public ActionResult UserProfile(UserProfileVM model)
{
// Check model state
if (!ModelState.IsValid)
{
return(View("UserProfile", model));
}
// Check if passwords match if need be
if (!string.IsNullOrWhiteSpace(model.Password))
{
if (!model.Password.Equals(model.ConfirmPassword))
{
ModelState.AddModelError("", "Passwords do not match.");
return(View("UserProfile", model));
}
}
using (TicketAppDB db = new TicketAppDB())
{
// Get username
string username = User.Identity.Name;
// Make sure username is unique
if (db.Users.Where(x => x.Id != model.Id).Any(x => x.Username == username))
{
ModelState.AddModelError("", "Username " + model.Username + " already exists.");
model.Username = "";
return(View("UserProfile", model));
}
// Edit DTO
UserDTO dto = db.Users.Find(model.Id);
dto.FirstName = model.FirstName;
dto.LastName = model.LastName;
dto.EmailAddress = model.EmailAddress;
dto.Username = model.Username;
if (!string.IsNullOrWhiteSpace(model.Password))
{
dto.Password = model.Password;
}
// Save
db.SaveChanges();
}
// Set TempData message
TempData["SM"] = "You have edited your profile!";
// Redirect
return(Redirect("~/account/user-profile"));
}
public ActionResult DeleteUser(int id)
{
using (TicketAppDB db = new TicketAppDB())
{
//Get products, orders and details of user
List <ProductDTO> listings = db.Products.Where(x => x.UserId == id).ToList();
List <OrderDetailsDTO> userDetails = db.OrderDetails.Where(x => x.UserId == id).ToList();
List <OrderDTO> orders = db.Orders.Where(x => x.UserId == id).ToList();
//Init List of prod details
foreach (ProductDTO prod in listings)
{
if (prod != null)
{
userDetails.Add(db.OrderDetails.Where(x => x.ProductId == prod.Id).FirstOrDefault());
PdfDTO pdf = db.Pdfs.Where(x => x.ProductId == prod.Id).FirstOrDefault();
PhotoDTO photo = db.Photos.Where(x => x.ProductId == prod.Id).FirstOrDefault();
if (pdf != null)
{
db.Pdfs.Remove(pdf);
db.Photos.Remove(photo);
}
db.Products.Remove(prod);
}
}
foreach (OrderDetailsDTO det in userDetails)
{
if (det != null)
{
orders.Add(db.Orders.Where(x => x.OrderId == det.OrderId).FirstOrDefault());
foreach (OrderDTO or in orders)
{
if (or != null)
{
db.Orders.Remove(or);
}
}
db.OrderDetails.Remove(det);
}
}
UserDTO user = db.Users.Where(x => x.Id == id).FirstOrDefault();
string u = user.Username;
db.Users.Remove(user);
db.SaveChanges();
TempData["SM"] = "You have removed " + u + " from the website.";
return(RedirectToAction("Index"));
}
}
public ActionResult AddPage(PageVM model)
{
//Check model state
if (!ModelState.IsValid)
{
return(View(model));
}
using (TicketAppDB db = new TicketAppDB())
{
//Declare slug
string slug;
//Init pageDTO
PageDTO dto = new PageDTO();
//DTO title
dto.Title = model.Title;
//Check for and set slug if need be
if (string.IsNullOrWhiteSpace(model.Slug))
{
slug = model.Title.Replace(" ", "-").ToLower();
}
else
{
slug = model.Slug.Replace(" ", "-").ToLower();
}
//Make sure tytle and slug are unique
if (db.Pages.Any(x => x.Title == model.Title) || db.Pages.Any(x => x.Slug == slug))
{
ModelState.AddModelError("", "That title or slug already exists.");
return(View(model));
}
//DTO the rest
dto.Slug = slug;
dto.Body = model.Body;
dto.HasSideBar = model.HasSideBar;
dto.Sorting = 100;
db.Pages.Add(dto);
db.SaveChanges();
}
//Set TempData message
TempData["SM"] = "You have added a new page!";
//Redirect
return(RedirectToAction("AddPage"));
}
// GET: Admin/Pages/DeletePage/id
public ActionResult DeletePage(int id)
{
using (TicketAppDB db = new TicketAppDB())
{
//Get the page
PageDTO dto = db.Pages.Find(id);
//Remove the page
db.Pages.Remove(dto);
//Save
db.SaveChanges();
}
//Redirect
return(RedirectToAction("Index"));
}
public ActionResult EditSidebar(SidebarVM model)
{
using (TicketAppDB db = new TicketAppDB())
{
//Get the DTO
SidebarDTO dto = db.Sidebar.Find(1);
