Esempio n. 1
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!Request.IsSecureConnection)
            {
                string url = ConfigurationManager.AppSettings["SecurePath"] + "orders.aspx";
                Response.Redirect(url);
            }
            if (Session["User"] == null)
            {
                Response.Redirect("login.aspx");
            }

            // get session
            BL.User usrSession = (BL.User)Session["User"];

            try
            {
                DataTable dtbInvoices = BL.BLAccountInvoices.dtbSelectInvoices((int)usrSession.UserID);
                lvwInvoices.DataSource = dtbInvoices;
                lvwInvoices.DataBind();
            }
            catch
            {
                string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
                Response.Redirect(url);
            }
        }
Esempio n. 2
0
        protected void lvwInvoices_ItemDataBound(object sender, ListViewItemEventArgs e)
        {
            if (e.Item.ItemType == ListViewItemType.DataItem)
            {
                try
                {
                    // grab session userID
                    BL.User usrSession = (BL.User)Session["User"];
                    int     intUserID  = (int)usrSession.UserID;
                    // find row view
                    DataRowView rowView = (DataRowView)e.Item.DataItem;

                    Label lblAddress = (Label)e.Item.FindControl("lblDeliveryAddress");
                    //Label lblTotal = (Label)e.Item.FindControl("lblTotal");

                    DataRow drwAddress = BL.BLAccountInvoices.dtbSelectMailingAddress((int)rowView["MailingAddressID"]);
                    lblAddress.Text =
                        drwAddress.Field <string>("StreetNo") + " " +
                        drwAddress.Field <string>("Street") + ", " +
                        drwAddress.Field <string>("Suburb") + ", " +
                        drwAddress.Field <string>("PostCode") + ", " +
                        drwAddress.Field <string>("State");
                }
                catch
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
                    Response.Redirect(url);
                }
            }
        }
Esempio n. 3
0
        public ActionResult Edit()
        {
            if (Authenticate.IsAuthenticated())
            {
                if (ViewBag.Message == null)
                {
                    ViewBag.Message = "Profile";
                }

                BL.User userManager;
                BL.File fileManager = new BL.File();

                Net.Models.User user;
                Net.Models.File file;
                UserGalleryArtworkFile ugaf = new UserGalleryArtworkFile();

                ugaf.User = (Net.Models.User)Session["user"];
                ugaf.Files = fileManager.LoadByUserId(ugaf.User.Id);

                using (userManager = new BL.User())
                {
                    user = userManager.LoadByUsername(ugaf.User.UserName);
                }

                if (user == null)
                    return HttpNotFound();

                return View(ugaf);
            }
            else
            {
                return RedirectToAction("Login", "Login", new { returnurl = HttpContext.Request.Url });
            }
        }
Esempio n. 4
0
        protected void Page_Load(object sender, EventArgs e)
        {
            // get session
            BL.User usrSession = (BL.User)Session["User"];
            // grab invoice id, which should be been sent by checkout page
            int intInvoiceID = Convert.ToInt32(Request["ID"]);

            if (intInvoiceID > 0 & usrSession != null)
            {
                try
                {
                    fillOrderHtml(intInvoiceID);
                }
                catch
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
                    Response.Redirect(url);
                }
            }
            else
            {
                string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx?ID=privilegeerror";
                Response.Redirect(url);
            }
        }
Esempio n. 5
0
        public List <Models.Message> Load()
        {
            BL.User user = new BL.User();
            List <Models.Message> messages = new List <Models.Message>();

            db.Messages
            .ToList()
            .ForEach(m => messages
                     .Add(
                         new Models.Message
            {
                Id           = m.Id,
                FromUserId   = m.FromUserId,
                ToUserId     = m.ToUserId,
                Body         = m.Body,
                CollectionId = m.CollectionId,
                DateTime     = m.DateTime,
                CritiqueId   = m.CritiqueId,
                Rating       = m.Rating,
                X            = m.X,
                Y            = m.Y,
                FromUsername = (user.LoadById(m.FromUserId).UserName == null || user.LoadById(m.FromUserId).UserName == String.Empty) ? "User Not Found" : user.LoadById(m.FromUserId).UserName
            }));

            return(messages);
        }
Esempio n. 6
0
        protected void lvwInvoiceProducts_ItemDataBound(object sender, ListViewItemEventArgs e)
        {
            if (e.Item.ItemType == ListViewItemType.DataItem)
            {
                try
                {
                    // grab session userID
                    BL.User usrSession = (BL.User)Session["User"];
                    int     intUserID  = (int)usrSession.UserID;
                    // find row view
                    DataRowView rowView = (DataRowView)e.Item.DataItem;

