public ActionResult ViewDetails(int?id) { registered_users u = db.registered_users.Find(id); if (u == null) { return(HttpNotFound()); } string CS = "Data Source=HP\\SQLEXPRESS; Initial Catalog = mydatabase; Integrated Security=True"; SqlConnection con = new SqlConnection(CS); SqlCommand cmd = new SqlCommand("SELECT Image FROM registered_users WHERE Email='" + u.Email + "'", con); con.Open(); //cmd.Parameters.AddWithValue("Email", Session["email"].ToString()); SqlDataReader sdr = cmd.ExecuteReader(); if (sdr.Read()) { string s = sdr["Image"].ToString(); ViewData["Img"] = s; } con.Close(); return(View()); }
public ActionResult UserDetails(int?id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } request table_2 = db.requests.Find(id); registered_users r = db.registered_users.Where(x => x.Username == table_2.sender).FirstOrDefault(); if (r == null) { return(HttpNotFound()); } string CS = "Data Source=HP\\SQLEXPRESS; Initial Catalog = mydatabase; Integrated Security=True"; SqlConnection con = new SqlConnection(CS); SqlCommand cmd = new SqlCommand("SELECT Image FROM registered_users WHERE Email='" + r.Email + "'", con); con.Open(); //cmd.Parameters.AddWithValue("Email", Session["email"].ToString()); SqlDataReader sdr = cmd.ExecuteReader(); if (sdr.Read()) { string s = sdr["Image"].ToString(); ViewData["Img"] = s; } con.Close(); return(View(r)); }
public ActionResult Allow(int id) { user table_2 = db.users.Find(id); registered_users rguser = new registered_users { UserID = table_2.UserID, Fullname = table_2.Fullname, Image = table_2.Image, Account_no = table_2.Account_no, Adress = table_2.Adress, Age = table_2.Age, Cast = table_2.Cast, City = table_2.City, CNIC = table_2.CNIC, Contact_no = table_2.Contact_no, Email = table_2.Email, Gender = table_2.Gender, Password = table_2.Password, Profession = table_2.Profession, Religion = table_2.Religion, Salary = table_2.Salary, Username = table_2.Username }; db.registered_users.Add(rguser); db.users.Remove(table_2); db.SaveChanges(); return(RedirectToAction("requests")); }
public ActionResult SendRequest(int?id) { request r = new request(); string displayimg = Session["email"].ToString(); string CS = "Data Source=HP\\SQLEXPRESS; Initial Catalog = mydatabase; Integrated Security=True"; SqlConnection con = new SqlConnection(CS); SqlCommand cmd = new SqlCommand("SELECT Username FROM registered_users WHERE Email='" + displayimg + "'", con); con.Open(); cmd.Parameters.AddWithValue("Email", Session["email"].ToString()); SqlDataReader sdr = cmd.ExecuteReader(); if (sdr.Read()) { r.sender = sdr["Username"].ToString(); } if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } registered_users s = db.registered_users.Find(id); if (s == null) { return(HttpNotFound()); } r.receiver = s.Username; db.requests.Add(r); db.SaveChanges(); con.Close(); return(View()); }