protected void Page_Load(object sender, EventArgs e)
{
if (!Request.IsSecureConnection)
{
string url = ConfigurationManager.AppSettings["SecurePath"] + "orders.aspx";
Response.Redirect(url);
}
if (Session["User"] == null)
{
Response.Redirect("login.aspx");
}
// get session
BL.User usrSession = (BL.User)Session["User"];
try
{
DataTable dtbInvoices = BL.BLAccountInvoices.dtbSelectInvoices((int)usrSession.UserID);
lvwInvoices.DataSource = dtbInvoices;
lvwInvoices.DataBind();
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
Response.Redirect(url);
}
}
protected void lvwInvoices_ItemDataBound(object sender, ListViewItemEventArgs e)
{
if (e.Item.ItemType == ListViewItemType.DataItem)
{
try
{
// grab session userID
BL.User usrSession = (BL.User)Session["User"];
int intUserID = (int)usrSession.UserID;
// find row view
DataRowView rowView = (DataRowView)e.Item.DataItem;
Label lblAddress = (Label)e.Item.FindControl("lblDeliveryAddress");
//Label lblTotal = (Label)e.Item.FindControl("lblTotal");
DataRow drwAddress = BL.BLAccountInvoices.dtbSelectMailingAddress((int)rowView["MailingAddressID"]);
lblAddress.Text =
drwAddress.Field <string>("StreetNo") + " " +
drwAddress.Field <string>("Street") + ", " +
drwAddress.Field <string>("Suburb") + ", " +
drwAddress.Field <string>("PostCode") + ", " +
drwAddress.Field <string>("State");
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
Response.Redirect(url);
}
}
}
public ActionResult Edit()
{
if (Authenticate.IsAuthenticated())
{
if (ViewBag.Message == null)
{
ViewBag.Message = "Profile";
}
BL.User userManager;
BL.File fileManager = new BL.File();
Net.Models.User user;
Net.Models.File file;
UserGalleryArtworkFile ugaf = new UserGalleryArtworkFile();
ugaf.User = (Net.Models.User)Session["user"];
ugaf.Files = fileManager.LoadByUserId(ugaf.User.Id);
using (userManager = new BL.User())
{
user = userManager.LoadByUsername(ugaf.User.UserName);
}
if (user == null)
return HttpNotFound();
return View(ugaf);
}
else
{
return RedirectToAction("Login", "Login", new { returnurl = HttpContext.Request.Url });
}
}
protected void Page_Load(object sender, EventArgs e)
{
// get session
BL.User usrSession = (BL.User)Session["User"];
// grab invoice id, which should be been sent by checkout page
int intInvoiceID = Convert.ToInt32(Request["ID"]);
if (intInvoiceID > 0 & usrSession != null)
{
try
{
fillOrderHtml(intInvoiceID);
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
Response.Redirect(url);
}
}
else
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx?ID=privilegeerror";
Response.Redirect(url);
}
}
public List <Models.Message> Load()
{
BL.User user = new BL.User();
List <Models.Message> messages = new List <Models.Message>();
db.Messages
.ToList()
.ForEach(m => messages
.Add(
new Models.Message
{
Id = m.Id,
FromUserId = m.FromUserId,
ToUserId = m.ToUserId,
Body = m.Body,
CollectionId = m.CollectionId,
DateTime = m.DateTime,
CritiqueId = m.CritiqueId,
Rating = m.Rating,
X = m.X,
Y = m.Y,
FromUsername = (user.LoadById(m.FromUserId).UserName == null || user.LoadById(m.FromUserId).UserName == String.Empty) ? "User Not Found" : user.LoadById(m.FromUserId).UserName
}));
return(messages);
}
protected void lvwInvoiceProducts_ItemDataBound(object sender, ListViewItemEventArgs e)
{
if (e.Item.ItemType == ListViewItemType.DataItem)
{
try
{
// grab session userID
BL.User usrSession = (BL.User)Session["User"];
int intUserID = (int)usrSession.UserID;
// find row view
DataRowView rowView = (DataRowView)e.Item.DataItem;