                    // find image
                    Image image = (Image)e.Item.FindControl("imgProductImage");
                    // retrieve image from sql
                    byte[] bytArray = (byte[])rowView["ProductImage"];
                    // convert to string
                    string strBase64 = Convert.ToBase64String(bytArray);
                    // set url
                    image.ImageUrl = "data:Image/jpg;base64, " + strBase64;

                    // find hyperlink
                    HyperLink hyperlink = (HyperLink)e.Item.FindControl("linkProductPage");
                    // retrieve productID from sql
                    int intProductID = (int)rowView["ProductID"];
                    // set url
                    hyperlink.NavigateUrl = "product.aspx?ID=" + intProductID.ToString();
                }
                catch
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
                    Response.Redirect(url);
                }
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Session["User"] == null)
            {
                Response.Redirect("login.aspx");
            }

            if (!Request.IsSecureConnection)
            {
                string url = ConfigurationManager.AppSettings["SecurePath"] + "accountAddresses.aspx";
                Response.Redirect(url);
            }
            if (!IsPostBack)
            {
                // get session
                BL.User usrSession = (BL.User)Session["User"];
                try
                {
                    fillListWithAddresses(usrSession.UserID);
                }
                catch
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx?ID=servererror";
                    Response.Redirect(url);
                }
            }
        }
Esempio n. 8
0
        protected void Page_Load(object sender, EventArgs e)
        {
            BL.User usrSession = (BL.User)Session["User"];

            if (!usrSession.IsAdmin || usrSession == null)   // check user is admin
            {
                Response.Redirect("~/UL/Pages/error.aspx?ID=privilegeerror");
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            // following code makes btnSearch the 'DefaultButton' of the page, ensuring that pressing enter fires btnSearch
            ContentPlaceHolder cph       = (ContentPlaceHolder)Master.FindControl("body");
            LinkButton         btnSearch = cph.FindControl("btnSearch") as LinkButton;

            cph.Page.Form.DefaultButton = btnSearch.UniqueID;

            // grab the session variable
            BL.User usrSession = (BL.User)Session["User"];

            // set card number


            if (usrSession != null)             // if user is logged in
            {
                if (usrSession.IsAdmin == true) // if user is admin, log them out - they shouldn't be in customer site
                {
                    Response.Redirect("~/UL/Pages/logOut.aspx");
                }

                else
                {
                    linkAccount.Text        = "Hi, " + usrSession.Name.ToString();
                    linkOrders.NavigateUrl  = "~/UL/Pages/orders.aspx";
                    linkAccount.NavigateUrl = "~/UL/Pages/account.aspx";

                    // set cart number
                    try
                    {
                        int intCartStock = (int)BL.BLCart.intCartTotalProducts(usrSession.UserID);
                        if (intCartStock > 0)
                        {
                            lblCartStock.Text = intCartStock.ToString();
                        }
                        else
                        {
                            lblCartStock.Text = "";
                        }
                    }
                    catch (Exception ex)
                    {
                        lblCartStock.Text = "";
                    }
                }
            }
            else                                // if user is not logged in/user session == null
            {
                linkAccount.Text        = "Login";
                lblCartStock.Text       = "";
                linkAccount.NavigateUrl = "~/UL/Pages/login.aspx";
                linkOrders.NavigateUrl  = "~/UL/Pages/login.aspx";
            }
        }
Esempio n. 10
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!Request.IsSecureConnection)
            {
                // request secure connection, with product ID (fixed bug where wrong product loaded from unsecure connection)
                string url = ConfigurationManager.AppSettings["SecurePath"] + "addedToCart.aspx?ID=" + Request["ID"];
                Response.Redirect(url);
            }
            if (!IsPostBack)
            {
                // grab product id
                int intProductID = Convert.ToInt32(Request["ID"]);
                // redirect to login if session variable == null
                if (Session["User"] == null)
                {
                    Response.Redirect("login.aspx?ID=" + Request["ID"].ToString());
                }
                else
                {
                    try
                    {
                        // grab session
                        BL.User usrSession = (BL.User)Session["User"];
                        // retrieve product
                        DataTable dtbProductData = BL.BLProductDisplay.dtbReturnProductByID(intProductID);
                        // grab data row for simplicity
                        DataRow drwProductData = dtbProductData.Rows[0];

