public void OnGet()
{
UserName = HttpContext.Session.GetString(SessionKeyName1);
UserEmail = HttpContext.Session.GetString(SessionKeyName2);
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
Console.WriteLine("Username : "******"DELETE FROM UserSession WHERE Username=$userName";
selectCmd2.Parameters.AddWithValue("$userName", UserName);
selectCmd2.Prepare();
selectCmd2.ExecuteNonQuery();
HttpContext.Session.Clear();
Page();
}
public void deletePicture(string PicName, string email)
{
string RetrieveImage = Path.Combine(_env.ContentRootPath, "ImageData", PicName);
System.IO.File.Delete(RetrieveImage);
Console.WriteLine("File has been deleted");
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd2 = connection.CreateCommand();
selectCmd2.CommandText = @"DELETE FROM Picture WHERE Email=$email";
selectCmd2.Parameters.AddWithValue("$email", email);
selectCmd2.Prepare();
selectCmd2.ExecuteNonQuery();
}
public async Task <IActionResult> OnGetAsync(int?id)
{
UserRec = await _context.User.FirstOrDefaultAsync(m => m.ID == id);
//Console.WriteLine(EmailAddress);
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT FirstName FROM User WHERE EmailAdd=$email";
selectCmd.Parameters.AddWithValue("$email", UserRec.EmailAdd);
var reader = selectCmd.ExecuteReader();
while (reader.Read())
{
UserRec.FirstName = reader.GetString(0);
}
if (UserRec.FirstName == null)
{
return(NotFound());
}
return(Page());
}
public Boolean CheckPic(string FName, string Email)
{
Boolean status = false;
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT FirstName FROM Picture WHERE Email=$email";
selectCmd.Parameters.AddWithValue("$email", Email);
var reader = selectCmd.ExecuteReader();
var Name = "";
while (reader.Read())
{
Name = reader.GetString(0);
}
if (FName == Name)
{
status = true;
}
return(status);
}
public IActionResult OnGet()
{
UserName = HttpContext.Session.GetString(SessionKeyName1);
UserEmail = HttpContext.Session.GetString(SessionKeyName2);
SessionID = HttpContext.Session.GetString(SessionKeyName3);
Console.WriteLine("Current session: " + UserName);
Console.WriteLine("Current session ID: " + SessionID);
if (string.IsNullOrEmpty(UserName))
{
Console.WriteLine("Session ended");
return(RedirectToPage("/Users/UserLogin"));
}
else
{
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect();
string dbStringConnection = DBCon.DBStringConnection(); //getting the connection string from this class
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT PicName FROM Picture WHERE Email=$email";
selectCmd.Parameters.AddWithValue("$email", UserEmail);
var reader = selectCmd.ExecuteReader();
var fileName = "";
while (reader.Read())
{
fileName = reader.GetString(0);
}
if (string.IsNullOrEmpty(fileName))
{
pathPicture = "DefaulPic.jpeg";
Console.WriteLine("Default pic : " + pathPicture);
return(Page());
}
pathPicture = fileName;
Console.WriteLine("File name is : " + fileName);
pathPicture = fileName;
return(Page());
}
}
public IActionResult OnGet()
{
UserName = HttpContext.Session.GetString(SessionKeyName1);
UserEmail = HttpContext.Session.GetString(SessionKeyName2);
Console.WriteLine("Current session: " + UserName);
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT ModCode FROM RegisteredModule WHERE StudenEmail=$email ORDER BY ModCode";
selectCmd.Parameters.AddWithValue("$email", UserEmail);
var reader = selectCmd.ExecuteReader();
while (reader.Read())
{
string modCode = reader.GetString(0); //temporary variable used to get the module codes
Console.WriteLine("Module found : " + modCode);
ModCode.Add(modCode); //keep it to the list for future use
}
