public ActionResult CheckSecurityAnswer(ASFUser user) { Dictionary<string, object> dict = new Dictionary<string, object>(); try { dict["success"] = service.CheckSecurityAnswer(user.Username, user.Member.SecurityAnswer); } catch { dict["success"] = false; } return Json(dict); }
public PatientInformation() { _student = new ASFUser(); _clinician = new ASFUser(); _procedure = new DropdownValue(); _temperament = new DropdownValue(); _preOperationPainAssessment = new DropdownValue(); _postOperationPainAssessment = new DropdownValue(); _ageInMonths = -1; _ageInYears = -1; _cageOrStallNumber = -1; _dateSeenOn = DateTime.Now; }
public bool ChangePassword(ASFUser user, string oldpassword, string newPassword) { if (service.CheckPassword(user.Username, oldpassword)) { user.Member.Password = newPassword; user.Member.Username = user.Username; service.UpdateMembershipPassword(user.Member); return true; } else { return false; } }
public ActionResult ChangeForgottenPassword(ASFUser user) { Dictionary<string, object> dict = new Dictionary<string, object>(); try { user.Member.Password = PasswordHash.CreateHash(user.Member.Password); service.ChangeForgottenPassword(user); dict["success"] = true; } catch { dict["success"] = false; } return Json(dict); }
public ActionResult ChangePassword(ASFUser user) { Dictionary<string, object> dict = new Dictionary<string, object>(); try { user.Member.Password = PasswordHash.CreateHash(user.Member.Password); if (service.ChangePassword(user, user.Member.OldPassword, user.Member.Password)) { dict["success"] = true; } else { dict["success"] = false; } } catch { dict["success"] = false; } return Json(dict); }
public ActionResult PromoteUser(ASFUser user) { Dictionary<string, object> dict = new Dictionary<string, object>(); try { service.Promote(user); dict["success"] = true; } catch { dict["success"] = false; } return Json(dict); }
public ActionResult GetUserForms(ASFUser user) { Dictionary<string, object> dict = new Dictionary<string, object>(); try { dict["Forms"] = service.GetForms(user); dict["success"] = true; } catch { dict["success"] = false; } return Json(dict); }
public ActionResult GetSecurityQuestion(ASFUser user) { Dictionary<string, object> dict = new Dictionary<string, object>(); try { dict["securityQuestion"] = service.GetSecurityQuestion(user.Username); dict["success"] = true; } catch { dict["success"] = false; } return Json(dict); }
public List<Patient> GetForms(ASFUser user) { return service.GetForms(user); }
public bool CreateASFUser(ASFUser user) { service.CreateMembership(user.Member); return service.CreateASFUser(user); }
public void Demote(ASFUser user) { service.Demote(user); }
public int Promote(ASFUser user) { int returnNum = 0; using (SqlConnection conn = new SqlConnection(connString)) { string sql = @"UPDATE dbo.ASF_User SET IsAdmin = @IsAdmin WHERE Username = @Username"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.Add("@Username", SqlDbType.NVarChar).Value = user.Username; cmd.Parameters.Add("@IsAdmin", SqlDbType.Bit).Value = 1; try { conn.Open(); returnNum = cmd.ExecuteNonQuery(); } catch (Exception e) { throw e; } finally { conn.Close(); } } return returnNum; }
public void SaveASFUser(ASFUser user) { service.UpdateASFUser(user); }
public void ChangeForgottenPassword(ASFUser user) { service.UpdateForgottenPassword(user.Username, user.Member.Password); }
public void Promote(ASFUser user) { service.Promote(user); }
public bool CreateASFUser(ASFUser user) { bool val = false; using (SqlConnection conn = new SqlConnection(connString)) { string sql = @"INSERT INTO dbo.ASF_User ( Username, FullName, Email, IsAdmin ) VALUES ( @Username, @FullName, @Email, @IsAdmin )"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.Add("@Username", SqlDbType.NVarChar).Value = user.Username; if (user.FullName == null) cmd.Parameters.Add("@FullName", SqlDbType.NVarChar).Value = DBNull.Value; else cmd.Parameters.Add("@FullName", SqlDbType.NVarChar).Value = user.FullName; if (user.EmailAddress == null) cmd.Parameters.Add("@Email", SqlDbType.NVarChar).Value = DBNull.Value; else cmd.Parameters.Add("@Email", SqlDbType.NVarChar).Value = user.EmailAddress; cmd.Parameters.Add("@IsAdmin", SqlDbType.Bit).Value = 0; try { conn.Open(); if (cmd.ExecuteNonQuery() > 0) val = true; } catch (Exception e) { throw e; } finally { conn.Close(); } } return val; }