                        // check product in stock and available
                        if (Convert.ToInt32(drwProductData["StockLevel"]) > 0 || !Convert.ToBoolean(drwProductData["IsActive"]))
                        {
                            // if available, add to cart and fill html values
                            BL.BLCart.addProductToCart(usrSession.UserID, intProductID, 1);
                            FillHtmlValues(drwProductData, usrSession.UserID);
                        }
                        else
                        {
                            throw new ArgumentException("Product Unavailable");
                        }
                    }
                    catch (ArgumentException ex)
                    {
                        System.Diagnostics.Debug.WriteLine(ex.ToString());
                        Response.Redirect("error.aspx?ID=productunavailable");
                    }
                    catch (Exception ex)
                    {
                        System.Diagnostics.Debug.WriteLine(ex.ToString());
                        Response.Redirect("error.aspx?ID=servererror");
                    }
                }
            }
        }
Esempio n. 11
0
        public ActionResult ViewOrder(bool?byUser)
        {
            if (byUser == true)
            {
                BL.User u = (BL.User)System.Web.HttpContext.Current.Session["user"];

                if (u != null)
                {
                    List <OrderModel> orders = new List <OrderModel>();

                    foreach (Order o in MainClass.Instance.getAllOrders().FindAll(v => v.user == u))
                    {
                        OrderModel m = new OrderModel()
                        {
                            orderDate   = o.orderDate,
                            orderNumber = o.orderNumber,
                            orderType   = o is BoatRentalOrder ? "Boat Rental Order" : "Group Trip Order",
                            paymentType = o.paymentType.ToString(),
                            price       = o.price,
                            userName    = o.user.name
                        };
                        orders.Add(m);
                    }
                    return(View(orders));
                }
            }
            else
            {
                if (!SessionManager.checkCurrentUserType(UserType.MAINTENANCE_PERSON))
                {
                    return(new HttpStatusCodeResult(403));
                }

                List <OrderModel> orders = new List <OrderModel>();

                foreach (Order o in MainClass.Instance.getAllOrders())
                {
                    OrderModel m = new OrderModel()
                    {
                        orderDate   = o.orderDate,
                        orderNumber = o.orderNumber,
                        orderType   = o is BoatRentalOrder ? "Boat Rental Order" : "Group Trip Order",
                        paymentType = o.paymentType.ToString(),
                        price       = o.price,
                        userName    = o.user.name
                    };
                    orders.Add(m);
                }
                return(View(orders));
            }
            return(new HttpStatusCodeResult(403));
        }
Esempio n. 12
0
 public ActionResult Index(Net.Models.User user, Net.Models.File file)
 {
     try
     {
         BL.User bluser = new BL.User();
         bluser.Insert(user, file);
         return(RedirectToAction("Index"));
     }
     catch
     {
         return(View(user));
     }
 }
Esempio n. 13
0
 public ActionResult Users()
 {
     if (Authenticate.IsAuthenticated())
     {
         _user  = new BL.User();
         _users = new List <Net.Models.User>();
         _users = _user.Load();
         if (ViewBag.Message == null)
         {
             ViewBag.Message = "Users";
         }
         return(View(_users));
     }
     else
     {
         return(RedirectToAction("Login", "Login", new { returnurl = HttpContext.Request.Url }));
     }
 }
        protected void listviewCartProducts_ItemDataBound(object sender, ListViewItemEventArgs e)
        // populates each item of the list view
        // this could probably be done a better way
        {
            if (e.Item.ItemType == ListViewItemType.DataItem)
            {
                try
                {
                    // grab session userID
                    BL.User usrSession = (BL.User)Session["User"];
                    int     intUserID  = (int)usrSession.UserID;
                    // find row view
                    DataRowView rowView = (DataRowView)e.Item.DataItem;

                    // find image
                    Image image = (Image)e.Item.FindControl("imgProductImage");
                    // retrieve image from sql
                    byte[] bytArray = (byte[])rowView["ProductImage"];
                    // convert to string
                    string strBase64 = Convert.ToBase64String(bytArray);
                    // set url
                    image.ImageUrl = "data:Image/jpg;base64, " + strBase64;

                    // find hyperlink
                    HyperLink hyperlink = (HyperLink)e.Item.FindControl("linkProductPage");
                    // retrieve productID from sql
                    int intProductID = (int)rowView["ProductID"];
                    // set url
                    hyperlink.NavigateUrl = "product.aspx?ID=" + intProductID.ToString();

                    // grab qty label
                    Label labelProductQty = (Label)e.Item.FindControl("lblProductQty");
                    // set productquantity
                    labelProductQty.Text = BL.BLCart.intSingularProductQuantityFromCart(
                        intUserID, (int)rowView["ProductID"]).ToString();
                }
                catch
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
                    Response.Redirect(url);
                }
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!Request.IsSecureConnection)
            {
                string url = ConfigurationManager.AppSettings["SecurePath"] + "checkoutPayment.aspx";
                Response.Redirect(url);
            }
            if (!IsPostBack)
            {
                // get session
                if (Session["User"] == null)
                {
                    Response.Redirect("~/UL/Pages/login.aspx");
                }