//for loop is used because student might have more than 1 module registered
for (int i = 0; i < ModCode.Count; i++)
{
var selectCmd2 = connection.CreateCommand();
selectCmd2.CommandText = @"SELECT * FROM Modules WHERE ModCode=$modCode ORDER BY ModCode";
selectCmd2.Parameters.AddWithValue("$modCode", ModCode[i]);
var reader2 = selectCmd2.ExecuteReader();
while (reader2.Read())
{
Modules mod = new Modules(); //temporary variable used to hold the record found
mod.ModCode = reader2.GetString(1); //start from 1 because we dont want ID field from the db
mod.ModName = reader2.GetString(2);
mod.ModLevel = reader2.GetInt32(3);
mod.ModSemester = reader2.GetInt32(4);
Modules.Add(mod); //the record now saved to the global variable
}
}
return(Page());
}
public async Task <IActionResult> OnPostAsync(int?id)
{
UserRec = await _context.User.FirstOrDefaultAsync(m => m.ID == id);
Boolean check = CheckPic(UserRec.FirstName, UserRec.EmailAdd);
if (!check)
{
//Saving the file to the server
var Fileupload = Path.Combine(_env.WebRootPath, "Images", UploadFile.FileName);
Console.WriteLine(Fileupload);
using (var Fstream = new FileStream(Fileupload, FileMode.Create))
{
await UploadFile.CopyToAsync(Fstream);
ViewData["Message"] = "File Uploaded to Image Data folder";
}
Console.WriteLine("Email is -->" + UserRec.EmailAdd);
Console.WriteLine("File Name is -->" + UploadFile.FileName);
Console.WriteLine("First Name is -->" + UserRec.FirstName);
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd2 = connection.CreateCommand();
selectCmd2.CommandText = @"INSERT INTO Picture (Email, PicName, FirstName) VALUES ($email, $PicName, $firstName)";
selectCmd2.Parameters.AddWithValue("$email", UserRec.EmailAdd);
selectCmd2.Parameters.AddWithValue("$PicName", UploadFile.FileName);
selectCmd2.Parameters.AddWithValue("$firstName", UserRec.FirstName);
selectCmd2.Prepare();
selectCmd2.ExecuteNonQuery();
return(RedirectToPage("/AdminPage/UserDetails"));
}
else
{
ViewData["Message"] = "The user already has a picture. Go to update profile.";
return(Page());
}
}
public async Task<IActionResult> OnGetAsync()
{
UserName = HttpContext.Session.GetString(SessionKeyName1);
UserEmail = HttpContext.Session.GetString(SessionKeyName2);
Console.WriteLine("Current session: " + UserName);
if (string.IsNullOrEmpty(UserName))
{
Console.WriteLine("Session ended");
return RedirectToPage("/UserLoggedIn/SuccessLogIn");
}
else
{
Console.WriteLine("Retrieving modules");
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT * FROM Modules ORDER BY ModLevel";
var reader = selectCmd.ExecuteReader();
while (reader.Read())
{
Modules mod = new Modules();
mod.ModCode = reader.GetString(1);
mod.ModName = reader.GetString(2);
mod.ModLevel = reader.GetInt32(3);
mod.ModSemester = reader.GetInt32(4);
ModRecords.Add(mod);
IsSelect.Add(false);
}
connection.Close();
return Page();
}
}
public async Task <IActionResult> OnGetAsync(int?id)
{
if (id == null)
{
return(NotFound());
}
User = await _context.User.FirstOrDefaultAsync(m => m.ID == id); //getting data from table User
var UserEmail = User.EmailAdd;
if (User == null)
{
return(NotFound());
}
//retrieve the file name for the user using email address (email address is a primary key for table Picture)
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT PicName, Id FROM Picture WHERE Email=$email";
selectCmd.Parameters.AddWithValue("$email", User.EmailAdd);
var reader = selectCmd.ExecuteReader();
while (reader.Read())
{
PicName = reader.GetString(0);
PictureID = reader.GetInt32(1);
}
Console.WriteLine("Pic name delete pic page : " + PicName);
return(Page());
}
public async Task <IActionResult> OnGetAsync()