// find image
Image image = (Image)e.Item.FindControl("imgProductImage");
// retrieve image from sql
byte[] bytArray = (byte[])rowView["ProductImage"];
// convert to string
string strBase64 = Convert.ToBase64String(bytArray);
// set url
image.ImageUrl = "data:Image/jpg;base64, " + strBase64;
// find hyperlink
HyperLink hyperlink = (HyperLink)e.Item.FindControl("linkProductPage");
// retrieve productID from sql
int intProductID = (int)rowView["ProductID"];
// set url
hyperlink.NavigateUrl = "product.aspx?ID=" + intProductID.ToString();
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
Response.Redirect(url);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["User"] == null)
{
Response.Redirect("login.aspx");
}
if (!Request.IsSecureConnection)
{
string url = ConfigurationManager.AppSettings["SecurePath"] + "accountAddresses.aspx";
Response.Redirect(url);
}
if (!IsPostBack)
{
// get session
BL.User usrSession = (BL.User)Session["User"];
try
{
fillListWithAddresses(usrSession.UserID);
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx?ID=servererror";
Response.Redirect(url);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
BL.User usrSession = (BL.User)Session["User"];
if (!usrSession.IsAdmin || usrSession == null) // check user is admin
{
Response.Redirect("~/UL/Pages/error.aspx?ID=privilegeerror");
}
}
protected void Page_Load(object sender, EventArgs e)
{
// following code makes btnSearch the 'DefaultButton' of the page, ensuring that pressing enter fires btnSearch
ContentPlaceHolder cph = (ContentPlaceHolder)Master.FindControl("body");
LinkButton btnSearch = cph.FindControl("btnSearch") as LinkButton;
cph.Page.Form.DefaultButton = btnSearch.UniqueID;
// grab the session variable
BL.User usrSession = (BL.User)Session["User"];
// set card number
if (usrSession != null) // if user is logged in
{
if (usrSession.IsAdmin == true) // if user is admin, log them out - they shouldn't be in customer site
{
Response.Redirect("~/UL/Pages/logOut.aspx");
}
else
{
linkAccount.Text = "Hi, " + usrSession.Name.ToString();
linkOrders.NavigateUrl = "~/UL/Pages/orders.aspx";
linkAccount.NavigateUrl = "~/UL/Pages/account.aspx";
// set cart number
try
{
int intCartStock = (int)BL.BLCart.intCartTotalProducts(usrSession.UserID);
if (intCartStock > 0)
{
lblCartStock.Text = intCartStock.ToString();
}
else
{
lblCartStock.Text = "";
}
}
catch (Exception ex)
{
lblCartStock.Text = "";
}
}
}
else // if user is not logged in/user session == null
{
linkAccount.Text = "Login";
lblCartStock.Text = "";
linkAccount.NavigateUrl = "~/UL/Pages/login.aspx";
linkOrders.NavigateUrl = "~/UL/Pages/login.aspx";
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Request.IsSecureConnection)
{
// request secure connection, with product ID (fixed bug where wrong product loaded from unsecure connection)
string url = ConfigurationManager.AppSettings["SecurePath"] + "addedToCart.aspx?ID=" + Request["ID"];
Response.Redirect(url);
}
if (!IsPostBack)
{
// grab product id
int intProductID = Convert.ToInt32(Request["ID"]);
// redirect to login if session variable == null
if (Session["User"] == null)
{
Response.Redirect("login.aspx?ID=" + Request["ID"].ToString());
}
else
{
try
{
// grab session
BL.User usrSession = (BL.User)Session["User"];
// retrieve product
DataTable dtbProductData = BL.BLProductDisplay.dtbReturnProductByID(intProductID);
// grab data row for simplicity
DataRow drwProductData = dtbProductData.Rows[0];
// check product in stock and available
