public ActionResult Login(string email, string password)
{
if (Utl.IsLoggedIn(Session))
{
return(RedirectToAction("Index", "Home"));
}
Account account = db.Accounts.FirstOrDefault(a => a.Email == email && a.Password == password);
if (account == null)
{
return(View(new List <string> {
"The email and password you entered are incorrect. Please try again."
}));
}
var accountOrders = db.Orders.Include(o => o.Product).Include(o => o.Account)
.Where(a => a.AccountID == account.AccountID).ToList();
Session["accountID"] = account.AccountID;
Session["cart"] = Utl.CreateCart(Session, accountOrders);
Session.Timeout = 60;
return(RedirectToAction("Index", "Home"));
}
// GET: Accounts/Details/5
public ActionResult Details(int?id)
{
if (!Utl.IsLoggedIn(Session) ||
(!Utl.IsAdmin(Session) && id != null && id != (int)Session["accountID"]))
{
return(RedirectToAction("Index", "Home"));
}
if (id == null)
{
id = (int)Session["accountID"];
}
Account account = db.Accounts.Find(id);
if (account == null)
{
return(HttpNotFound());
}
account.OrdersHistory = db.OrdersHistories.Where(o => o.AccountID == id).OrderBy(oh => oh.OrderNumber).ToList();
account.OrdersHistory.ForEach(o => o.Product = db.Products.Find(o.ProductID));
return(View(account));
}
/********
*
* Logout
*
* ********/
// GET: Accounts/Logout
public ActionResult LogOut()
{
if (Utl.IsLoggedIn(Session))
{
Session["accountID"] = null;
Session["cart"] = null;
Session.Clear();
Session.Abandon();
}
return(RedirectToAction("Index", "Home"));
}
public ActionResult Register([Bind(Include = "AccountID,IsModerator,Email,Password,Address,PhoneNumber")] Account account)
{
if (Utl.IsLoggedIn(Session))
{
return(RedirectToAction("Index", "Home"));
}
List <object> errorMessages = accountDetailsValidation(account.Email, account.Password, account.Address, account.PhoneNumber);
if (errorMessages.Count > 0)
{
return(Json(errorMessages));
}
CreateAccount(account);
return(Login(account.Email, account.Password));
}
public ActionResult SubmitOrder()
{
if (!Utl.IsLoggedIn(Session))
{
return(RedirectToAction("Index", "Home"));
}
int accountID = (int)Session["accountID"];
Account account = db.Accounts.FirstOrDefault(a => a.AccountID == accountID);
if (account == null)
{
return(RedirectToAction("Index", "Home"));
}
var order = db.Orders.Include(o => o.Product).Include(o => o.Account).Where(o => o.AccountID == account.AccountID).ToList();
if (order == null || order.Count == 0)
{
return(RedirectToAction("Index", "Home"));
}
int orderNumber = 1;
if (db.OrdersHistories.Count() > 0)
{
orderNumber += db.OrdersHistories.Max(o => o.OrderNumber);
}
foreach (Order item in order)
{
db.Products.Find(item.ProductID).PopularityRate += item.Amount;
archiveItemFromOrder(item, orderNumber);
}
db.SaveChanges();
Session["cart"] = null;
return(RedirectToAction("Details", "Accounts", new { id = (int)Session["accountID"] }));
}
// GET: Accounts/Edit/5
public ActionResult Edit(int?id)
{
if (!Utl.IsLoggedIn(Session) || ((!Utl.IsAdmin(Session) && id != null && id != (int)Session["accountID"])))
{
return(RedirectToAction("Index", "Home"));
}
if (id == null)
{
id = (int)Session["accountID"];
}
Account account = db.Accounts.Find(id);
if (account == null)
{
return(HttpNotFound());
}
return(View(account));
}
// GET: Products/Details/5
public ActionResult Details(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
Product product = db.Products.Find(id);
if (product == null)
{
return(HttpNotFound());
}
int?accountID = Utl.IsLoggedIn(Session) ? (int)Session["accountID"] : -1;
var prefs = Utl.Preferences(accountID, (int)id);
ViewBag.Preferences = Utl.PopulateProducts(prefs);
ViewBag.CategoryName = db.Categories.Where(c => c.CategoryID == product.CategoryID).ToList()[0].Name;
return(View(product));
}
public ActionResult Edit([Bind(Include = "AccountID,IsModerator,Email,Password,Address,PhoneNumber")] Account account)
{
if (!Utl.IsLoggedIn(Session) || (!Utl.IsAdmin(Session) && (int)Session["accountID"] != account.AccountID))
{
return(RedirectToAction("Index", "Home"));
}
bool isEmailInDB = db.Accounts.Any(a => a.Email == account.Email && a.AccountID != account.AccountID);
if (!ModelState.IsValid || isEmailInDB)
{
if (isEmailInDB)
{
ViewBag.isEmailInDB = isEmailInDB;
}
return(View(account));
}
db.Entry(account).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Details", "Accounts", new { id = account.AccountID }));
}
private bool isAbleToChangeOrder(int accountID)
{
return(Utl.IsLoggedIn(Session) && (Utl.IsAdmin(Session) || accountID == (int)Session["accountID"]));
}