                BL.User usrSession = (BL.User)Session["User"];

                // check a cart exists - user won't be able to access this page unless they go though URL
                if (BL.BLCart.intSelectCartID(usrSession.UserID) <= 0)
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "main.aspx";
                    Response.Redirect(url);
                }
                // check the cart has items
                if (!usrSession.CheckCartHasitems())
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx?ID=privilegeerror";
                    Response.Redirect(url);
                }

                try
                {
                    fillListWithAddresses((int)usrSession.UserID);
                    fillCartWithProducts((int)usrSession.UserID);
                }
                catch
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
                    Response.Redirect(url);
                }
            }
        }
        protected void repeaterMailingAddresses_ItemDataBound(object sender, RepeaterItemEventArgs e)
        {
            // ********** code referenced from https://weblogs.asp.net/joseguay/having-radiobuttons-on-a-repeater-or-datalist
            // following reference code runs a script that adds onlick event to each radio button, ensuring that their
            // group is properly set up
            // this is necessary due the the radio buttons being inside a data repeater
            if (e.Item.ItemType != ListItemType.Item && e.Item.ItemType != ListItemType.AlternatingItem)
            {
                return;
            }

            RadioButton rButton = (RadioButton)e.Item.FindControl("radioButton");

            string script = "SetUniqueRadioButton('repeaterMailingAddresses.*MailingAddresses',this)";

            rButton.Attributes.Add("OnClick", script);
            // ********** end reference

            // folowing code displays unit no if it exists
            // also selects the radio button for the default address
            // grab session userID
            BL.User usrSession = (BL.User)Session["User"];
            int     intUserID  = (int)usrSession.UserID;
            // find row view
            DataRowView rowView = (DataRowView)e.Item.DataItem;
            // find unitNo label
            Label labelUnitNo = (Label)e.Item.FindControl("lblUnitNo");

            // display unit no if it exists
            if (rowView["UnitNo"].ToString() != "")
            {
                labelUnitNo.Visible = true;
                labelUnitNo.Text    = rowView["UnitNo"].ToString() + ", ";
            }

            // selected if this address is the default
            if ((bool)rowView["IsDefault"])
            {
                rButton.Checked = true;
            }
        }
        protected void listviewCartProducts_ItemCommand(object sender, ListViewCommandEventArgs e)
        // removes a product from the cart
        {
            if (e.CommandName == "cmdRemoveProduct")
            {
                try
                {
                    int     intProductID = Convert.ToInt32(e.CommandArgument);
                    BL.User usrSession   = (BL.User)Session["User"];
                    int     intUserID    = Convert.ToInt32(usrSession.UserID);

                    BL.BLCart.removeProductFromCart(intUserID, intProductID);
                    fillCartWithProducts(intUserID);
                }
                catch
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx?ID=servererror";
                    Response.Redirect(url);
                }
            }
        }
        private void RegisterButton_Click(object sender, RoutedEventArgs e)
        {
            String email       = emailTextbox.Text;
            String address     = addressTextbox.Text;
            String password    = passwordBox.Password.ToString();
            String dateOfBirth = datePickerDOB.Text;
            String gender      = genderSelector.Text;
            String name        = nameTextbox.Text;


            BL.User user = new BL.User();
            try
            {
                user.userAdd(email, password, name, address, dateOfBirth, gender);
                MessageBox.Show("created sucess");
            }
            catch (Exception excp)
            {
                MessageBox.Show(excp.Message);
            }
        }
        protected void lvwAddresses_ItemDataBound(object sender, ListViewItemEventArgs e)
        {
            // checks for unit no == null, and address is default
            // if no unit no, don't display unit no
            // if default, add default label
            // both list views share this method
            {
                if (e.Item.ItemType == ListViewItemType.DataItem)
                {
                    try
                    {
                        // grab session userID
                        BL.User usrSession = (BL.User)Session["User"];
                        int     intUserID  = (int)usrSession.UserID;
                        // find row view
                        DataRowView rowView = (DataRowView)e.Item.DataItem;
                        // find unitNo label
                        Label labelUnitNo = (Label)e.Item.FindControl("lblUnitNo");
                        // find default label
                        Label labelDefault = (Label)e.Item.FindControl("lblDefaultAddress");