{
UserName = HttpContext.Session.GetString(SessionKeyName1);
UserEmail = HttpContext.Session.GetString(SessionKeyName2);
SessionID = HttpContext.Session.GetString(SessionKeyName3);
Console.WriteLine("Current session ID: " + SessionID);
if (string.IsNullOrEmpty(UserName))
{
Console.WriteLine("Session ended");
return(RedirectToPage("/Users/UserLogin"));
}
else
{
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect();
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT EmailAdd, Password FROM User WHERE FirstName=$userName";
selectCmd.Parameters.AddWithValue("$userName", UserName);
var reader = selectCmd.ExecuteReader();
while (reader.Read())
{
EmailAdd = reader.GetString(0);
Pwd = reader.GetString(1);
}
Console.WriteLine("Retrieved first name : " + EmailAdd);
Console.WriteLine("Retrieved password : " + Pwd);
return(Page());
}
}
public async Task <IActionResult> OnPostAsync(int?id)
{
if (id == null)
{
return(NotFound());
}
Console.WriteLine("OnPost is performed");
User = await _context.User.FindAsync(id);
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT PicName, Id FROM Picture WHERE Email=$email";
selectCmd.Parameters.AddWithValue("$email", User.EmailAdd);
var reader = selectCmd.ExecuteReader();
while (reader.Read())
{
PicName = reader.GetString(0);
PictureID = reader.GetInt32(1);
}
Console.WriteLine("Pic name onpost : " + PicName);
if (!string.IsNullOrEmpty(PicName))
{
deletePicture(PicName, User.EmailAdd);
}
return(RedirectToPage("/AdminPage/UserDetails"));
}
public IActionResult OnPost()
{
Console.WriteLine("De-Registering Module");
for (int i = 0; i < ModRecords.Count(); i++)
{
if (IsSelect[i] == true)
{
Console.WriteLine(ModRecords[i].ModCode);
DeRegMod.Add(ModRecords[i]);
}
}
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
for (int i = 0; i < DeRegMod.Count; i++)
{
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"DELETE FROM RegisteredModule WHERE StudenEmail=$email AND ModCode=$modCode";
selectCmd.Parameters.AddWithValue("$email", UserEmail);
selectCmd.Parameters.AddWithValue("$modCode", DeRegMod[i].ModCode);
selectCmd.Prepare();
selectCmd.ExecuteNonQuery();
}
return(RedirectToPage("/UserModules/ViewRegisteredModule"));
}
public IActionResult OnGet()
{
UserName = HttpContext.Session.GetString(SessionKeyName1);
UserEmail = HttpContext.Session.GetString(SessionKeyName2);
Console.WriteLine("Current session: " + UserName);
if (string.IsNullOrEmpty(UserName))
{
Console.WriteLine("Session ended");
return(RedirectToPage("/UserLoggedIn/SuccessLogIn"));
}
else
{
Console.WriteLine("Retrieving modules");
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT ModCode FROM RegisteredModule WHERE StudenEmail=$email ORDER BY ModCode";
selectCmd.Parameters.AddWithValue("$email", UserEmail);
var reader = selectCmd.ExecuteReader();
List <String> GetRegMod = new List <string>(); //to get module that registered by the student
while (reader.Read())
{
GetRegMod.Add(reader.GetString(0));
}
for (int i = 0; i < GetRegMod.Count; i++)
{
var ModCode = GetRegMod[i];
var selectCmd2 = connection.CreateCommand();
selectCmd2.CommandText = @"SELECT ModName FROM Modules WHERE ModCode=$modCode ORDER BY ModCode";
selectCmd2.Parameters.AddWithValue("$modCode", ModCode);
var reader2 = selectCmd2.ExecuteReader();
while (reader2.Read())
{
Modules rec = new Modules();
rec.ModCode = GetRegMod[i];
rec.ModName = reader2.GetString(0);
ModRecords.Add(rec);
}
IsSelect.Add(false);
}
return(Page());
}
}
// To protect from overposting attacks, enable the specific properties you want to bind to, for
// more details, see https://aka.ms/RazorPagesCRUD.