if (Convert.ToInt32(drwProductData["StockLevel"]) > 0 || !Convert.ToBoolean(drwProductData["IsActive"]))
{
// if available, add to cart and fill html values
BL.BLCart.addProductToCart(usrSession.UserID, intProductID, 1);
FillHtmlValues(drwProductData, usrSession.UserID);
}
else
{
throw new ArgumentException("Product Unavailable");
}
}
catch (ArgumentException ex)
{
System.Diagnostics.Debug.WriteLine(ex.ToString());
Response.Redirect("error.aspx?ID=productunavailable");
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine(ex.ToString());
Response.Redirect("error.aspx?ID=servererror");
}
}
}
}
public ActionResult ViewOrder(bool?byUser)
{
if (byUser == true)
{
BL.User u = (BL.User)System.Web.HttpContext.Current.Session["user"];
if (u != null)
{
List <OrderModel> orders = new List <OrderModel>();
foreach (Order o in MainClass.Instance.getAllOrders().FindAll(v => v.user == u))
{
OrderModel m = new OrderModel()
{
orderDate = o.orderDate,
orderNumber = o.orderNumber,
orderType = o is BoatRentalOrder ? "Boat Rental Order" : "Group Trip Order",
paymentType = o.paymentType.ToString(),
price = o.price,
userName = o.user.name
};
orders.Add(m);
}
return(View(orders));
}
}
else
{
if (!SessionManager.checkCurrentUserType(UserType.MAINTENANCE_PERSON))
{
return(new HttpStatusCodeResult(403));
}
List <OrderModel> orders = new List <OrderModel>();
foreach (Order o in MainClass.Instance.getAllOrders())
{
OrderModel m = new OrderModel()
{
orderDate = o.orderDate,
orderNumber = o.orderNumber,
orderType = o is BoatRentalOrder ? "Boat Rental Order" : "Group Trip Order",
paymentType = o.paymentType.ToString(),
price = o.price,
userName = o.user.name
};
orders.Add(m);
}
return(View(orders));
}
return(new HttpStatusCodeResult(403));
}
public ActionResult Index(Net.Models.User user, Net.Models.File file)
{
try
{
BL.User bluser = new BL.User();
bluser.Insert(user, file);
return(RedirectToAction("Index"));
}
catch
{
return(View(user));
}
}
public ActionResult Users()
{
if (Authenticate.IsAuthenticated())
{
_user = new BL.User();
_users = new List <Net.Models.User>();
_users = _user.Load();
if (ViewBag.Message == null)
{
ViewBag.Message = "Users";
}
return(View(_users));
}
else
{
return(RedirectToAction("Login", "Login", new { returnurl = HttpContext.Request.Url }));
}
}
protected void listviewCartProducts_ItemDataBound(object sender, ListViewItemEventArgs e)
// populates each item of the list view
// this could probably be done a better way
{
if (e.Item.ItemType == ListViewItemType.DataItem)
{
try
{
// grab session userID
BL.User usrSession = (BL.User)Session["User"];
int intUserID = (int)usrSession.UserID;
// find row view
DataRowView rowView = (DataRowView)e.Item.DataItem;
// find image
Image image = (Image)e.Item.FindControl("imgProductImage");
// retrieve image from sql
byte[] bytArray = (byte[])rowView["ProductImage"];
// convert to string
string strBase64 = Convert.ToBase64String(bytArray);
// set url
image.ImageUrl = "data:Image/jpg;base64, " + strBase64;
// find hyperlink
HyperLink hyperlink = (HyperLink)e.Item.FindControl("linkProductPage");
// retrieve productID from sql
int intProductID = (int)rowView["ProductID"];
// set url
hyperlink.NavigateUrl = "product.aspx?ID=" + intProductID.ToString();
// grab qty label
Label labelProductQty = (Label)e.Item.FindControl("lblProductQty");
// set productquantity
labelProductQty.Text = BL.BLCart.intSingularProductQuantityFromCart(
intUserID, (int)rowView["ProductID"]).ToString();
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
