("Day_Of_Birth", System.Configuration.ConfigurationManager.AppSettings["Account019"]); } } } } if (agree_flag == "true") { try { if (ModelState.IsValid) { account.Updated_Dttm = DateTime.Now; UpdateModel(account); string[] interests = new string[] { }; var aci = db.AccountInterests.Where(x => x.Account_Id.Equals(account.Account_Id)).SingleOrDefault(); bool flag = false; if (aci == null) { aci = new AccountInterest(); aci.Account_Id = account.Account_Id; flag = true; } if (selected_interests != null) { interests = selected_interests.Split(','); } aci.I01_Food_Dining = interests.Contains("I01"); aci.I02_Night_Life = interests.Contains("I02"); aci.I03_Entertainment = interests.Contains("I03"); aci.I04_Music_Movie = interests.Contains("I04"); aci.I05_Sports_Fitness = interests.Contains("I05"); aci.I06_Shopping_Fashion = interests.Contains("I06"); aci.I07_Health_Beauty = interests.Contains("I07"); aci.I08_Travel = interests.Contains("I08"); aci.I09_Pets = interests.Contains("I09"); aci.I10_Kids_Children = interests.Contains("I10"); aci.I11_Home_Living = interests.Contains("I11"); aci.I12_Finance_Investment = interests.Contains("I12"); aci.I13_Technology_Gadget = interests.Contains("I13"); aci.I14_Auto = interests.Contains("I14"); if (flag) { db.AccountInterests.Add(aci); } else { db.Entry(aci).State = EntityState.Modified; } Quota select_quota = QuotaCalculation.Calculate(account, selected_interests); AccountQuota aq = db.AccountQuotas.SingleOrDefault(x => x.Account_Id.Equals(account_id)); if (aq != null) { db.AccountQuotas.Remove(aq); db.SaveChanges(); } AccountQuota new_aq = new AccountQuota(); new_aq.Account_Id = account_id; new_aq.Quota_Cd = select_quota.Quota_Cd; db.AccountQuotas.Add(new_aq); db.SaveChanges(); if (!old_idcard.Equals(idcard)) { FreebieEvent.AccountUpdateEvent(account, idcard, "Idcard", Permission.f_update_profile_page_id); } else { FreebieEvent.AccountUpdateEvent(account, null, null, Permission.f_update_profile_page_id); } return(RedirectToAction("ViewAccProfile")); } } catch (DbEntityValidationException dbEx) { foreach (var validationErrors in dbEx.EntityValidationErrors) { foreach (var validationError in validationErrors.ValidationErrors) { Trace.TraceInformation("Property: {0} Error: {1}", validationError.PropertyName, validationError.ErrorMessage); } } } } else { ViewBag.NotAgree = System.Configuration.ConfigurationManager.AppSettings["Account006"]; } var account_interest = db.AccountInterests.Where(x => x.Account_Id.Equals(account.Account_Id)).SingleOrDefault(); if (account_interest == null) { account_interest = new AccountInterest(); } List <string> interest_arrs = load_interest(account_interest); ViewBag.InterestSelected = interest_arrs; init_dropdown(account); ViewBag.Step = 3; return(View(account)); }
public ActionResult ValidateUser() { using (var db = new EchoContext()) { string username = Request.Form["UserName"]; string password = Request.Form["Password"]; string enc = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "SHA1"); if (username != "" && password != "") { User u = db.Users.Where(x => x.User_Name.Equals(username)).Where(x => x.Password.Equals(enc)).SingleOrDefault(); if (u != null) { if (u.Status_Cd.Trim().Equals("IA")) { ViewBag.LoginError = System.Configuration.ConfigurationManager.AppSettings["Login002"]; return(View("Login")); } //if (System.Web.HttpContext.Current.Cache[u.User_No.Trim()] == null) //{ FormsAuthentication.SetAuthCookie(username, true); Session["User_No"] = u.User_No; Session["Role"] = u.Role_Cd; Session["Dept"] = u.Dept_Cd; Session["Group_Id"] = u.Group_Id; //System.Web.HttpContext.Current.Cache[u.User_No.Trim()] = Session.SessionID; //load permissions IEnumerable <PageMap> page_maps = db.PageMaps.Where(x => x.Role_Cd.Equals(u.Role_Cd)).Where(x => x.Dept_Cd.Equals(u.Dept_Cd)).ToList(); Hashtable permissions = new Hashtable(); foreach (var p in page_maps) { string page_key = p.Page_Id.ToString(); Hashtable item = new Hashtable(); item["View_All"] = (p.View_All_Flag.Equals("Y")); item["Access_All"] = (p.Full_Access_Flag.Equals("Y")); item["Allow_Update"] = (p.Allow_Update_Flag.Equals("Y")); permissions.Add(page_key, item); } Session["Permissions"] = permissions; string dept_name = "-"; if (u.Dept != null) { dept_name = u.Dept.Dept_Name_En; } FreebieEvent.UserEvent(u, "A01", Permission.staff_home_page_id); return(RedirectToAction("StaffProfile", "User")); //} //else //{ // ViewBag.LoginError = System.Configuration.ConfigurationManager.AppSettings["MULTIPLE_LOGIN"]; //} } else { ViewBag.LoginError = System.Configuration.ConfigurationManager.AppSettings["Login001"]; } } return(View("Login")); } }
