// Retrieve data from user input public ActionResult Registration(UserModels user) { if (ModelState.IsValid) // Check for valid ModelState { try { GDbContext db = new GDbContext(); // Establish connection to the database user.USER_PASSWORD_SALT = GenerateSalt(); // Generate password salt user.USER_PASSWORD = Hash(Encoding.ASCII.GetBytes(user.USER_PASSWORD), Encoding.ASCII.GetBytes(user.USER_PASSWORD_SALT)); // Hash password with password salt db.User.Add(user); // Add user to the datebase db.SaveChanges(); // Save changes to the database return(RedirectToAction("Login")); // Redirect to login page } catch (Exception) // Catch unique constraint violation for email { user.USER_PASSWORD = string.Empty; // Clear password ModelState.AddModelError(string.Empty, "This email is already in use."); return(View(user)); } } else { return(View(user)); } }
// Hotels // View Hotels in the database public ActionResult HotelList() { List <Hotels> hotels = new List <Hotels>(); // Holds hotels GDbContext db = new GDbContext(); // Establish connection to database hotels = db.Hotel.ToList(); // Retrieve hotels from database return(View(hotels)); // Send hotels in a list view }
// View users in the database public ActionResult UserList() { List <UserModels> users = new List <UserModels>(); // Holds users GDbContext db = new GDbContext(); // Establish connection to database users = db.User.ToList(); // Retrieve users from database return(View(users)); // Send users in a list view }
public ActionResult HotelDetails(int id) { GDbContext db = new GDbContext(); // Establish connection to database // Retrieve hotel from database Hotels hotel = db.Hotel.SingleOrDefault(h => h.HOTEL_ID == id) as Hotels; if (hotel == null) // Return error if hotel isn't found { return(HttpNotFound()); } return(View(hotel)); // Send hotel in a detail view }
// Inquite specific user public ActionResult UserDetails(int id) { GDbContext db = new GDbContext(); // Establish connection to database // Retrieve user from database UserModels user = db.User.SingleOrDefault(u => u.USER_ID == id) as UserModels; if (user == null) // Return error if user isn't found { return(HttpNotFound()); } return(View(user)); // Send user in a detail view }
public ActionResult UserDelete(int id) { GDbContext db = new GDbContext(); // Establish connection to database // Retrieve user from database UserModels user = db.User.SingleOrDefault(u => u.USER_ID == id) as UserModels; if (user == null) // Return error if user isn't found { return(HttpNotFound()); } if (ModelState.IsValid) // Check for valid ModelState { user.DELETE_STAT = !user.DELETE_STAT; // Soft delete or undelete based on current status db.SaveChanges(); // Save changes to datebase return(RedirectToAction("UserList")); // Return updated user list page } return(View(user)); // Returns view, should not occur }
public ActionResult HotelDelete(int id) { GDbContext db = new GDbContext(); // Establish connection to database // Retrieve hotel from database Hotels hotel = db.Hotel.SingleOrDefault(h => h.HOTEL_ID == id) as Hotels; if (hotel == null) // Return error if hotel isn't found { return(HttpNotFound()); } if (ModelState.IsValid) // Check for valid ModelState { hotel.DELETE_STAT = !hotel.DELETE_STAT; // Soft delete or undelete based on current status db.SaveChanges(); // Save changes to datebase return(RedirectToAction("HotelList")); // Return to hotel list } return(View(hotel)); // Returns view, should not occur }
// Retrieve data from user input public ActionResult Login(UserModels login) { if (login.USER_EMAIL == null || login.USER_PASSWORD == null) { ModelState.AddModelError(string.Empty, "missing username and/or password"); return(View(login)); } if (!new EmailAddressAttribute().IsValid(login.USER_EMAIL)) { ModelState.AddModelError(string.Empty, "invalid e-mail address"); return(View(login)); } GDbContext db = new GDbContext(); UserModels user = db.User.SingleOrDefault(u => u.USER_EMAIL == login.USER_EMAIL) as UserModels; if (user == null) // User doesn't exist { ModelState.AddModelError(string.Empty, "User/password combination does not exist."); login.USER_PASSWORD = string.Empty; // Clear password return(View(login)); } if (user != null) // If user exists { login.USER_PASSWORD = Hash(Encoding.ASCII.GetBytes(login.USER_PASSWORD), Encoding.ASCII.GetBytes(user.USER_PASSWORD_SALT)); // Hash user input for password comparison } // Compare user input to users in the database if (login.USER_EMAIL.Equals(user.USER_EMAIL) && // Matching user email and password login.USER_PASSWORD.Equals(user.USER_PASSWORD)) // was found in the database { if (user.DELETE_STAT == true) { ModelState.AddModelError(string.Empty, "This account has been disabled."); login.USER_PASSWORD = string.Empty; // Clear password return(View(login)); } if (user.ADMIN_CONTROLS == true) // Admin role { string roles = "Admin"; // Administrator FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 2, // Version login.USER_EMAIL, // User email DateTime.Now, // Time issued DateTime.Now.AddMinutes(120), // Expire time false, // Do not remember cookie roles, // Role(s) "/"); // Cookie path HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(authTicket)); // Set cookie Response.Cookies.Add(cookie); // Add cookie return(Redirect("/Admin/")); // Redirect to admin page } else // User role { string roles = "User"; // User FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 2, // Version login.USER_EMAIL, // User email DateTime.Now, // Time issued DateTime.Now.AddMinutes(120), // Expire time false, // Do not remember cookie roles, // Role(s) "/"); // Cookie path HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(authTicket)); // Set cookie Response.Cookies.Add(cookie); // Add cookie } return(Redirect("/")); } else { ModelState.AddModelError(string.Empty, "User/password combination does not exist."); login.USER_PASSWORD = string.Empty; // Clear password return(View(login)); } }