private DBPOLLEntities db = new DBPOLLEntities(); // ADO.NET data Context.
#endregion Fields
#region Methods
public ActionResult Index()
{
if (Session["uid"] == null || Session["uid"].ToString().Equals(""))
{
return RedirectToAction("Logon", "Home");
}
if ((int)Session["user_type"] < User_Type.POLL_USER)
{
return RedirectToAction("Invalid", "Home");
}
if (Session["sysadmin"].ToString().Equals("true"))
{
return RedirectToAction("Invalid", "Home");
}
userModel user = new userModel();
if (Session["sysadmin"].Equals("false"))
{
var userDetails = user.get_details((int)Session["uid"]);
ViewData["Message"] = "Welcome " + userDetails.NAME;
ViewData["User"] = userDetails;
}
else
{
var userDetails = user.get_sys_admin_details((int)Session["uid"]);
ViewData["Message"] = "Welcome " + userDetails.NAME;
ViewData["User"] = userDetails;
}
//ViewData["sysadmin"] = Session["sysadmin"];
return View();
}
public ActionResult ChangePassword(string currentPassword, string newPassword, string confirmPassword)
{
// Basic check to see if the user is Authenticated.
if (Session["Created"] == null && (Session["uid"] == null || Session["uid"].ToString().Equals("")))
{
return RedirectToAction("Index", "Home");
}
int uid;
if (Session["uid"] == null)
uid = (int)Session["Created"];
else
uid = (int)Session["uid"];
//confirm passwords match
if (!newPassword.Equals(confirmPassword))
{
ViewData["confirmPassword"] = "******";
return View();
}
if (newPassword == null || newPassword.Equals(""))
{
ViewData["confirmPassword"] = "******";
return View();
}
else if (newPassword.Length > 64)
{
ViewData["confirmPassword"] = "******";
return View();
}
//confirm current password is correct
userModel user = new userModel();
var userDetails = user.get_details(uid);
string username = userDetails.USERNAME;
if (user.verify(username, currentPassword) == 0)
{
ViewData["currentPassword"] = "******";
return View();
}
//write new password to db
user.changePassword(uid, newPassword);
//let them see all the links now that they've changed their password
if (Session["Created"] != null)
{
Session["uid"] = Session["Created"];
Session["Created"] = null;
}
return View("ChangepasswordSuccess");
}
public ActionResult DeleteSuccess(int UserID)
{
if (Session["uid"] == null || Session["uid"].ToString().Equals(""))
{
return RedirectToAction("Index", "Home");
}
if (!Session["sysadmin"].ToString().Equals("true"))
{
return RedirectToAction("Invalid", "Home");
}
userModel q = new userModel(UserID);
q.deleteUser();
return View(new userModel().displayPollAdminUsers());
}
public ActionResult Logon(String username, String password)
{
userModel user = new userModel();
var authenticated = user.verify(username, password);
var type = user.getUserType(authenticated);
if (authenticated != 0)
{
user = user.getUser(authenticated);
if (user.Expires_At != new DateTime())
{
if (user.Expires_At.CompareTo(DateTime.Now) < 0)
{
ViewData["Message"] = "User account has expired";
return View();
}
}
Session["user_type"] = type;
Session["sysadmin"] = "false";
if (user.Reset_Password_Key != null && user.Reset_Password_Key.Equals("Created"))
{
Session["Created"] = authenticated;
return RedirectToAction("ChangePassword", "User");
}
Session["uid"] = authenticated;
return RedirectToAction("Index", "Home");
}
else
{
authenticated = user.verify_as_sys_admin(username, password);
if (authenticated != 0)
{
Session["uid"] = authenticated;
Session["user_type"] = type;
Session["sysadmin"] = "true";
return RedirectToAction("Index", "SysAdmin");
}
else
{
ViewData["Message"] = "Username or password was incorrect";
return View();
}
}
}
public ActionResult ResetPassword(string email)
{
int uid;
userModel user = new userModel();
// if (email == null || System.Text.RegularExpressions.Regex.IsMatch(email, @"^(?("")("".+?""@)|(([0-9a-zA-Z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=
// [0-9a-zA-Z])@))(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-zA-Z][-\w]*[0-9a-zA-Z]\.)+[a-zA-Z]{2,6}))$"))
// {
// ViewData["emailError"] = "Above field must contain a valid email address!";
// error = true;
// }
uid = user.verify(email);
if (uid == 0)
{
ViewData["outcome"] = "No account with this email address was found";
return View();
}
//generate new password
string newPassword = user.Password_Generator();
//store new password in db
user.changePassword(uid, newPassword);
//send new password in email
EmailController mail = new EmailController(email, newPassword, email);
string mailSuccess = mail.send();
if (!mailSuccess.Equals("Email sent successfully"))
{
ViewData["outcome"] = "An error occurred whilst trying to reset your password, please try again in a few moments or contact your System Administrator.";
}
else
ViewData["outcome"] = "Password successfully reset! Please check your email for your new password";
ViewData["emailError"] = mailSuccess;
return View();
}
private void buildSelectList()
{
int userType = (int)Session["user_type"];
userModel user = new userModel();
var userDetails = user.get_details((int)Session["uid"]);
ViewData["User"] = userDetails;
List<SelectListItem> ListItems = new List<SelectListItem>();
ListItems.Add(new SelectListItem
{
Text = "Poll User",
Value = "1"
});
if (userType > 2)
{
ListItems.Add(new SelectListItem
{
Text = "Poll Master",
Value = "2",
Selected = true
});
}
if (userType > 3)
{
ListItems.Add(new SelectListItem
{
Text = "Poll Creator",
Value = "3"
});
}
ViewData["USER_TYPE"] = ListItems;
}
public ActionResult RegisterUser(string email, string name, int user_type)
{
// Basic check to see if the user is Authenticated.