public ActionResult UpdateSupervisorAcct(int?user_id, string state) { if (user_id == null) { return(HttpNotFound()); } user_id = Convert.ToInt32(user_id); User user = db.Users.SingleOrDefault(x => x.User_Id == user_id); if (user == null) { return(HttpNotFound()); } if (string.IsNullOrWhiteSpace(Request.Form["First_Name"])) { ModelState.AddModelError("First_Name", "กรุณาระบุชื่อ"); } if (string.IsNullOrWhiteSpace(Request.Form["Last_Name"])) { ModelState.AddModelError("Last_Name", "กรุณาระบุนามสกุล"); } bool can_crud_this_user = Permission.can_update_this_staff(user); if (!can_crud_this_user) { return(HttpNotFound()); } int group_id = Convert.ToByte(Request.Form["Group_Id"]); string dept_cd = Request.Form["Dept_Cd"]; User check_existing = db.Users.Where(x => x.Dept_Cd.Equals(dept_cd)).Where(x => x.Group_Id == group_id).Where(x => x.Role_Cd.Equals("SU")).SingleOrDefault(); user.First_Name = Request.Form["First_Name"]; user.Last_Name = Request.Form["Last_Name"]; user.Dept_Cd = Request.Form["Dept_Cd"]; user.Group_Id = Convert.ToByte(Request.Form["Group_Id"]); user.Status_Cd = Request.Form["Status_Cd"]; if (!string.IsNullOrWhiteSpace(Request.Form["PlainPwd"])) { string pwd = Request.Form["PlainPwd"]; user.Password = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "SHA1"); } if (check_existing != null && check_existing.User_Id != user.User_Id) { ModelState.AddModelError("User_Name", System.Configuration.ConfigurationManager.AppSettings["SU_EXISTS"]); init_dropdown(user); return(View(user)); } if (ModelState.IsValid) { db.Entry(user).State = EntityState.Modified; db.SaveChanges(); FreebieEvent.UserUpdateEvent(Permission.sup_acct_page_id, "A04"); return(View("ViewSupervisorAcct", user)); } else { init_dropdown(user); return(View(user)); } }
public ActionResult AddNumber(string phoneNumber) { string password = Request.Form["Password"]; phoneNumber = GetCookie("Acct", "phone_number"); bool flag = true; if (string.IsNullOrEmpty(phoneNumber)) { ViewBag.ValidNumber = false; ViewBag.PhoneNumber = ""; flag = false; } ViewBag.PhoneNumber = phoneNumber; string otp = Request.Form["Password"]; if (flag && (string.IsNullOrEmpty(otp) || otp.Length < 4)) { ViewBag.ValidNumber = true; ViewBag.Error = true; ViewBag.ErrorMessage = System.Configuration.ConfigurationManager.AppSettings["Validate010"]; flag = false; } if (flag) { int result = OTPHandler.ValidateOTP(phoneNumber, otp); switch (result) { case 0: int account_id = Convert.ToInt32(Session["Account_Id"].ToString()); var account = db.Accounts.SingleOrDefault(x => x.Account_Id == account_id); if (account == null) { return(HttpNotFound()); } AccountMobile am = db.AccountMobiles.Where(x => x.Account_Id.Equals(account.Account_Id)).Where(x => x.Mobile_Number.Equals(phoneNumber)).SingleOrDefault(); bool first_create = false; if (am == null) { am = new AccountMobile(); am.Account_Id = account.Account_Id; am.Status_Cd = FreebieStatus.MobileActive(); am.Mobile_Number = phoneNumber; am.Primary_Flag = false; am.Created_Dttm = DateTime.Now; am.Updated_Dttm = DateTime.Now; first_create = true; } if (first_create) { db.AccountMobiles.Add(am); } else { am.Status_Cd = FreebieStatus.MobileActive(); am.Created_Dttm = DateTime.Now; am.Updated_Dttm = DateTime.Now; db.Entry(am).State = EntityState.Modified; } OTP otp_request = db.OTPs.SingleOrDefault(x => x.PhoneNumber.Equals(phoneNumber)); if (otp_request != null) { db.OTPs.Remove(otp_request); } db.SaveChanges(); FreebieEvent.UpdateMobile(account, phoneNumber, "A03", Permission.f_update_number_page_id); RemoveCoookie("Acct"); return(RedirectToAction("ViewNumber", "AccInfo")); case 1: ViewBag.Error = true; ViewBag.ValidNumber = true; ViewBag.ErrorMessage = System.Configuration.ConfigurationManager.AppSettings["Validate007"]; ViewBag.ShowPwd = true; break; case 2: ViewBag.ValidNumber = false; ViewBag.PhoneNumber = ""; ViewBag.ResetOTP = System.Configuration.ConfigurationManager.AppSettings["Otp03"]; RemoveCoookie("Acct"); break; case 3: ViewBag.ValidNumber = false; ViewBag.PhoneNumber = ""; ViewBag.ResetOTP = System.Configuration.ConfigurationManager.AppSettings["Otp04"]; RemoveCoookie("Acct"); break; default: break; } } ViewBag.ShowPwd = true; return(View()); }