                        // hide unit no if null
                        if (rowView["UnitNo"].ToString() != "")
                        {
                            labelUnitNo.Visible = true;
                            labelUnitNo.Text    = rowView["UnitNo"].ToString() + ", ";
                        }
                        if ((bool)rowView["IsDefault"])
                        {
                            labelDefault.Visible = true;
                        }
                    }
                    catch
                    {
                        Response.Redirect("error.aspx?ID=servererror");
                    }
                }
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!Request.IsSecureConnection)
            {
                string url = ConfigurationManager.AppSettings["SecurePath"] + "cart.aspx";
                Response.Redirect(url);
            }
            if (Session["User"] == null)
            {
                Response.Redirect("login.aspx");
            }
            if (!IsPostBack)
            {
                // get session
                BL.User usrSession = (BL.User)Session["User"];

                // check a cart exists, or a cart exists and has no items
                if ((int)BL.BLCart.intSelectCartID(usrSession.UserID) <= 0 || (int)BL.BLCart.intCartTotalProducts(usrSession.UserID) <= 0)
                {
                    lblCartTotalPrice.Visible = false;
                    lblCartTotal.Visible      = false;
                    btnCheckout.Visible       = false;
                    lblFeedback.Text          = "No items in cart yet !";
                    lblFeedback.Visible       = true;
                }

                try
                {
                    fillCartWithProducts(usrSession.UserID);
                }
                catch
                {
                    string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
                    Response.Redirect(url);
                }
            }
        }
Esempio n. 21
0
        public List <Models.Message> LoadByCollection(int collectionId)
        {
            BL.User user = new BL.User();
            List <Models.Message> messages = new List <Models.Message>();

            db.Messages.Where(x => x.CollectionId == collectionId)
            .ToList()
            .ForEach(x => messages
                     .Add(new Models.Message
            {
                Id           = x.Id,
                FromUserId   = x.FromUserId,
                ToUserId     = x.ToUserId,
                Body         = x.Body,
                CollectionId = x.CollectionId,
                DateTime     = x.DateTime,
                CritiqueId   = x.CritiqueId,
                Rating       = x.Rating,
                X            = x.X,
                Y            = x.Y,
                FromUsername = (user.LoadById(x.FromUserId).UserName == null || user.LoadById(x.FromUserId).UserName == String.Empty) ? "User Not Found" : user.LoadById(x.FromUserId).UserName
            }));
            return(messages);
        }
Esempio n. 22
0
        public ActionResult Login(Net.Models.User user, string returnurl)
        {
            ViewResult result = View(user);

            try
            {
                ViewBag.ReturnUrl = returnurl;
                BL.User blUser = new BL.User();

                //ViewBag.ReturnUrl = returnUrl;
                if (blUser.Login(user.UserName, user.Password))
                {
                    BL.User useree = new BL.User();
                    user = useree.LoadByUsername(user.UserName);

                    HttpContext.Session["user"] = user;
                    //return result;
                    if (!string.IsNullOrEmpty(returnurl))
                    {
                        return(Redirect(returnurl));
                    }
                    else
                    {
                        return(RedirectToAction("Index", "Profile"));
                    }
                }
                ViewBag.Message = "Login Failed";

                return(result);
            }
            catch (Exception ex)
            {
                ViewBag.Message = ex.Message;
                return(View(user));
            }
        }
Esempio n. 23
0
 /// <summary>
 /// Registration User, Send Mail With ConfirmI
 /// </summary>
 /// <param name="login"></param>
 /// <param name="email"></param>
 /// <param name="password"></param>
 /// <param name="usersProperties"></param>
 public void RegisterUser(string login, string email, string password)
 {
     BL.User user = new BL.User();
     BL.Helpers.MD5CryptoServiceProvider md5 = new BL.Helpers.MD5CryptoServiceProvider();
     BL.Modules.Users.UserRoles userRoles = new BL.Modules.Users.UserRoles();
     BL.Modules.Users.UserRights userRights = new BL.Modules.Users.UserRights();
     Guid ConfirmationId = Guid.NewGuid();
     using (var ts = new TransactionScope())
     {
         user.UserID = Guid.NewGuid();
         user.Login = login;
         user.Email = email;
         user.Password = md5.getMd5Hash(password);
         user.IsActive = false;
         user.ConfirmationID = ConfirmationId;
         user.UserRoleID = userRoles.User;
         user.UserRightID = userRights.Read;
         db.Users.InsertOnSubmit(user);
         db.SubmitChanges();
         ts.Complete();
     }
     BL.Modules.Mail.Mail.Registration(user);
 }
Esempio n. 24
0
        public ActionResult Edit(UserGalleryArtworkFile ugaf, Net.Models.File file, HttpPostedFileBase upload)
        {
            if (ModelState.IsValid)
            {
                //ugaf.User = (Net.Models.User)Session["user"];
                Net.Models.User user = (Net.Models.User)Session["user"];
                BL.User userHelper = new BL.User();
                BL.File fileHelper = new BL.File();
                BL.Artwork artworkHelper = new BL.Artwork();

                var oldFile = fileHelper.LoadByUserId(user.Id);
                Net.Models.File existingFile = new Net.Models.File();