if (Session["uid"] == null || Session["uid"].ToString().Equals(""))
{
return RedirectToAction("Index", "Home");
}
if ((int)Session["user_type"] < User_Type.POLL_MASTER)
{
return RedirectToAction("Invalid", "Home");
}
bool errorspresent = false;
// VALIDATE FORM DATA!
if (name == null || name == "")
{
ViewData["nameError"] = "Above field must contain a name!";
errorspresent = true;
}
else if (name.Length > 64)
{
ViewData["nameError"] = "Name is too long, maximum length allowed is 64 characters";
errorspresent = true;
}
//if (email == null || System.Text.RegularExpressions.Regex.IsMatch(email, @"^(?("")("".+?""@)|(([0-9a-zA-Z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=
// [0-9a-zA-Z])@))(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-zA-Z][-\w]*[0-9a-zA-Z]\.)+[a-zA-Z]{2,6}))$"))
if (email == null || !Regex.IsMatch(email, @"^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", RegexOptions.IgnoreCase))
{
ViewData["emailError"] = "Above field must contain a valid email address!";
errorspresent = true;
}
else if (email.Length > 64)
{
ViewData["emailError"] = "Email address is too long, maximum length allowed is 64 characters";
errorspresent = true;
}
if (errorspresent)
{
buildSelectList();
return View();
}
userModel user = new userModel();
// Get the ID for a new user
int UserID = user.getNewID();
string password = user.Password_Generator();
DateTime expiry_Date = DateTime.Now.AddYears(10);
// Create the user
if (!user.createUser(UserID, user_type, password, name, email, (int)Session["uid"]))
{
ViewData["Message"] = "A user account with this email address already exists";
buildSelectList();
return View();
}
// Send Email to new user
EmailController mail = new EmailController(email, password, email);
string mailSuccess = mail.send();
if (!mailSuccess.Equals("Email sent successfully"))
{
throw new Exception(mailSuccess);
}
return RedirectToAction("RegisterUserSuccess", "User");
}
public ActionResult Edit(int UserID, string name, string email)
{
if (Session["uid"] == null || Session["uid"].ToString().Equals(""))
{
return RedirectToAction("Index", "Home");
}
if ((int)Session["user_type"] < User_Type.POLL_USER)
{
return RedirectToAction("Invalid", "Home");
}
CultureInfo ci = Thread.CurrentThread.CurrentCulture;
ci = new CultureInfo("en-AU");
bool errorspresent = false;
if (name == null || name == "")
{
ViewData["nameError"] = "Above field must contain a name!";
errorspresent = true;
}
if (email == null || !Regex.IsMatch(email, @"^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", RegexOptions.IgnoreCase))
{
ViewData["emailError"] = "Above field must contain a valid email address!";
errorspresent = true;
}
if (errorspresent)
{
return View(new userModel().getUser(UserID));
}
try
{
userModel u = new userModel();
u.updateUser(UserID, name, email);
ViewData["edited"] = "Details successfully changed";
return View(new userModel().getUser(UserID));
}
catch (Exception e)
{
ViewData["edited"] = "!ERROR: " + e.Message;
return View(new userModel().getUser(UserID));
}
}
public ActionResult Edit(int UserID, string expiry, string name, string email)
{
if (Session["uid"] == null || Session["uid"].ToString().Equals(""))
{
return RedirectToAction("Index", "Home");
}
if (!Session["sysadmin"].ToString().Equals("true"))
{
return RedirectToAction("Invalid", "Home");
}
CultureInfo ci = Thread.CurrentThread.CurrentCulture;
ci = new CultureInfo("en-AU");
bool errorspresent = false;
int expInt = 0;
if (name == null || name == "")
{
ViewData["nameError"] = "Above field must contain a name!";
errorspresent = true;
}
if (email == null || !Regex.IsMatch(email, @"^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", RegexOptions.IgnoreCase))
{
ViewData["emailError"] = "Above field must contain a valid email address!";
errorspresent = true;
}
if (expiry == null || expiry == "")
expInt = 12;
else if (!System.Text.RegularExpressions.Regex.IsMatch(expiry, @"^\d+$"))
{
ViewData["expiryError"] = "Expiry date must be a whole non-negative number";
errorspresent = true;
}
else
{
try
{
//converts user num into string
expInt = int.Parse(expiry);
}
catch (Exception e)
{
//Not an int. do not insert and throw view error to user.
