public ActionResult EditUser(UsersData UserModel, Role RoleModel, Status_Entity StatusModel) { //Set username, rolename, status = from the view string Username = UserModel.Username; string Rolename = RoleModel.Role_Name; string Statusname = StatusModel.Status; //all fields have to be changed to edit a user if (Username == null || Rolename == null || Statusname == null) { return(RedirectToAction("Index", "Users_Management")); } else { //update the role and status of the user using (portaldatabaseEntities db = new portaldatabaseEntities()) { db.Database.ExecuteSqlCommand("update dbo.Accounts set RoleID = (select RoleID from dbo.Roles where" + " Roles.Role_Name = '" + Rolename + "'), StatusID = (select StatusID from dbo.Status where Status.Status = '" + Statusname + "')" + " where Accounts.Username = '******'"); } return(RedirectToAction("Index", "Users_Management")); } }
public ActionResult EditRole(LinksData LinkModel, Role RoleModel, Status_Entity StatusModel) { string URLname = LinkModel.URL; string Rolename = RoleModel.Role_Name; string Statusname = StatusModel.Status; //All fields have to be filled out to edit role if (URLname == null || Rolename == null || Statusname == null) { return(RedirectToAction("Index", "Links_Management")); } else { //updating the role for the link using (portaldatabaseEntities db = new portaldatabaseEntities()) { db.Database.ExecuteSqlCommand("update dbo.links set RoleID = (select RoleID from dbo.Roles where" + " Roles.Role_Name = '" + Rolename + "'), StatusID = (select StatusID from dbo.Status where Status.Status = '" + Statusname + "')" + " where links.URL = '" + URLname + "'"); } return(RedirectToAction("Index", "Links_Management")); } }