public JsonResult _Register(RegisterModel model)
{
//for testing
if (model.UserName == "fail")
{
return Json(JsonResponseFactory.ErrorResponse("You told me to fail."), JsonRequestBehavior.DenyGet);
}
else
{
return Json(JsonResponseFactory.SuccessResponse(), JsonRequestBehavior.DenyGet);
}
}
public JsonResult _Register(RegisterModel registerModel)
{
if (ModelState.IsValid)
{
var conn =
new SqlConnection(
"Data Source = (LocalDB)\\MSSQLLocalDB; AttachDbFilename = |DataDirectory|PersonalAdressBookDatabase.mdf; MultipleActiveResultSets = True; Integrated Security = True; Connect Timeout = 30");
var cmd = new SqlCommand("SELECT * FROM [Users] WHERE [Login] = @l ") {Connection = conn};
cmd.Parameters.Add(new SqlParameter("@l", SqlDbType.NVarChar)).Value = registerModel.Login;
conn.Open();
var reader = cmd.ExecuteReader();
if (reader.HasRows)
{
conn.Close();
return Json(JsonResponseFactory.ErrorResponse("Wybrana nazwa użytkownika jest już zajęta."),
JsonRequestBehavior.DenyGet);
}
else
{
var addCmd =
new SqlCommand(
"INSERT INTO [Users] ([Login], [Password], [LoginAttempts], [SecretQuestion], [SecretAnswer]) VALUES (@login, @password, @attempts, @question, @answer)")
{
Connection = conn
};
addCmd.Parameters.Clear();
addCmd.Parameters.Add(new SqlParameter("@login", SqlDbType.NVarChar)).Value = registerModel.Login;
addCmd.Parameters.Add(new SqlParameter("@password", SqlDbType.NVarChar)).Value =
registerModel.Password;
addCmd.Parameters.Add(new SqlParameter("@attempts", SqlDbType.Int)).Value = 0;
addCmd.Parameters.Add(new SqlParameter("@question", SqlDbType.NVarChar)).Value =
registerModel.SecretQuestion;
addCmd.Parameters.Add(new SqlParameter("@answer", SqlDbType.NVarChar)).Value =
registerModel.SecretAnswer;
addCmd.ExecuteNonQuery();
conn.Close();
return Json(JsonResponseFactory.ErrorResponse("Rejestracja zakończona sukcesem."),
JsonRequestBehavior.DenyGet);
}
}
else
{
return Json(JsonResponseFactory.ErrorResponse(""), JsonRequestBehavior.DenyGet);
}
}