Response.Redirect(url);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Request.IsSecureConnection)
{
string url = ConfigurationManager.AppSettings["SecurePath"] + "checkoutPayment.aspx";
Response.Redirect(url);
}
if (!IsPostBack)
{
// get session
if (Session["User"] == null)
{
Response.Redirect("~/UL/Pages/login.aspx");
}
BL.User usrSession = (BL.User)Session["User"];
// check a cart exists - user won't be able to access this page unless they go though URL
if (BL.BLCart.intSelectCartID(usrSession.UserID) <= 0)
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "main.aspx";
Response.Redirect(url);
}
// check the cart has items
if (!usrSession.CheckCartHasitems())
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx?ID=privilegeerror";
Response.Redirect(url);
}
try
{
fillListWithAddresses((int)usrSession.UserID);
fillCartWithProducts((int)usrSession.UserID);
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
Response.Redirect(url);
}
}
}
protected void repeaterMailingAddresses_ItemDataBound(object sender, RepeaterItemEventArgs e)
{
// ********** code referenced from https://weblogs.asp.net/joseguay/having-radiobuttons-on-a-repeater-or-datalist
// following reference code runs a script that adds onlick event to each radio button, ensuring that their
// group is properly set up
// this is necessary due the the radio buttons being inside a data repeater
if (e.Item.ItemType != ListItemType.Item && e.Item.ItemType != ListItemType.AlternatingItem)
{
return;
}
RadioButton rButton = (RadioButton)e.Item.FindControl("radioButton");
string script = "SetUniqueRadioButton('repeaterMailingAddresses.*MailingAddresses',this)";
rButton.Attributes.Add("OnClick", script);
// ********** end reference
// folowing code displays unit no if it exists
// also selects the radio button for the default address
// grab session userID
BL.User usrSession = (BL.User)Session["User"];
int intUserID = (int)usrSession.UserID;
// find row view
DataRowView rowView = (DataRowView)e.Item.DataItem;
// find unitNo label
Label labelUnitNo = (Label)e.Item.FindControl("lblUnitNo");
// display unit no if it exists
if (rowView["UnitNo"].ToString() != "")
{
labelUnitNo.Visible = true;
labelUnitNo.Text = rowView["UnitNo"].ToString() + ", ";
}
// selected if this address is the default
if ((bool)rowView["IsDefault"])
{
rButton.Checked = true;
}
}
protected void listviewCartProducts_ItemCommand(object sender, ListViewCommandEventArgs e)
// removes a product from the cart
{
if (e.CommandName == "cmdRemoveProduct")
{
try
{
int intProductID = Convert.ToInt32(e.CommandArgument);
BL.User usrSession = (BL.User)Session["User"];
int intUserID = Convert.ToInt32(usrSession.UserID);
BL.BLCart.removeProductFromCart(intUserID, intProductID);
fillCartWithProducts(intUserID);
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx?ID=servererror";
Response.Redirect(url);
}
}
}
private void RegisterButton_Click(object sender, RoutedEventArgs e)
{
String email = emailTextbox.Text;
String address = addressTextbox.Text;
String password = passwordBox.Password.ToString();
String dateOfBirth = datePickerDOB.Text;
String gender = genderSelector.Text;
String name = nameTextbox.Text;
BL.User user = new BL.User();
try
{
user.userAdd(email, password, name, address, dateOfBirth, gender);
MessageBox.Show("created sucess");
}
catch (Exception excp)
{
MessageBox.Show(excp.Message);
}
}
protected void lvwAddresses_ItemDataBound(object sender, ListViewItemEventArgs e)
{
// checks for unit no == null, and address is default
