protected void Page_Load(object sender, EventArgs e)
{
// Check if user is admin
try
{
if (!auth.IsAdmin(Session["role"].ToString()))
{
Page.ClientScript.RegisterClientScriptBlock(GetType(), "alert", "alert('You do not have permission to use this function. Please login to continue');document.location.href='Login.aspx';", true);
}
}
catch (Exception)
{
Page.ClientScript.RegisterClientScriptBlock(GetType(), "alert", "alert('You do not have permission to use this function. Please login to continue');document.location.href='Login.aspx';", true);
}
// Check validate QueryString ID
try
{
// ReSharper disable ReturnValueOfPureMethodIsNotUsed
int.Parse(Request.QueryString["ID"]);
// ReSharper restore ReturnValueOfPureMethodIsNotUsed
}
catch (Exception)
{
Page.ClientScript.RegisterClientScriptBlock(GetType(), "alert", "alert('Invalid Account ID');document.location.href='Accounts.aspx';", true);
return;
}
if (!IsPostBack)
{
DataSet ds = account.FetchAccount(int.Parse(Request.QueryString["ID"].ToString()));
lblAccountId.Text = ds.Tables[0].Rows[0]["accountID"].ToString();
lblUsername.Text = ds.Tables[0].Rows[0]["username"].ToString();
lblRole.Text = ds.Tables[0].Rows[0]["role"].ToString();
// Check self delete account
if (ds.Tables[0].Rows[0]["username"].ToString() == Session["username"].ToString())
{
Page.ClientScript.RegisterClientScriptBlock(GetType(), "alert", "alert('You cannot delete your account');document.location.href='Accounts.aspx';", true);
}
}
}
/// <summary>
/// Load Account detail into field
/// </summary>
/// <remarks></remarks>
protected void LoadAccountDetail()
{
int accountId = int.Parse(Request.QueryString["ID"].ToString());
DataSet ds = _account.FetchAccount(accountId);
txtAccountID.Text = ds.Tables[0].Rows[0]["accountID"].ToString();
txtUsername.Text = ds.Tables[0].Rows[0]["username"].ToString();
string role = ds.Tables[0].Rows[0]["role"].ToString();
if (role == "admin")
{
roleRadio.SelectedValue = "admin";
}
else if (role == "staff")
{
roleRadio.SelectedValue = "staff";
}
}