//DTO the body
dto.Body = model.Body;
//Save
db.SaveChanges();
}
//Set TempData message
TempData["SM"] = "You have edited the sidebar!";
//Redirect
return(RedirectToAction("EditSidebar"));
}
// GET: Admin/Shop/DeleteCategory/id
public ActionResult DeleteCategory(int id)
{
string name = "";
using (TicketAppDB db = new TicketAppDB())
{
//Get the page
CategoryDTO dto = db.Categories.Find(id);
name = dto.Name;
//Remove the category
db.Categories.Remove(dto);
//Save
db.SaveChanges();
}
TempData["SM"] = "You have deleted category: '" + name + "'!";
//Redirect
return(RedirectToAction("Categories"));
}
public void ReorderPages(int[] id)
{
using (TicketAppDB db = new TicketAppDB())
{
//Set initial count
int count = 1;
//Declare PageDTO
PageDTO dto;
//Set sorting for each page
foreach (var pageId in id)
{
dto = db.Pages.Find(pageId);
dto.Sorting = count;
db.SaveChanges();
count++;
}
}
}
public void ReorderCategories(int[] id)
{
using (TicketAppDB db = new TicketAppDB())
{
//Set initial count
int count = 1;
//Declare CategoryDTO
CategoryDTO dto;
//Set sorting for each page
foreach (var catId in id)
{
dto = db.Categories.Find(catId);
dto.Sorting = count;
db.SaveChanges();
count++;
}
}
}
public ActionResult DeleteOrder(int id)
{
string order = "";
using (TicketAppDB db = new TicketAppDB())
{
//Get the order, product, and details. Make product available again for sale, delete orders and order details
OrderDetailsDTO orderDetail = db.OrderDetails.Where(x => x.OrderId == id).FirstOrDefault();
OrderDTO anOrder = db.Orders.Where(x => x.OrderId == orderDetail.OrderId).FirstOrDefault();
order = orderDetail.Products.Name;
ProductDTO product = db.Products.Where(x => x.Id == orderDetail.ProductId).FirstOrDefault();
db.OrderDetails.Remove(orderDetail);
db.Orders.Remove(anOrder);
product.IsSold = false;
db.SaveChanges();
}
TempData["SM"] = "You have deleted '" + order + "'!";
return(RedirectToAction("Orders"));
}
// GET: Admin/Shop/DeleteProduct/id
public ActionResult DeleteProduct(int id)
{
// Delete product from DB
using (TicketAppDB db = new TicketAppDB())
{
ProductDTO dto = db.Products.Find(id);
db.Products.Remove(dto);
db.SaveChanges();
}
// Delete product folder
var originalDirectory = new DirectoryInfo(string.Format("{0}Images\\Uploads", Server.MapPath(@"\")));
string pathString = Path.Combine(originalDirectory.ToString(), "Products\\" + id.ToString());
if (Directory.Exists(pathString))
{
Directory.Delete(pathString, true);
}
// Redirect
return(RedirectToAction("Products"));
}
public ActionResult EditProduct(ProductVM model, HttpPostedFileBase uploadPhoto, HttpPostedFileBase uploadPDF, int id)
{
// Get product id
id = model.Id;
// Populate categories select list and gallery images
using (TicketAppDB db = new TicketAppDB())
{
model.Categories = new SelectList(db.Categories.ToList(), "Id", "Name");
}
// Check model state
if (!ModelState.IsValid)
{
return(View(model));
}
// Make sure product name is unique
using (TicketAppDB db = new TicketAppDB())
{
if (db.Products.Where(x => x.Id != id).Any(x => x.Name == model.Name))
{
ModelState.AddModelError("", "That product name is taken!");
return(View(model));
}
}
using (TicketAppDB db = new TicketAppDB())
{
if (uploadPhoto != null && uploadPhoto.ContentLength > 0)
{
var deleteCommand = "DELETE FROM tblPhoto WHERE ProductId = " + id + ";";
DbConnection();
using (SqlCommand cmd = new SqlCommand(deleteCommand, con))
{
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
var photo = new PhotoDTO
{
Name = System.IO.Path.GetFileName(uploadPhoto.FileName),
photoType = photoType.Picture,
ContentType = uploadPhoto.ContentType,
ProductId = id
};
string photoext = Path.GetExtension(photo.Name);
var strings = new List <string> {
".png", ".jpeg", ".gif", ".jpg"
};