// if no unit no, don't display unit no
// if default, add default label
// both list views share this method
{
if (e.Item.ItemType == ListViewItemType.DataItem)
{
try
{
// grab session userID
BL.User usrSession = (BL.User)Session["User"];
int intUserID = (int)usrSession.UserID;
// find row view
DataRowView rowView = (DataRowView)e.Item.DataItem;
// find unitNo label
Label labelUnitNo = (Label)e.Item.FindControl("lblUnitNo");
// find default label
Label labelDefault = (Label)e.Item.FindControl("lblDefaultAddress");
// hide unit no if null
if (rowView["UnitNo"].ToString() != "")
{
labelUnitNo.Visible = true;
labelUnitNo.Text = rowView["UnitNo"].ToString() + ", ";
}
if ((bool)rowView["IsDefault"])
{
labelDefault.Visible = true;
}
}
catch
{
Response.Redirect("error.aspx?ID=servererror");
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Request.IsSecureConnection)
{
string url = ConfigurationManager.AppSettings["SecurePath"] + "cart.aspx";
Response.Redirect(url);
}
if (Session["User"] == null)
{
Response.Redirect("login.aspx");
}
if (!IsPostBack)
{
// get session
BL.User usrSession = (BL.User)Session["User"];
// check a cart exists, or a cart exists and has no items
if ((int)BL.BLCart.intSelectCartID(usrSession.UserID) <= 0 || (int)BL.BLCart.intCartTotalProducts(usrSession.UserID) <= 0)
{
lblCartTotalPrice.Visible = false;
lblCartTotal.Visible = false;
btnCheckout.Visible = false;
lblFeedback.Text = "No items in cart yet !";
lblFeedback.Visible = true;
}
try
{
fillCartWithProducts(usrSession.UserID);
}
catch
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "error.aspx";
Response.Redirect(url);
}
}
}
public List <Models.Message> LoadByCollection(int collectionId)
{
BL.User user = new BL.User();
List <Models.Message> messages = new List <Models.Message>();
db.Messages.Where(x => x.CollectionId == collectionId)
.ToList()
.ForEach(x => messages
.Add(new Models.Message
{
Id = x.Id,
FromUserId = x.FromUserId,
ToUserId = x.ToUserId,
Body = x.Body,
CollectionId = x.CollectionId,
DateTime = x.DateTime,
CritiqueId = x.CritiqueId,
Rating = x.Rating,
X = x.X,
Y = x.Y,
FromUsername = (user.LoadById(x.FromUserId).UserName == null || user.LoadById(x.FromUserId).UserName == String.Empty) ? "User Not Found" : user.LoadById(x.FromUserId).UserName
}));
return(messages);
}
public ActionResult Login(Net.Models.User user, string returnurl)
{
ViewResult result = View(user);
try
{
ViewBag.ReturnUrl = returnurl;
BL.User blUser = new BL.User();
//ViewBag.ReturnUrl = returnUrl;
if (blUser.Login(user.UserName, user.Password))
{
BL.User useree = new BL.User();
user = useree.LoadByUsername(user.UserName);
HttpContext.Session["user"] = user;
//return result;
if (!string.IsNullOrEmpty(returnurl))
{
return(Redirect(returnurl));
}
else
{
return(RedirectToAction("Index", "Profile"));
}
}
ViewBag.Message = "Login Failed";
return(result);
}
catch (Exception ex)
{
ViewBag.Message = ex.Message;
return(View(user));
}
}
/// <summary>
/// Registration User, Send Mail With ConfirmI
/// </summary>
/// <param name="login"></param>
/// <param name="email"></param>
/// <param name="password"></param>
/// <param name="usersProperties"></param>
public void RegisterUser(string login, string email, string password)
{
BL.User user = new BL.User();
BL.Helpers.MD5CryptoServiceProvider md5 = new BL.Helpers.MD5CryptoServiceProvider();
BL.Modules.Users.UserRoles userRoles = new BL.Modules.Users.UserRoles();
BL.Modules.Users.UserRights userRights = new BL.Modules.Users.UserRights();
