Example #1
0
        public static void AddStaff(Staff staff)
        {
            SqlConnection con = DBUtils.getDBConnection();
            con.Open();

            string passwdHash = StringUtils.GetMD5Hash(StringUtils.Reverse(staff.Password));
            SqlCommand command = new SqlCommand("insert into Users (username, password, role, account_act_date, name, state) values ('"
                + staff.StaffUserName + "', '" + passwdHash + "', 'staff','" +
                DateTime.Today + "', '" + staff.StaffName + "', 'Active');", con);
            command.ExecuteNonQuery();

            int publish = (staff.RightToPublish ? 1 : 0);
            int post = (staff.RightToPost ? 1 : 0);
            int schedule = (staff.RightToSchedule ? 1 : 0);

            command = new SqlCommand("insert into Staff (staff_id, right_to_schedule, right_to_publish, right_to_post)"
            + " values (" + AccountDAL.getCandidateId(con, staff.StaffUserName) + "," + schedule + "," + publish + "," + post + ")", con);

            command.ExecuteNonQuery();
            con.Close();
        }
Example #2
0
        public static List<Staff> GetStaffDetails()
        {
            SqlConnection con = DBUtils.getDBConnection();
            con.Open();

            SqlCommand command = new SqlCommand("SELECT staff_id, right_to_post, right_to_schedule, right_to_publish, users.name" +
                " FROM dbo.Staff staff inner join dbo.Users users on users.user_id = staff.staff_id;", con);
            SqlDataReader reader = command.ExecuteReader();

            List<Staff> staffs = new List<Staff>();
            while(reader.Read())
            {
                Staff staff = new Staff();

                staff.StaffId = reader.GetInt32(0);
                if (Convert.ToBoolean(reader[1]))
                    staff.RightToPost = true;
                else
                    staff.RightToPost = false;

                if (Convert.ToBoolean(reader[2]))
                    staff.RightToSchedule = true;
                else
                    staff.RightToSchedule = false;

                if (Convert.ToBoolean(reader[3]))
                    staff.RightToPublish = true;
                else
                    staff.RightToPublish = false;

                staff.StaffName = reader.GetString(4);

                staffs.Add(staff);
            }

            reader.Close();
            return staffs;
        }
Example #3
0
        public static void UpdateStaffResponsibilities(Staff staff)
        {
            SqlConnection con = DBUtils.getDBConnection();
            con.Open();

            int post = (staff.RightToPost ? 1 : 0);
            int publish = (staff.RightToPublish ? 1 : 0);
            int schedule = (staff.RightToSchedule ? 1 : 0);

            SqlCommand command = new SqlCommand("update dbo.Staff set right_to_post = " + post +
                " , right_to_publish = " + publish + " , right_to_schedule = " + schedule + " where staff_id = " + staff.StaffId, con);
            command.ExecuteNonQuery();

            con.Close();
        }
Example #4
0
 public string UpdateStaffResponsibilities(Staff staff)
 {
     AdminDAL.UpdateStaffResponsibilities(staff);
     return "";
 }
Example #5
0
        public ActionResult AppointStaff(Staff staff)
        {
            if (!Navigator.IsUserLoggedIn(Session))
            {
                @ViewBag.Message = "Sorry! You need to login to view this page.";
                return View("Message");
                //return RedirectToAction("Login", "Account");
            }
            else if (!Navigator.UserRoleValidation(Session, "manager"))
            {
                @ViewBag.Message = "Access Denied !   You are not allowed to visit this page.";
                return View("Message");
                //return RedirectToAction("Login", "Account");
            }
            AdminDAL.AddStaff(staff);

            ViewBag.Message = "Staff has been appointed successfully";
            return View("Message");
        }