                Net.Models.User newUser = userHelper.LoadById(user.Id);

                using (userHelper = new BL.User())
                {
                    newUser.FirstName = ugaf.User.FirstName;
                    newUser.LastName = ugaf.User.LastName;
                    newUser.Password = ugaf.User.Password;
                    newUser.CommissionActive = ugaf.User.CommissionActive;
                }

                foreach (var f in oldFile)
                {
                    existingFile.ArtworkId = f.ArtworkId;
                    existingFile.Content = f.Content;
                    existingFile.ContentType = f.ContentType;
                    existingFile.FileName = f.FileName;
                    existingFile.FileType = f.FileType;
                    existingFile.Id = f.Id;
                    existingFile.UserId = f.UserId;
                    existingFile.Artwork = artworkHelper.LoadById(f.ArtworkId);
                    existingFile.User = newUser;
                }

                try
                {
                    if (upload != null && upload.ContentLength > 0)
                    {
                        file = new Net.Models.File
                        {
                            Id = existingFile.Id,
                            FileName = System.IO.Path.GetFileName(upload.FileName),
                            FileType = FileType.Avatar,
                            ContentType = upload.ContentType,
                            Content = existingFile.Content,
                            Artwork = existingFile.Artwork,
                            User = existingFile.User,
                            UserId = existingFile.UserId,
                            ArtworkId = existingFile.ArtworkId
                        };
                        using (var reader = new System.IO.BinaryReader(upload.InputStream))
                        {
                            file.Content = reader.ReadBytes(upload.ContentLength);
                        }

                        System.Diagnostics.Debug.WriteLine(newUser.Id);
                        System.Diagnostics.Debug.WriteLine(file.FileName);
                        ugaf.User.Files = new List<Net.Models.File> { file };
                        userHelper.Update(newUser, file);
                    }
                    else
                    {
                        ugaf.User = newUser;
                        userHelper.Update(newUser, existingFile);
                    }

                    return RedirectToAction("Index");
                }
                catch (Exception ex)
                {
                    ViewBag.Message = ex.Message;
                    return View(ugaf);
                }
            }
            return View();
        }
Esempio n. 25
0
        public ActionResult PaymentWithPaypal()
        {
            if (!SessionManager.userIsLoggedIn())
            {
                return(new HttpStatusCodeResult(403));
            }

            BL.User user = (BL.User)System.Web.HttpContext.Current.Session["user"];

            if (user == null)
            {
                ViewBag.Status  = false;
                ViewBag.Message = "User is not logged in";
                return(View("Payment"));
            }
            BoatRentModel  boatRentModel  = (BoatRentModel)System.Web.HttpContext.Current.Session["boatRental"];
            GroupTripModel groupTripModel = (GroupTripModel)System.Web.HttpContext.Current.Session["groupTrip"];

            if (boatRentModel == null && groupTripModel == null)
            {
                ViewBag.Status  = false;
                ViewBag.Message = "Neither the BoatRentModel nor the GroupTripModel exists";
                return(View("Payment"));
            }
            //getting the apiContext as earlier
            APIContext apiContext = PaypalConfiguration.GetAPIContext();

            try {
                string payerId = Request.Params["PayerID"];

                if (string.IsNullOrEmpty(payerId))
                {
                    //this section will be executed first because PayerID doesn't exist
                    //it is returned by the create function call of the payment class

                    // Creating a payment
                    // baseURL is the url on which paypal sendsback the data.
                    // So we have provided URL of this controller only
                    string baseURI = Request.Url.Scheme + "://" + Request.Url.Authority +
                                     "/PayPal/PaymentWithPayPal?";

                    //guid we are generating for storing the paymentID received in session
                    //after calling the create function and it is used in the payment execution

                    var guid = Convert.ToString((new Random()).Next(100000));

                    //CreatePayment function gives us the payment approval url
                    //on which payer is redirected for paypal account payment

                    Payment createdPayment = null;

                    if (boatRentModel != null)
                    {
                        createdPayment = this.CreateBoatRentalPayment(apiContext, baseURI + "guid=" + guid, boatRentModel);
                    }
                    else if (groupTripModel != null)
                    {
                        createdPayment = this.CreateGroupTripPayment(apiContext, baseURI + "guid=" + guid, groupTripModel);
                    }

