public IActionResult Index(Customer cc) { try { var usr = _dbc.Customer.FromSqlRaw($"SELECT * FROM customer WHERE Username = '******' "); var email = _dbc.Customer.FromSqlRaw($"SELECT * FROM customer WHERE Uemail = '{cc.Uemail}' "); if (usr.FirstOrDefault() != null) { ViewBag.message = "The username " + cc.Username + " already exists!"; } else if (email.FirstOrDefault() != null) { ViewBag.message = "The email " + cc.Uemail + " already exists!"; } else { cc.Active = "1"; cc.Pwd = Encipher(cc.Pwd, 3); cc.enabled = false; _dbc.Add(cc); _dbc.SaveChanges(); ViewBag.message = "The User " + cc.Username + " Is Saved Successfully!"; } return(View()); } catch (Exception sqlerror) { ViewBag.message = sqlerror; } return(View()); }
public IActionResult Create(Report r) { _dbc.Add(r); _dbc.SaveChanges(); return(Redirect("/Home")); }
public async Task <IActionResult> CreateFeed() { string content = string.Empty; using (Stream receiveStream = HttpContext.Request.Body) { using (StreamReader reader = new StreamReader(receiveStream)) { content = reader.ReadToEnd(); } } var entry = JsonConvert.DeserializeObject <Customer>(content, new JsonSerializerSettings { TypeNameHandling = TypeNameHandling.Auto // A6 - Insecure Deserialization - You should instead use TypeNameHandling.None }); _context.Add(entry); await _context.SaveChangesAsync(); return(Ok()); }
public IActionResult AddToCart(int id) { if (HttpContext.Request.Cookies["user_id"] != null) { var currentUserId = Int32.Parse(HttpContext.Request.Cookies["user_id"]); var cart = _db.Cart.Where(x => x.UserId.Equals(currentUserId)).FirstOrDefault(); if (cart == null) { var cartEntry = new Cart { UserId = currentUserId }; _db.Add(cartEntry); _db.SaveChanges(); var cartNew = _db.Cart.Where(x => x.UserId.Equals(currentUserId)).FirstOrDefault(); var cartItemNew = _db.CartItem.Where(x => x.ProductId.Equals(id) && x.ShoppingCartId.Equals(cartEntry.CartId)).FirstOrDefault(); var items = GetProductById($"{id}"); if (cartItemNew == null) { var cartItemEntry = new CartItem { ProductId = id, Quantity = 1, ShoppingCartId = cartNew.CartId, ProductPrice = items.Price, ProductTitle = items.Title }; _db.Add(cartItemEntry); _db.SaveChanges(); } else { _db.CartItem.Update(new CartItem { Id = cartItemNew.Id, ProductId = cartItemNew.ProductId, Quantity = cartItemNew.Quantity + 1, ShoppingCartId = cartItemNew.ShoppingCartId, ProductPrice = cartItemNew.ProductPrice, ProductTitle = cartItemNew.ProductTitle }); _db.SaveChanges(); } } else { var cartEntry = _db.Cart.Where(x => x.UserId.Equals(currentUserId)).FirstOrDefault(); var cartItemNew = _db.CartItem.Where(x => x.ProductId.Equals(id) && x.ShoppingCartId.Equals(cartEntry.CartId)).FirstOrDefault(); var items = GetProductById($"{id}"); if (cartItemNew == null) { var cartItemEntry = new CartItem { ProductId = id, Quantity = 1, ShoppingCartId = cartEntry.CartId, ProductPrice = items.Price, ProductTitle = items.Title }; _db.Add(cartItemEntry); _db.SaveChanges(); } else { //_db.CartItem.Update(new CartItem { Id = cartItemNew.Id, ProductId = cartItemNew.ProductId, Quantity = cartItemNew.Quantity + 1, ShoppingCartId = cartItemNew.ShoppingCartId }); cartItemNew.Quantity += 1; _db.SaveChanges(); } } return(RedirectToAction("Index", "Shop")); } else { TempData["ErrorMessage"] = "Please login to add to cart!"; return(RedirectToAction("Login", "Account")); } }