Guid ConfirmationId = Guid.NewGuid();
using (var ts = new TransactionScope())
{
user.UserID = Guid.NewGuid();
user.Login = login;
user.Email = email;
user.Password = md5.getMd5Hash(password);
user.IsActive = false;
user.ConfirmationID = ConfirmationId;
user.UserRoleID = userRoles.User;
user.UserRightID = userRights.Read;
db.Users.InsertOnSubmit(user);
db.SubmitChanges();
ts.Complete();
}
BL.Modules.Mail.Mail.Registration(user);
}
public ActionResult Edit(UserGalleryArtworkFile ugaf, Net.Models.File file, HttpPostedFileBase upload)
{
if (ModelState.IsValid)
{
//ugaf.User = (Net.Models.User)Session["user"];
Net.Models.User user = (Net.Models.User)Session["user"];
BL.User userHelper = new BL.User();
BL.File fileHelper = new BL.File();
BL.Artwork artworkHelper = new BL.Artwork();
var oldFile = fileHelper.LoadByUserId(user.Id);
Net.Models.File existingFile = new Net.Models.File();
Net.Models.User newUser = userHelper.LoadById(user.Id);
using (userHelper = new BL.User())
{
newUser.FirstName = ugaf.User.FirstName;
newUser.LastName = ugaf.User.LastName;
newUser.Password = ugaf.User.Password;
newUser.CommissionActive = ugaf.User.CommissionActive;
}
foreach (var f in oldFile)
{
existingFile.ArtworkId = f.ArtworkId;
existingFile.Content = f.Content;
existingFile.ContentType = f.ContentType;
existingFile.FileName = f.FileName;
existingFile.FileType = f.FileType;
existingFile.Id = f.Id;
existingFile.UserId = f.UserId;
existingFile.Artwork = artworkHelper.LoadById(f.ArtworkId);
existingFile.User = newUser;
}
try
{
if (upload != null && upload.ContentLength > 0)
{
file = new Net.Models.File
{
Id = existingFile.Id,
FileName = System.IO.Path.GetFileName(upload.FileName),
FileType = FileType.Avatar,
ContentType = upload.ContentType,
Content = existingFile.Content,
Artwork = existingFile.Artwork,
User = existingFile.User,
UserId = existingFile.UserId,
ArtworkId = existingFile.ArtworkId
};
using (var reader = new System.IO.BinaryReader(upload.InputStream))
{
file.Content = reader.ReadBytes(upload.ContentLength);
}
System.Diagnostics.Debug.WriteLine(newUser.Id);
System.Diagnostics.Debug.WriteLine(file.FileName);
ugaf.User.Files = new List<Net.Models.File> { file };
userHelper.Update(newUser, file);
}
else
{
ugaf.User = newUser;
userHelper.Update(newUser, existingFile);
}
return RedirectToAction("Index");
}
catch (Exception ex)
{
ViewBag.Message = ex.Message;
return View(ugaf);
}
}
return View();
}
public ActionResult PaymentWithPaypal()
{
if (!SessionManager.userIsLoggedIn())
{
return(new HttpStatusCodeResult(403));
}
BL.User user = (BL.User)System.Web.HttpContext.Current.Session["user"];
if (user == null)
{
ViewBag.Status = false;
ViewBag.Message = "User is not logged in";
return(View("Payment"));
}
BoatRentModel boatRentModel = (BoatRentModel)System.Web.HttpContext.Current.Session["boatRental"];
GroupTripModel groupTripModel = (GroupTripModel)System.Web.HttpContext.Current.Session["groupTrip"];
if (boatRentModel == null && groupTripModel == null)
{
ViewBag.Status = false;
ViewBag.Message = "Neither the BoatRentModel nor the GroupTripModel exists";
return(View("Payment"));
}
//getting the apiContext as earlier
APIContext apiContext = PaypalConfiguration.GetAPIContext();
try {
string payerId = Request.Params["PayerID"];
if (string.IsNullOrEmpty(payerId))
{
//this section will be executed first because PayerID doesn't exist
//it is returned by the create function call of the payment class
// Creating a payment
// baseURL is the url on which paypal sendsback the data.