                    //get links returned from paypal in response to Create function call

                    var links = createdPayment.links.GetEnumerator();

                    string paypalRedirectUrl = null;

                    while (links.MoveNext())
                    {
                        Links lnk = links.Current;

                        if (lnk.rel.ToLower().Trim().Equals("approval_url"))
                        {
                            //saving the payapalredirect URL to which user will be redirected for payment
                            paypalRedirectUrl = lnk.href;
                        }
                    }

                    // saving the paymentID in the key guid
                    Session.Add(guid, createdPayment.id);

                    return(Redirect(paypalRedirectUrl));
                }
                else
                {
                    // This section is executed when we have received all the payments parameters

                    // from the previous call to the function Create

                    // Executing a payment

                    var guid = Request.Params["guid"];

                    var executedPayment = ExecutePayment(apiContext, payerId, Session[guid] as string);

                    if (executedPayment.state.ToLower() != "approved")
                    {
                        ViewBag.Status  = false;
                        ViewBag.Message = "Payment with PayPal is not approved.";
                        return(View("Payment"));
                    }

                    if (boatRentModel != null)
                    {
                        BL.Location location = MainClass.Instance.getLocations().Find(v => v.id == boatRentModel.locationId);

                        if (location == null)
                        {
                            ViewBag.Status  = false;
                            ViewBag.Message = "Location could not be found";
                            return(View("Payment"));
                        }
                        BL.BoatRental br = location.rentBoat(boatRentModel.boat, boatRentModel.startTime, boatRentModel.endTime, boatRentModel.numPersons);

                        if (br == null)
                        {
                            ViewBag.Status  = false;
                            ViewBag.Message = "Boat could not be rented";
                            return(View("Payment"));
                        }
                        if (MainClass.Instance.orderBoatRental(br, PaymentType.PAYPAL, user.userAddress, user) == null)
                        {
                            ViewBag.Status  = false;
                            ViewBag.Message = "Boat could not be rented";
                            return(View("Payment"));
                        }
                        System.Web.HttpContext.Current.Session.Remove("boatRental");
                    }
                    else if (groupTripModel != null)
                    {
                        if (MainClass.Instance.orderGroupTrip(groupTripModel.finalGroupTrip, PaymentType.PAYPAL, user.userAddress, user) == null)
                        {
                            ViewBag.Status  = false;
                            ViewBag.Message = "Group trip could not be ordered";
                            return(View("Payment"));
                        }
                        System.Web.HttpContext.Current.Session.Remove("groupTrip");
                    }
                }
            }
            catch (Exception e) {
                ViewBag.Status  = false;
                ViewBag.Message = e.Message;
                return(View("Payment"));
            }
            ViewBag.Status  = true;
            ViewBag.Message = "Payment with PayPal was successful.";
            return(View("Payment"));
        }
Esempio n. 26
0
        public static BL.User usrLoginUser(string _strEmail, string _strPassword)
        // method returns a populated user object if login successful
        // or returns UserID as -3 for sql server contact error
        // -2 for db access error
        // -1 for email not found
        // 0 for email found, password wrong
        // if I re-wrote this assignment, I probably wouldn't do it this way.
        // I would probably just return the UserID from the DB, rather than a user object
        {
            string strEm  = _strEmail.ToString();
            string strPwd = _strPassword.ToString();

            int intRetValue = -2;   // -2 for db access error

            BL.User usrRtnUser = new BL.User();

            if (strEm != "")
            {
                SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["INFT3050ConnectionString"].ConnectionString);

                SqlCommand cmdLoginAndReturnUser = new SqlCommand("Users_UspLoginAndReturnUser", conn);         // create sql command
                cmdLoginAndReturnUser.CommandType = CommandType.StoredProcedure;                                // set command type to stored procedure

                // in paramater
                cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@Email", SqlDbType.VarChar, 254));       // add in param
                cmdLoginAndReturnUser.Parameters["@Email"].Value     = strEm;                                   // email parameter = strEm
                cmdLoginAndReturnUser.Parameters["@Email"].Direction = ParameterDirection.Input;
                // in paramater
                cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@Password", SqlDbType.VarChar, 50));     // add in param
                cmdLoginAndReturnUser.Parameters["@Password"].Value     = strPwd;                               // email parameter = strEm
                cmdLoginAndReturnUser.Parameters["@Password"].Direction = ParameterDirection.Input;
                // UserID out parameter
                cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@UserID", SqlDbType.Int));               // add out param
                cmdLoginAndReturnUser.Parameters["@UserID"].Direction = ParameterDirection.Output;              // direction = output
                // Name out parameter
                cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@FirstName", SqlDbType.VarChar, 250));
                cmdLoginAndReturnUser.Parameters["@FirstName"].Direction = ParameterDirection.Output;
                // IsActive out parameter
                cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@IsActive", SqlDbType.Bit));
                cmdLoginAndReturnUser.Parameters["@IsActive"].Direction = ParameterDirection.Output;
                // IsAdmin out parameter
                cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@IsAdmin", SqlDbType.Bit));
                cmdLoginAndReturnUser.Parameters["@IsAdmin"].Direction = ParameterDirection.Output;
                // ReturnValue out parameter
                cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@ReturnValue", SqlDbType.Int));
                cmdLoginAndReturnUser.Parameters["@ReturnValue"].Direction = ParameterDirection.Output;

