public ActionResult Login(string phone, string password) { var db = new DB(); var validationError = new CustomerValidate(); if (phone != String.Empty && password != String.Empty) { var Phone = new SqlParameter("@phone", SqlDbType.NVarChar); Phone.Value = phone; var sqlParameter = new SqlParameter[1] { Phone }; var data = db.ExeccuteCommandReader("select_login_customer", sqlParameter); if (data.HasRows) { data.Read(); if (data["phone"].ToString() == phone && data["password"].ToString() == password) { var customer = new Customer { name = data["name"].ToString() }; System.Web.HttpContext.Current.Session["loggedIn"] = true; System.Web.HttpContext.Current.Session["loginId"] = int.Parse(data["customer_id"].ToString()); System.Web.HttpContext.Current.Session["loginName"] = data["name"].ToString(); return(View("Home", customer)); } else if (data["phone"].ToString() == phone && data["password"].ToString() != password) { validationError.password = "******"; return(View("Login", validationError)); } else { validationError.phone = "Incorrect phone number"; validationError.password = "******"; return(View("Login", validationError)); } } else { validationError.final = "First register yourself"; return(View("Login", validationError)); } } else { validationError.final = "Empty phone number or password"; return(View("Login", validationError)); } }
public ActionResult Contact(string name, string email, string message, string type, string city) { var db = new DB(); var validationError = new CustomerValidate(); if (message != string.Empty && name != string.Empty && email != string.Empty) { int invalids = 0; if (message.Length < 10) { validationError.message = "Message is too short"; ++invalids; } if (email != string.Empty) { if (email.Contains("&") && email.Contains(".com")) { validationError.email = "Incorrect email"; ++invalids; } } if (name == string.Empty) { validationError.name = "Empty name"; ++invalids; } if (invalids > 0) { return(View(validationError)); } else { var Email = new SqlParameter("@email", SqlDbType.NVarChar); Email.Value = email; var City = new SqlParameter("@city", SqlDbType.NVarChar); City.Value = city; var Type = new SqlParameter("@type", SqlDbType.NVarChar); Type.Value = type; var Message = new SqlParameter("@message", SqlDbType.NVarChar); Message.Value = message; var sqlParameter = new SqlParameter[4] { Email, City, Type, Message }; int rowInsert = db.ExeccuteCommandAffected("insert_customer_review", sqlParameter); if (rowInsert == 1) { return(View("Home")); } else { validationError.final = "Your review couldn't submitted"; return(View("Contact", validationError)); } } } else { validationError.final = "Enter above fields properly"; return(View(validationError)); } }
public ActionResult Signup(string name, string phone, string email, string password, string retypePassword, string building, string street, string area, string floor) { var db = new DB(); var validationError = new CustomerValidate(); if (phone != string.Empty && password != string.Empty && retypePassword != string.Empty) { int invalids = 0; if (phone.Length != 11) { validationError.phone = "Phone length must be of 11 digits"; ++invalids; } if (email != string.Empty) { if (email.Contains("&") && email.Contains(".com")) { validationError.email = "Incorrect email"; ++invalids; } } if (retypePassword != password) { validationError.password = "******"; ++invalids; } if (invalids > 0) { return(View(validationError)); } else { var Name = new SqlParameter("@name", SqlDbType.NVarChar); Name.Value = name; var Phone = new SqlParameter("@phone", SqlDbType.NVarChar); Phone.Value = phone; var Password = new SqlParameter("@password", SqlDbType.NVarChar); Password.Value = password; var Email = new SqlParameter("@email", SqlDbType.NVarChar); Email.Value = email; var Building = new SqlParameter("@building", SqlDbType.NVarChar); Building.Value = building; var Street = new SqlParameter("@street", SqlDbType.NVarChar); Street.Value = street; var Area = new SqlParameter("@area", SqlDbType.NVarChar); Area.Value = area; var Floor = new SqlParameter("@floor", SqlDbType.NVarChar); Floor.Value = floor; var sqlParameter = new SqlParameter[8] { Name, Phone, Password, Email, Building, Street, Area, Floor }; int rowInsert = db.ExeccuteCommandAffected("insert_customer", sqlParameter); if (rowInsert == 2) { return(View("Login")); } else { return(View("Signup", validationError)); } } } else { validationError.final = "Enter above fields properly"; return(View(validationError)); } }