ViewData["expiryError"] = "!ERROR: " + e.Message;
errorspresent = true;
}
}
if (errorspresent)
{
return View(new userModel().getUser(UserID));
}
try
{
DateTime expiry_Date = DateTime.Now.AddMonths(expInt);
userModel u = new userModel();
u.updateUser(UserID, expiry_Date, name, email);
ViewData["edited"] = "Details successfully changed";
return View(new userModel().getUser(UserID));
}
catch(Exception e)
{
ViewData["edited"] = "!ERROR: " + e.Message;
return View(new userModel().getUser(UserID));
}
}
public ActionResult RegisterUser(String name, String email, string expiry)
{
// Basic check to see if the user is Authenticated.
if (Session["uid"] == null || Session["uid"].ToString().Equals(""))
{
return RedirectToAction("Index", "Home");
}
if (!Session["sysadmin"].ToString().Equals("true"))
{
return RedirectToAction("Invalid", "Home");
}
bool errorspresent = false;
int SysAdmin_ID = (int)Session["uid"];
// Allows insertion of Australian formatted dates
CultureInfo ci = Thread.CurrentThread.CurrentCulture;
ci = new CultureInfo("en-AU");
int expInt = 0;
//returns the max question ID in the questions table
int UserID = new userModel().getNewID();
// VALIDATE FORM DATA!
if (name == null || name == "")
{
ViewData["nameError"] = "Above field must contain a name!";
errorspresent = true;
}
if (email == null || !Regex.IsMatch(email, @"^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", RegexOptions.IgnoreCase))
{
ViewData["emailError"] = "Above field must contain a valid email address!";
errorspresent = true;
}
if (expiry == null || expiry == "")
expInt = 12;
else if (!System.Text.RegularExpressions.Regex.IsMatch(expiry, @"^\d+$"))
{
ViewData["expiryError"] = "Expiry date must be a whole non-negative number";
errorspresent = true;
}
else
{
try
{
//converts user num into string
expInt = int.Parse(expiry);
}
catch (Exception e)
{
//Not an int. do not insert and throw view error to user.
ViewData["expiryError"] = "!ERROR: " + e.Message;
errorspresent = true;
}
}
if (errorspresent)
{
return View();
}
try
{
userModel user = new userModel();
DateTime expiry_Date = DateTime.Now.AddMonths(expInt);
string password = user.Password_Generator();
//Build question (Autoid, short answer type = 1, question text from form, date, pollid from poll it is created it
user.createUser(UserID, 4, password, name, email, expiry_Date, SysAdmin_ID);
EmailController mail = new EmailController(email, password, email);
string mailSuccess = mail.send();
if (!mailSuccess.Equals("Email sent successfully"))
{
throw new Exception(mailSuccess);
}
return RedirectToAction("RegisterUserSuccess", "SysAdmin");
}
catch (Exception e)
{
ViewData["error1"] = "!ERROR: " + e.Message;
return View();
}
}
private void buildSelectList()
{
userModel userModel = new userModel();
List<userModel> userList = userModel.getUserList();
List<SelectListItem> ListItems = new List<SelectListItem>();
foreach (userModel user in userList)
{
ListItems.Add(new SelectListItem
{
Text = user.name,
Value = user.UserID.ToString(),
});
}
ViewData["USER_LIST"] = ListItems;
}
public ActionResult AssignPollCreator(int pollid, int[] selectedObjects, String pollname)
{
if (Session["uid"] == null || Session["uid"].ToString().Equals(""))
{
return RedirectToAction("Index", "Home");
}
if ((int)Session["user_type"] < User_Type.POLL_CREATOR)
{
return RedirectToAction("Invalid", "Home");
}
String errorString = "";
new pollModel().assignPoll(pollid, selectedObjects);
Assign_PollMasters pollMasters = new Assign_PollMasters();
pollMasters.assigned = new userModel().displayAssignedUsers(pollid, User_Type.POLL_CREATOR);
pollMasters.unassigned = new userModel().displayUnassignedUsers(pollid, User_Type.POLL_CREATOR);
foreach (int id in selectedObjects)
{
userModel u = new userModel();
u = u.getUser(id);
EmailController mail = new EmailController(pollname, u.username);
string mailSuccess = mail.send1();
if (!mailSuccess.Equals("Email sent successfully"))
{
errorString += u.username + "\n";
//throw new Exception(mailSuccess);
}
}
if(errorString.Length != 0)
ViewData["emailError"] = "Could not send email to following Users: \n" + errorString;
ViewData["pollid"] = pollid;
ViewData["pollname"] = pollname;
return View(pollMasters);
}