bool contains = strings.Contains(photoext, StringComparer.OrdinalIgnoreCase);
if (!contains)
{
model.Categories = new SelectList(db.Categories.ToList(), "Id", "Name");
ModelState.AddModelError("", "That photo was not uploaded - wrong image extension.");
return(View(model));
}
using (var reader2 = new System.IO.BinaryReader(uploadPhoto.InputStream))
{
photo.Data = reader2.ReadBytes(uploadPhoto.ContentLength);
}
model.Photos = new List <PhotoDTO> {
photo
};
db.Photos.Add(photo);
db.SaveChanges();
}
}
using (TicketAppDB db = new TicketAppDB())
{
if (uploadPDF != null && uploadPDF.ContentLength > 0)
{
var deleteCommand = "DELETE FROM tblPdf WHERE ProductId = " + id + ";";
DbConnection();
using (SqlCommand cmd = new SqlCommand(deleteCommand, con))
{
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
var invoice = new PdfDTO
{
Name = System.IO.Path.GetFileName(uploadPDF.FileName),
PdfType = PDFType.Invoice,
ContentType = uploadPDF.ContentType,
ProductId = id
};
string pdfext = Path.GetExtension(invoice.Name);
if (!pdfext.Equals(".pdf", StringComparison.OrdinalIgnoreCase))
{
model.Categories = new SelectList(db.Categories.ToList(), "Id", "Name");
ModelState.AddModelError("", "That pdf was not uploaded - wrong Pdf extension.");
return(View(model));
}
using (var reader = new System.IO.BinaryReader(uploadPDF.InputStream))
{
invoice.Data = reader.ReadBytes(uploadPDF.ContentLength);
}
model.Pdfs = new List <PdfDTO> {
invoice
};
db.Pdfs.Add(invoice);
db.SaveChanges();
}
}
PdfDTO pdfs = new PdfDTO();
PhotoDTO images = new PhotoDTO();
string pdfsName;
string imagesName;
using (TicketAppDB db = new TicketAppDB())
{
pdfs = db.Pdfs.Where(x => x.ProductId == id).FirstOrDefault();
pdfsName = pdfs.Name;
images = db.Photos.Where(x => x.ProductId == id).FirstOrDefault();
imagesName = images.Name;
}
if (uploadPDF != null)
{
pdfsName = uploadPDF.FileName;
}
if (uploadPhoto != null)
{
imagesName = uploadPhoto.FileName;
}
// Update product
string product = "";
using (TicketAppDB db = new TicketAppDB())
{
ProductDTO dto = db.Products.Find(id);
UserDTO user = db.Users.Where(x => x.Username == User.Identity.Name).FirstOrDefault();
dto.Name = model.Name;
product = model.Name;
dto.Slug = model.Name.Replace(" ", "-").ToLower();
dto.Description = model.Description;
dto.ReservationDate = model.ReservationDate;
dto.Verified = model.Verified;
dto.PdfName = pdfsName;
dto.ImageName = imagesName;
dto.Price = model.Price;
dto.CategoryId = model.CategoryId;
dto.UserId = user.Id;
CategoryDTO catDTO = db.Categories.FirstOrDefault(x => x.Id == model.CategoryId);
dto.CategoryName = catDTO.Name;
db.SaveChanges();
}
// Set TempData message
TempData["SM"] = "You have edited " + product + "'!";
// Redirect
return(RedirectToAction("Products", "Shop"));
}
public ActionResult AddProduct(ProductVM model, HttpPostedFileBase uploadPDF, HttpPostedFileBase uploadPhoto)
{
string UserID = User.Identity.Name;
HttpPostedFileBase photobase = uploadPhoto;
HttpPostedFileBase pdfbase = uploadPDF;
//Check model state
if (!ModelState.IsValid)
{
using (TicketAppDB db = new TicketAppDB())
{
model.Categories = new SelectList(db.Categories.ToList(), "Id", "Name");
return(View(model));
}
}
//Make sure product name is unique
using (TicketAppDB db = new TicketAppDB())
{
if (db.Products.Any(x => x.Name == model.Name))
{
model.Categories = new SelectList(db.Categories.ToList(), "Id", "Name");
ModelState.AddModelError("", "That product name is taken!");
return(View(model));
}
}
// Declare product id
int id;
string pdfsName = null;
string imagesName = null;
//Init image name
if (uploadPDF != null)
{
pdfsName = uploadPDF.FileName;
}
if (uploadPhoto != null)
{
imagesName = uploadPhoto.FileName;
}
string name = "";
using (TicketAppDB db = new TicketAppDB())
{
//Init and save product DTO
ProductDTO product = new ProductDTO();
