public IActionResult OnPostRegistration(string login, string name, string surname, string email, string password) { RegistrationViewModel = new RegistrationViewModel() { Email = email, Login = login, Name = name, Surname = surname }; //Validate email, login, name, surname, password, etc. if (DAOFactory.Contains(string.Format("SELECT COUNT(*) FROM users WHERE email = '{0}'", email))) { RegistrationViewModel.IsEmailUnavailable = true; } if (DAOFactory.Contains(string.Format("SELECT COUNT(*) FROM users WHERE nickname = '{0}'", login))) { RegistrationViewModel.IsLoginUnavailable = true; } if (RegistrationViewModel.IsErrors || RegistrationViewModel.IsEmailUnavailable || RegistrationViewModel.IsLoginUnavailable) { return(Page()); } //If registration went successfully - //add user to db, authorize him and redirect to main page var id = RegisterUser(login, name, surname, email, password); _authService.AuthenticateUser(login, id); return(Redirect(Url.Content("~/"))); }
public IActionResult OnPost( int id, string nickname, string name, string surname, string email) { var user = UserDAO.GetUserById(id); if (_authService.IsAuthenticated && _authService.Id == id) { var loginUnavailable = false; //Логин(никнейм) занят var emailUnavailable = false; //Email занят var isErrors = false; //Ошибки в данных(например не тот формат email и т.д) if (email != user.Email && DAOFactory.Contains(string.Format("SELECT COUNT(*) FROM users WHERE email = '{0}'", email))) { emailUnavailable = true; } if (nickname != user.NickName && DAOFactory.Contains(string.Format("SELECT COUNT(*) FROM users WHERE nickname = '{0}'", nickname))) { loginUnavailable = true; } //Validate input, if errors - set isErrors = true ViewData["login_unavailable"] = loginUnavailable; ViewData["email_unavailable"] = emailUnavailable; ViewData["validation_errors"] = isErrors; //Если есть ошибки, возвращаем на страницу редактирования if (loginUnavailable || emailUnavailable || isErrors) { UserViewModel = user; return(Page()); } DAOFactory.AddData(string.Format("UPDATE users SET nickname = '{0}', name = '{1}', surname = '{2}', email = '{3}' WHERE id = {4}", nickname, name, surname, email, id)); user.Name = name; user.Surname = surname; user.Email = email; user.NickName = nickname; _authService.Name = nickname; //обновить аутентификационные cookie _authService.Logout(); _authService.AuthenticateUser(nickname, id); } //Если все прошло хорошо или //пользователь не авторизован или id принадлежит не ему, //то кидаем на страницу о пользователе return(Redirect(Url.Content($"~/user/{id}"))); }
public async Task <IActionResult> OnPost(int id) { if (!_authService.IsAuthenticated) { return(BadRequest()); //Status code 400 } //Данные приходят как массив индексов мест в формате json var json = ""; using (var reader = new StreamReader(Request.Body, Encoding.UTF8)) { json = await reader.ReadToEndAsync(); } dynamic result = JsonConvert.DeserializeObject(json); var bookedSeats = new List <Tuple <int, int> >(); //Кэшируем места, которые хочет забронировать пользователь и проверяем //Не занято ли оно уже foreach (var index in result) { int row = index["row"]; int seat = index["seat"]; if (DAOFactory.Contains(string.Format("SELECT row = {0} AND place = {1} AND id_schedule = {2} FROM tickets", row, seat, id))) { return(BadRequest()); //Status code 400 } bookedSeats.Add(new Tuple <int, int>(row, seat)); } foreach (var pair in bookedSeats) { DAOFactory.AddData(string.Format("INSERT INTO tickets(row, place, id_schedule, id_user, code) VALUES " + "({0}, {1},{2},{3},{4})", pair.Item1, pair.Item2, id, _authService.Id, GenerateCode())); } return(new OkResult()); }