public ActionResult ViewDetails(int?id)
{
registered_users u = db.registered_users.Find(id);
if (u == null)
{
return(HttpNotFound());
}
string CS = "Data Source=HP\\SQLEXPRESS; Initial Catalog = mydatabase; Integrated Security=True";
SqlConnection con = new SqlConnection(CS);
SqlCommand cmd = new SqlCommand("SELECT Image FROM registered_users WHERE Email='" + u.Email + "'", con);
con.Open();
//cmd.Parameters.AddWithValue("Email", Session["email"].ToString());
SqlDataReader sdr = cmd.ExecuteReader();
if (sdr.Read())
{
string s = sdr["Image"].ToString();
ViewData["Img"] = s;
}
con.Close();
return(View());
}
public ActionResult UserDetails(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
request table_2 = db.requests.Find(id);
registered_users r = db.registered_users.Where(x => x.Username == table_2.sender).FirstOrDefault();
if (r == null)
{
return(HttpNotFound());
}
string CS = "Data Source=HP\\SQLEXPRESS; Initial Catalog = mydatabase; Integrated Security=True";
SqlConnection con = new SqlConnection(CS);
SqlCommand cmd = new SqlCommand("SELECT Image FROM registered_users WHERE Email='" + r.Email + "'", con);
con.Open();
//cmd.Parameters.AddWithValue("Email", Session["email"].ToString());
SqlDataReader sdr = cmd.ExecuteReader();
if (sdr.Read())
{
string s = sdr["Image"].ToString();
ViewData["Img"] = s;
}
con.Close();
return(View(r));
}
public ActionResult Allow(int id)
{
user table_2 = db.users.Find(id);
registered_users rguser = new registered_users
{
UserID = table_2.UserID,
Fullname = table_2.Fullname,
Image = table_2.Image,
Account_no = table_2.Account_no,
Adress = table_2.Adress,
Age = table_2.Age,
Cast = table_2.Cast,
City = table_2.City,
CNIC = table_2.CNIC,
Contact_no = table_2.Contact_no,
Email = table_2.Email,
Gender = table_2.Gender,
Password = table_2.Password,
Profession = table_2.Profession,
Religion = table_2.Religion,
Salary = table_2.Salary,
Username = table_2.Username
};
db.registered_users.Add(rguser);
db.users.Remove(table_2);
db.SaveChanges();
return(RedirectToAction("requests"));
}
public ActionResult SendRequest(int?id)
{
request r = new request();
string displayimg = Session["email"].ToString();
string CS = "Data Source=HP\\SQLEXPRESS; Initial Catalog = mydatabase; Integrated Security=True";
SqlConnection con = new SqlConnection(CS);
SqlCommand cmd = new SqlCommand("SELECT Username FROM registered_users WHERE Email='" + displayimg + "'", con);
con.Open();
cmd.Parameters.AddWithValue("Email", Session["email"].ToString());
SqlDataReader sdr = cmd.ExecuteReader();
if (sdr.Read())
{
r.sender = sdr["Username"].ToString();
}
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
registered_users s = db.registered_users.Find(id);
if (s == null)
{
return(HttpNotFound());
}
r.receiver = s.Username;
db.requests.Add(r);
db.SaveChanges();
con.Close();
return(View());
}