public IActionResult OnPost()
{
//This if statement to check the form is valid -> [Required] fields.
if (!ModelState.IsValid)
{
return(Page());
}
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT Password FROM User WHERE EmailAdd=$EmailAdd";
selectCmd.Parameters.AddWithValue("$EmailAdd", User.EmailAdd);
var reader = selectCmd.ExecuteReader();
Console.WriteLine("Before Password");
var Pwd = "";
Console.WriteLine("Password is " + Pwd);
while (reader.Read())
{
Pwd = reader.GetString(0);
}
if (User.Password.Equals(Pwd))
{
selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT FirstName FROM User WHERE EmailAdd=$EmailAdd";
selectCmd.Parameters.AddWithValue("$EmailAdd", User.EmailAdd);
var reader2 = selectCmd.ExecuteReader();
while (reader2.Read())
{
UserName = reader2.GetString(0);
}
SessionID = HttpContext.Session.Id; //set the variable as session ID to allow multiple session in 1 browser
DateTime dd = DateTime.Now;
int hour = dd.Hour;
int min = dd.Minute;
int month = dd.Month;
int day = dd.Day;
string dateTime = day + "," + month + "," + hour + "," + min;
HttpContext.Session.SetString("sessionID", SessionID);
Console.WriteLine("1 - session ID : " + SessionID);
//checking the user has multiple session or not
var selectCmd4 = connection.CreateCommand();
selectCmd4 = connection.CreateCommand();
selectCmd4.CommandText = @"SELECT Username, SessionID, DateTime FROM UserSession WHERE SessionID=$sessionID";
selectCmd4.Parameters.AddWithValue("$sessionID", SessionID);
var reader4 = selectCmd4.ExecuteReader();
string[] SessionCheck = new string[3];
while (reader4.Read())
{
SessionCheck[0] = reader4.GetString(0); //session Username
SessionCheck[1] = reader4.GetString(1); //session ID
SessionCheck[2] = reader4.GetString(2); //session Date time
}
Console.WriteLine("SessionCheck[1] : " + SessionCheck[1]);
if (SessionCheck[1] == SessionID && SessionCheck[0] == UserName) // checking if the session ID and username are in DB
{
string[] getDateTime = SessionCheck[2].Split(","); //day month hour min
Console.WriteLine("Day :" + getDateTime[0]);
Console.WriteLine("Month : " + getDateTime[1]);
if (Convert.ToInt32(getDateTime[0]) == day && Convert.ToInt32(getDateTime[1]) == month)//check same month and day
{
int HourDiff = hour - Convert.ToInt32(getDateTime[2]);
int MinDiff = min - Convert.ToInt32(getDateTime[3]);
Console.WriteLine("Hour diff : " + HourDiff);
Console.WriteLine("Min diff : " + MinDiff);
if (HourDiff > 0 || MinDiff > 20) //session obselete
{
//Delete record and create a new login
var selectCmd2 = connection.CreateCommand();
selectCmd2.CommandText = @"DELETE FROM UserSession WHERE Username=$userName";
selectCmd2.Parameters.AddWithValue("$userName", UserName);
selectCmd2.Prepare();
selectCmd2.ExecuteNonQuery();
Console.WriteLine("A session record deleted");
//saving the session to Db