                try
                {
                    conn.Open();
                    cmdLoginAndReturnUser.ExecuteNonQuery();
                    intRetValue = (int)cmdLoginAndReturnUser.Parameters["@ReturnValue"].Value;            // cast out param to int
                    //System.Diagnostics.Debug.WriteLine("Retvalue: ");

                    if (intRetValue > 0)  // if login is successful, populate user object, else return 0, -1, -2, or -3 for other conditions
                    {
                        usrRtnUser.UserID   = (int)cmdLoginAndReturnUser.Parameters["@UserID"].Value;
                        usrRtnUser.Name     = (string)cmdLoginAndReturnUser.Parameters["@FirstName"].Value;
                        usrRtnUser.IsActive = (bool)cmdLoginAndReturnUser.Parameters["@IsActive"].Value;
                        usrRtnUser.IsAdmin  = (bool)cmdLoginAndReturnUser.Parameters["@IsAdmin"].Value;
                        usrRtnUser.Email    = strEm;
                        System.Diagnostics.Debug.WriteLine("assigning parameters success");
                    }
                }
                catch (Exception ex)
                {
                    Console.WriteLine(ex.ToString());
                    System.Diagnostics.Debug.WriteLine("DAL Exception");
                }
                finally
                {
                    conn.Close();
                }
            }
            return(usrRtnUser);
        }
Esempio n. 27
0
        protected void btnLogin_Click(object sender, EventArgs e)
        {
            // grab login values
            string strEmail    = Convert.ToString(tbxEmail.Text);
            string strPassword = Convert.ToString(tbxPassword.Text);
            // grab product ID (sent from product page if redirected from there), otherwise ID = 0
            int intProductID = Convert.ToInt32(Request["ID"]);

            BL.User usrLogin = new BL.User();
            usrLogin.UserID = -3;   // default userID, to see if lower layers have been contacted
            // this is a bit silly, in future i would do this another way

            try
            {
                usrLogin = BL.BLLogin.usrLoginUser(strEmail, strPassword);
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
            }
            finally
            {
                if (usrLogin.UserID > 0)
                {
                    Session["User"] = usrLogin;
                    if (usrLogin.IsAdmin == true)
                    {
                        string url = ConfigurationManager.AppSettings["SecurePath"] + "Admin/adminDashboard.aspx";
                        Response.Redirect(url);
                        //Response.Redirect("Admin/adminDashboard.aspx"); // if user is admin, redirect to dashboard
                    }
                    else if (intProductID > 0)  // case for login page redirected from a product page
                    {
                        string url = ConfigurationManager.AppSettings["UnsecurePath"] + "product.aspx?ID=" + intProductID;
                        Response.Redirect(url);
                        //Response.Redirect("product.aspx?ID=" + intProductID);
                    }
                    else
                    {
                        string url = ConfigurationManager.AppSettings["UnsecurePath"] + "main.aspx";
                        Response.Redirect(url);
                        //Response.Redirect("main.aspx"); // else go to main
                    }
                }
                else if (usrLogin.UserID == 0)
                {
                    lblFeedback.Text    = "Sorry, the password does not match the email";
                    lblFeedback.Visible = true;
                }
                else if (usrLogin.UserID == -1)
                {
                    lblFeedback.Text    = "Sorry, that email address is unrecognized";
                    lblFeedback.Visible = true;
                }
                else if (usrLogin.UserID == -2) // DB error
                {
                    lblFeedback.Text    = "Sorry there was an error contacting the server.";
                    lblFeedback.Visible = true;
                }
                else if (usrLogin.UserID == -3) // Server error
                {
                    lblFeedback.Text    = "Sorry there was an error contacting the server.";
                    lblFeedback.Visible = true;
                }
            }
        }
Esempio n. 28
0
 public FrmUser()
 {
     InitializeComponent();
     user = new BL.User(this);
     this.dataGridView1.AllowUserToAddRows = false;
 }