public void UpdateASFUser(ASFUser user) { using (SqlConnection conn = new SqlConnection(connString)) { string sql = @"UPDATE dbo.ASF_User SET FullName = @FullName, Email = @Email WHERE Username = @Username"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.Add("@Username", SqlDbType.NVarChar).Value = user.Username; if (user.FullName == null) cmd.Parameters.Add("@FullName", SqlDbType.NVarChar).Value = DBNull.Value; else cmd.Parameters.Add("@FullName", SqlDbType.NVarChar).Value = user.FullName; if (user.EmailAddress == null) cmd.Parameters.Add("@Email", SqlDbType.NVarChar).Value = DBNull.Value; else cmd.Parameters.Add("@Email", SqlDbType.NVarChar).Value = user.EmailAddress; try { conn.Open(); cmd.ExecuteNonQuery(); } catch (Exception e) { throw e; } finally { conn.Close(); } } }
public ActionResult RegisterUser(ASFUser user) { Dictionary<string, object> dict = new Dictionary<string, object>(); try { user.Member.Password = PasswordHash.CreateHash(user.Member.Password); dict["success"] = service.CreateASFUser(user); } catch { dict["success"] = false; } return Json(dict); }
public List<Patient> GetPatientWithUserId(ASFUser user) { List<Patient> pats = new List<Patient>(); using (SqlConnection conn = new SqlConnection(connString)) { string sql = @"SELECT PatientId FROM dbo.Patient WHERE StudentId = @StudentId"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.Add("@StudentId", SqlDbType.NVarChar).Value = user.Username; try { conn.Open(); SqlDataReader read = cmd.ExecuteReader(); while (read.Read()) { Patient pat = new Patient(); pat.PatientId = Convert.ToInt32(read["PatientId"].ToString()); pats.Add(pat); } } catch (Exception e) { throw e; } finally { conn.Close(); } } return pats; }
public void DeleteASFUser(ASFUser user) { using (SqlConnection conn = new SqlConnection(connString)) { string sql = @"DELETE FROM dbo.ASF_User WHERE Username = @Username"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.Add("@Username", SqlDbType.NVarChar).Value = user.Username; try { conn.Open(); cmd.ExecuteNonQuery(); } catch (Exception e) { throw e; } finally { conn.Close(); } } }
public ASFUser GetUser(MembershipInfo user) { ASFUser singleUser = new ASFUser(); using (SqlConnection conn = new SqlConnection(connString)) { // If user has correct password, then select user database string sql = BuildASFUserSQL() + ", b.Password "; string fromUser = @"FROM dbo.ASF_User AS a INNER JOIN dbo.aspnet_Membership as b ON a.Username = b.Username "; string whereUser = @"WHERE a.Username = @Username"; sql = sql + fromUser + whereUser; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.Add("@Username", SqlDbType.NVarChar).Value = user.Username; try { conn.Open(); SqlDataReader read = cmd.ExecuteReader(); while (read.Read()) { singleUser = new ASFUserCallback().ProcessRow(read); singleUser.Member.Password = read["Password"].ToString() ; } } catch (Exception e) { throw e; } finally { conn.Close(); } } return singleUser; }
public void DeleteASFUser(ASFUser user) { List<Patient> pats = service.GetPatientWithUserId(user); foreach (Patient pat in pats) { DeletePatient(pat); } user.Member.Username = user.Username; service.DeleteASFUser(user); service.DeleteASPNetMembership(user.Member); }
public ASFUser DoLogin(MembershipInfo user) { ASFUser singleUser = new ASFUser(); using (SqlConnection conn = new SqlConnection(connString)) { // If user has correct password, then select user database string sql = BuildASFUserSQL(); string sqlMember = @"SELECT a.UserId FROM dbo.aspnet_Membership as b WHERE b.Username = @Username AND b.Password = @Password"; string fromUser = @"FROM dbo.ASF_User AS a"; string whereUser = @" WHERE a.UserId = (" + sqlMember + ")"; sql = sql + fromUser + whereUser; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.Add("@Username", SqlDbType.Int).Value = user.Username; cmd.Parameters.Add("@Password", SqlDbType.Int).Value = user.Password; try { conn.Open(); SqlDataReader read = cmd.ExecuteReader(); while (read.Read()) { singleUser = new ASFUserCallback().ProcessRow(read); } } catch (Exception e) { throw e; } finally { conn.Close(); } } return singleUser; }