var selectCmd3 = connection.CreateCommand();
selectCmd3.CommandText = @"INSERT INTO UserSession (Username, SessionID, DateTime) VALUES ($username, $sessionID, $dateTime)";
selectCmd3.Parameters.AddWithValue("$username", UserName);
selectCmd3.Parameters.AddWithValue("$sessionID", SessionID);
selectCmd3.Parameters.AddWithValue("$dateTime", dateTime);
selectCmd3.Prepare();
selectCmd3.ExecuteNonQuery();
return(RedirectToPage("/UserLoggedIn/SuccessLogin"));
}
else //user has an active session yet
{
Msg = "Multilple Session is not allowed! Wait after 20 minutes before logon for a security reason.";
Console.WriteLine(Msg);
return(Page());
}
}
else //session obselete : more than 1 day
{
HttpContext.Session.SetString("username", UserName);
HttpContext.Session.SetString("email", User.EmailAdd);
HttpContext.Session.SetString("sessionID", SessionID);
//Delete record and create a new login
var selectCmd2 = connection.CreateCommand();
selectCmd2.CommandText = @"DELETE FROM UserSession WHERE Username=$userName";
selectCmd2.Parameters.AddWithValue("$userName", UserName);
selectCmd2.Prepare();
selectCmd2.ExecuteNonQuery();
//saving the session to Db
var selectCmd3 = connection.CreateCommand();
selectCmd3.CommandText = @"INSERT INTO UserSession (Username, SessionID, DateTime) VALUES ($username, $sessionID, $dateTime)";
selectCmd3.Parameters.AddWithValue("$username", UserName);
selectCmd3.Parameters.AddWithValue("$sessionID", SessionID);
selectCmd3.Parameters.AddWithValue("$dateTime", dateTime);
selectCmd3.Prepare();
selectCmd3.ExecuteNonQuery();
return(RedirectToPage("/UserLoggedIn/SuccessLogin"));
}
}
else if (SessionCheck[1] == SessionID)
{
Msg = "Multilple login on the same browser is not allowed";
Console.WriteLine(Msg);
return(Page());
}
else // if user does not have any session
{
HttpContext.Session.SetString("username", UserName);
HttpContext.Session.SetString("email", User.EmailAdd);
HttpContext.Session.SetString("sessionID", SessionID);
Console.WriteLine("This is executed");
//saving the session to Db
var selectCmd3 = connection.CreateCommand();
selectCmd3.CommandText = @"INSERT INTO UserSession (Username, SessionID, DateTime) VALUES ($username, $sessionID, $dateTime)";
selectCmd3.Parameters.AddWithValue("$username", UserName);
selectCmd3.Parameters.AddWithValue("$sessionID", SessionID);
selectCmd3.Parameters.AddWithValue("$dateTime", dateTime);
selectCmd3.Prepare();
selectCmd3.ExecuteNonQuery();
//UserName = HttpContext.Session.Id; //set the variable as session ID to allow multiple session in 1 browser
//User.EmailAdd = HttpContext.Session.Id;
return(RedirectToPage("/UserLoggedIn/SuccessLogin"));
}
}
else
{
Msg = "Incorrect ID and PWD!";
return(Page());
}
}
public IActionResult OnPost()
{
/*
* //This if statement to check the form is valid -> [Required] fields.