// So we have provided URL of this controller only
string baseURI = Request.Url.Scheme + "://" + Request.Url.Authority +
"/PayPal/PaymentWithPayPal?";
//guid we are generating for storing the paymentID received in session
//after calling the create function and it is used in the payment execution
var guid = Convert.ToString((new Random()).Next(100000));
//CreatePayment function gives us the payment approval url
//on which payer is redirected for paypal account payment
Payment createdPayment = null;
if (boatRentModel != null)
{
createdPayment = this.CreateBoatRentalPayment(apiContext, baseURI + "guid=" + guid, boatRentModel);
}
else if (groupTripModel != null)
{
createdPayment = this.CreateGroupTripPayment(apiContext, baseURI + "guid=" + guid, groupTripModel);
}
//get links returned from paypal in response to Create function call
var links = createdPayment.links.GetEnumerator();
string paypalRedirectUrl = null;
while (links.MoveNext())
{
Links lnk = links.Current;
if (lnk.rel.ToLower().Trim().Equals("approval_url"))
{
//saving the payapalredirect URL to which user will be redirected for payment
paypalRedirectUrl = lnk.href;
}
}
// saving the paymentID in the key guid
Session.Add(guid, createdPayment.id);
return(Redirect(paypalRedirectUrl));
}
else
{
// This section is executed when we have received all the payments parameters
// from the previous call to the function Create
// Executing a payment
var guid = Request.Params["guid"];
var executedPayment = ExecutePayment(apiContext, payerId, Session[guid] as string);
if (executedPayment.state.ToLower() != "approved")
{
ViewBag.Status = false;
ViewBag.Message = "Payment with PayPal is not approved.";
return(View("Payment"));
}
if (boatRentModel != null)
{
BL.Location location = MainClass.Instance.getLocations().Find(v => v.id == boatRentModel.locationId);
if (location == null)
{
ViewBag.Status = false;
ViewBag.Message = "Location could not be found";
return(View("Payment"));
}
BL.BoatRental br = location.rentBoat(boatRentModel.boat, boatRentModel.startTime, boatRentModel.endTime, boatRentModel.numPersons);
if (br == null)
{
ViewBag.Status = false;
ViewBag.Message = "Boat could not be rented";
return(View("Payment"));
}
if (MainClass.Instance.orderBoatRental(br, PaymentType.PAYPAL, user.userAddress, user) == null)
{
ViewBag.Status = false;
ViewBag.Message = "Boat could not be rented";
return(View("Payment"));
}
System.Web.HttpContext.Current.Session.Remove("boatRental");
}
else if (groupTripModel != null)
{
if (MainClass.Instance.orderGroupTrip(groupTripModel.finalGroupTrip, PaymentType.PAYPAL, user.userAddress, user) == null)
{
ViewBag.Status = false;
ViewBag.Message = "Group trip could not be ordered";
return(View("Payment"));
}
System.Web.HttpContext.Current.Session.Remove("groupTrip");
}
}
}
catch (Exception e) {
ViewBag.Status = false;
ViewBag.Message = e.Message;
return(View("Payment"));
}
ViewBag.Status = true;
ViewBag.Message = "Payment with PayPal was successful.";
return(View("Payment"));
}
public static BL.User usrLoginUser(string _strEmail, string _strPassword)
// method returns a populated user object if login successful
// or returns UserID as -3 for sql server contact error
// -2 for db access error
// -1 for email not found
// 0 for email found, password wrong
// if I re-wrote this assignment, I probably wouldn't do it this way.
// I would probably just return the UserID from the DB, rather than a user object
{
string strEm = _strEmail.ToString();
string strPwd = _strPassword.ToString();
int intRetValue = -2; // -2 for db access error
BL.User usrRtnUser = new BL.User();
if (strEm != "")
{
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["INFT3050ConnectionString"].ConnectionString);
SqlCommand cmdLoginAndReturnUser = new SqlCommand("Users_UspLoginAndReturnUser", conn); // create sql command
cmdLoginAndReturnUser.CommandType = CommandType.StoredProcedure; // set command type to stored procedure
// in paramater
cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@Email", SqlDbType.VarChar, 254)); // add in param
cmdLoginAndReturnUser.Parameters["@Email"].Value = strEm; // email parameter = strEm
cmdLoginAndReturnUser.Parameters["@Email"].Direction = ParameterDirection.Input;
// in paramater
cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@Password", SqlDbType.VarChar, 50)); // add in param
cmdLoginAndReturnUser.Parameters["@Password"].Value = strPwd; // email parameter = strEm
cmdLoginAndReturnUser.Parameters["@Password"].Direction = ParameterDirection.Input;
// UserID out parameter
cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@UserID", SqlDbType.Int)); // add out param
cmdLoginAndReturnUser.Parameters["@UserID"].Direction = ParameterDirection.Output; // direction = output
// Name out parameter
cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@FirstName", SqlDbType.VarChar, 250));
cmdLoginAndReturnUser.Parameters["@FirstName"].Direction = ParameterDirection.Output;
// IsActive out parameter
cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@IsActive", SqlDbType.Bit));
cmdLoginAndReturnUser.Parameters["@IsActive"].Direction = ParameterDirection.Output;
// IsAdmin out parameter
cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@IsAdmin", SqlDbType.Bit));
cmdLoginAndReturnUser.Parameters["@IsAdmin"].Direction = ParameterDirection.Output;
// ReturnValue out parameter
cmdLoginAndReturnUser.Parameters.Add(new SqlParameter("@ReturnValue", SqlDbType.Int));
cmdLoginAndReturnUser.Parameters["@ReturnValue"].Direction = ParameterDirection.Output;
try
{
conn.Open();
cmdLoginAndReturnUser.ExecuteNonQuery();
intRetValue = (int)cmdLoginAndReturnUser.Parameters["@ReturnValue"].Value; // cast out param to int
//System.Diagnostics.Debug.WriteLine("Retvalue: ");
if (intRetValue > 0) // if login is successful, populate user object, else return 0, -1, -2, or -3 for other conditions
{
usrRtnUser.UserID = (int)cmdLoginAndReturnUser.Parameters["@UserID"].Value;
usrRtnUser.Name = (string)cmdLoginAndReturnUser.Parameters["@FirstName"].Value;
usrRtnUser.IsActive = (bool)cmdLoginAndReturnUser.Parameters["@IsActive"].Value;
usrRtnUser.IsAdmin = (bool)cmdLoginAndReturnUser.Parameters["@IsAdmin"].Value;
usrRtnUser.Email = strEm;
System.Diagnostics.Debug.WriteLine("assigning parameters success");
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
System.Diagnostics.Debug.WriteLine("DAL Exception");
}
finally
{
conn.Close();
}
}
return(usrRtnUser);
}
protected void btnLogin_Click(object sender, EventArgs e)
{
// grab login values
string strEmail = Convert.ToString(tbxEmail.Text);
string strPassword = Convert.ToString(tbxPassword.Text);
// grab product ID (sent from product page if redirected from there), otherwise ID = 0
int intProductID = Convert.ToInt32(Request["ID"]);
BL.User usrLogin = new BL.User();
usrLogin.UserID = -3; // default userID, to see if lower layers have been contacted
// this is a bit silly, in future i would do this another way
try
{
usrLogin = BL.BLLogin.usrLoginUser(strEmail, strPassword);
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
finally
{
if (usrLogin.UserID > 0)
{
Session["User"] = usrLogin;
if (usrLogin.IsAdmin == true)
{
string url = ConfigurationManager.AppSettings["SecurePath"] + "Admin/adminDashboard.aspx";
Response.Redirect(url);
//Response.Redirect("Admin/adminDashboard.aspx"); // if user is admin, redirect to dashboard
}
else if (intProductID > 0) // case for login page redirected from a product page
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "product.aspx?ID=" + intProductID;
Response.Redirect(url);
//Response.Redirect("product.aspx?ID=" + intProductID);
}
else
{
string url = ConfigurationManager.AppSettings["UnsecurePath"] + "main.aspx";
Response.Redirect(url);
//Response.Redirect("main.aspx"); // else go to main
}
}
else if (usrLogin.UserID == 0)
{
lblFeedback.Text = "Sorry, the password does not match the email";
lblFeedback.Visible = true;
}
else if (usrLogin.UserID == -1)
{
lblFeedback.Text = "Sorry, that email address is unrecognized";
lblFeedback.Visible = true;
}
else if (usrLogin.UserID == -2) // DB error
{
lblFeedback.Text = "Sorry there was an error contacting the server.";
lblFeedback.Visible = true;
}
else if (usrLogin.UserID == -3) // Server error
{
lblFeedback.Text = "Sorry there was an error contacting the server.";
lblFeedback.Visible = true;
}
}
}
public FrmUser()
{
InitializeComponent();
user = new BL.User(this);
this.dataGridView1.AllowUserToAddRows = false;
}