var userId = from p in db.Users
where p.Username == UserID
select p.Id;
product.Name = model.Name;
name = model.Name;
product.Slug = model.Name.Replace(" ", "-").ToLower();
product.Description = model.Description;
product.Price = model.Price;
product.ReservationDate = model.ReservationDate;
product.Verified = model.Verified;
product.PdfName = pdfsName;
product.ImageName = imagesName;
product.CategoryId = model.CategoryId;
CategoryDTO catDTO = db.Categories.FirstOrDefault(x => x.Id == model.CategoryId);
product.CategoryName = catDTO.Name;
product.UserId = userId.First();
product.IsSold = false;
db.Products.Add(product);
db.SaveChanges();
//Get the id
id = product.Id;
}
using (TicketAppDB db = new TicketAppDB())
{
if (uploadPhoto != null && uploadPhoto.ContentLength > 0)
{
var photo = new PhotoDTO
{
Name = System.IO.Path.GetFileName(uploadPhoto.FileName),
photoType = photoType.Picture,
ContentType = uploadPhoto.ContentType,
ProductId = id
};
string photoext = Path.GetExtension(photo.Name);
var strings = new List <string> {
".png", ".jpeg", ".gif", ".jpg"
};
bool contains = strings.Contains(photoext, StringComparer.OrdinalIgnoreCase);
if (!contains)
{
model.Categories = new SelectList(db.Categories.ToList(), "Id", "Name");
ModelState.AddModelError("", "That photo was not uploaded - wrong image extension.");
return(View(model));
}
using (var reader2 = new System.IO.BinaryReader(uploadPhoto.InputStream))
{
photo.Data = reader2.ReadBytes(uploadPhoto.ContentLength);
}
model.Photos = new List <PhotoDTO> {
photo
};
db.Photos.Add(photo);
db.SaveChanges();
}
}
using (TicketAppDB db = new TicketAppDB())
{
if (uploadPDF != null && uploadPDF.ContentLength > 0)
{
var invoice = new PdfDTO
{
Name = System.IO.Path.GetFileName(uploadPDF.FileName),
PdfType = PDFType.Invoice,
ContentType = uploadPDF.ContentType,
ProductId = id
};
string pdfext = Path.GetExtension(invoice.Name);
if (!pdfext.Equals(".pdf", StringComparison.OrdinalIgnoreCase))
{
model.Categories = new SelectList(db.Categories.ToList(), "Id", "Name");
ModelState.AddModelError("", "That pdf was not uploaded - wrong Pdf extension.");
return(View(model));
}
using (var reader = new System.IO.BinaryReader(uploadPDF.InputStream))
{
invoice.Data = reader.ReadBytes(uploadPDF.ContentLength);
}
model.Pdfs = new List <PdfDTO> {
invoice
};
db.Pdfs.Add(invoice);
db.SaveChanges();
}
}
//Set TempData message
TempData["SM"] = "You have added listing: '" + name + "'!";
//Redirect
return(RedirectToAction("AddProduct"));
}
public ActionResult Login(LoginUserVM model)
{
// Check model state
if (!ModelState.IsValid)
{
return(View(model));
}
// Check if the user is valid
bool isValid = false;
using (TicketAppDB db = new TicketAppDB())
{
if (db.Users.Any(x => x.Username.Equals(model.Username) && x.Password.Equals(model.Password)))
{
isValid = true;
}
List <ProductDTO> prodList = db.Products.ToList();
OrderDTO order = new OrderDTO();
if (prodList != null)
{
foreach (ProductDTO prod in prodList)
{
if (prod.ReservationDate < DateTime.Now.Date.AddDays(-1))
{
OrderDetailsDTO detail = db.OrderDetails.Where(x => x.ProductId == prod.Id).FirstOrDefault();
if (detail != null)
{
order = db.Orders.Where(x => x.OrderId == detail.OrderId).FirstOrDefault();
db.Orders.Remove(order);
db.OrderDetails.Remove(detail);
}
PhotoDTO photo = db.Photos.Where(x => x.ProductId == prod.Id).FirstOrDefault();
PdfDTO pdf = db.Pdfs.Where(x => x.ProductId == prod.Id).FirstOrDefault();
if (photo != null)
{
db.Pdfs.Remove(pdf);
db.Photos.Remove(photo);
}
db.Products.Remove(prod);
db.SaveChanges();
}
}
}
}
if (!isValid)
{
ModelState.AddModelError("", "Invalid username or password.");
return(View(model));
}
else
{
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
return(Redirect(FormsAuthentication.GetRedirectUrl(model.Username, model.RememberMe)));
}
}