* if (!ModelState.IsValid)
* {
* return Page();
* }
*/
if (string.IsNullOrEmpty(AdminUser.StaffNo) || string.IsNullOrEmpty(AdminUser.AdminPassword))
{
Msg = "Please input Staff No and Password";
return(Page());
}
else
{
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect();
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT AdminPassword FROM AdminUser WHERE StaffNo=$StaffNo";
selectCmd.Parameters.AddWithValue("$StaffNo", AdminUser.StaffNo);
var reader = selectCmd.ExecuteReader();
var Pwd = "";
while (reader.Read())
{
Pwd = reader.GetString(0);
}
Console.WriteLine(Pwd);
if (AdminUser.AdminPassword.Equals(Pwd))
{
selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT FirstName FROM AdminUser WHERE StaffNo=$StaffNo";
selectCmd.Parameters.AddWithValue("$StaffNo", AdminUser.StaffNo);
var reader2 = selectCmd.ExecuteReader();
while (reader2.Read())
{
UserName = reader2.GetString(0);
}
//HttpContext.Session.SetString("username", JsonSerializer.Serialize(UserName));
HttpContext.Session.SetString("username", UserName);
SessionID = HttpContext.Session.Id;
HttpContext.Session.SetString("sessionID", SessionID);
//HttpContext.Response.Cookies.Append("username", UserName);
Console.WriteLine("Session ID : " + SessionID);
return(RedirectToPage("/AdminPage/Index"));
}
else
{
Msg = "Incorrect ID and PWD!";
return(Page());
}
}
}
public async Task <IActionResult> OnPostAsync()
{
Console.WriteLine("Registering Module");
for (int i = 0; i < ModRecords.Count(); i++)
{
if (IsSelect[i] == true)
{
Console.WriteLine(ModRecords[i].ModName);
GetRegMod.Add(ModRecords[i]);
}
}
Console.WriteLine("Registered Module/s : " + GetRegMod.Count());
var connectionStringBuilder = new SqliteConnectionStringBuilder();
DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
string dbStringConnection = DBCon.DBStringConnection();
connectionStringBuilder.DataSource = dbStringConnection;
var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);
connection.Open();
var selectCmd = connection.CreateCommand();
selectCmd.CommandText = @"SELECT ModCode FROM RegisteredModule WHERE StudenEmail=$email";
Console.WriteLine("Email : " + UserEmail);
selectCmd.Parameters.AddWithValue("$email", UserEmail);
var reader = selectCmd.ExecuteReader();
List <string> CheckModuleCode = new List <string>(); //a variable use be assigned for the CodeModule registered found
while (reader.Read())
{
CheckModuleCode.Add(reader.GetString(0));
}
Console.WriteLine("No of module found : " + CheckModuleCode.Count);
connection.Open();
DateTime dd = DateTime.Now;
string date = dd.ToString("dd/MM/yyyy");
if (CheckModuleCode.Count == 0)
{
for (int i = 0; i < GetRegMod.Count; i++)
{
var selectCmd2 = connection.CreateCommand();
selectCmd2.CommandText = @"INSERT INTO RegisteredModule (StudenEmail, ModCode, Date) VALUES ($email, $MCode, $Date)";
Console.WriteLine("Email : " + UserEmail);
Console.WriteLine("Mod Code : " + GetRegMod[i].ModCode);
Console.WriteLine("Date : " + date);
selectCmd2.Parameters.AddWithValue("$email", UserEmail);
selectCmd2.Parameters.AddWithValue("$MCode", GetRegMod[i].ModCode);
selectCmd2.Parameters.AddWithValue("$Date", date);
selectCmd2.Prepare();
selectCmd2.ExecuteNonQuery();
Console.WriteLine("A record saved");
}
}
else //some modules already registered. Only new modules will be registered
{
for (int i = 0; i < GetRegMod.Count; i++)
{
bool valid = true;
for (int j = 0; j < CheckModuleCode.Count; j++)
{
if (GetRegMod[i].ModCode == CheckModuleCode[j])
{
valid = false;
Console.WriteLine("Registered module found!" + CheckModuleCode[j]);
}
}
if (valid == true)
{
var selectCmd2 = connection.CreateCommand();
selectCmd2.CommandText = @"INSERT INTO RegisteredModule (StudenEmail, ModCode, Date) VALUES ($email, $MCode, $Date)";
Console.WriteLine("Email : " + UserEmail);
Console.WriteLine("Mod Code : " + GetRegMod[i].ModCode);
Console.WriteLine("Date : " + date);
selectCmd2.Parameters.AddWithValue("$email", UserEmail);
selectCmd2.Parameters.AddWithValue("$MCode", GetRegMod[i].ModCode);
selectCmd2.Parameters.AddWithValue("$Date", date);
selectCmd2.Prepare();
selectCmd2.ExecuteNonQuery();
Console.WriteLine("A record saved");
}
}
}
connection.Close();
return(RedirectToPage("/UserModules/ViewRegisteredModule", GetRegMod));
}