public static User GetUser(string username)
{
User user = null;
if (username != null)
{
try
{
using (OracleConnection connection = new OracleConnection(CONNECTION_STRING))
{
OracleCommand command = new OracleCommand();
command.CommandText = "SELECT password,customerId,securityQuestion,securityAnswer,email FROM Users WHERE username LIKE :username";
command.Parameters.Add(":username", OracleDbType.NVarchar2).Value = username;
command.Connection = connection;
connection.Open();
OracleDataReader reader = command.ExecuteReader();
while (reader.Read())
{
string password = reader["password"].ToString();
string customerId = reader["customerId"].ToString();
string securityQuestion = reader["securityQuestion"].ToString();
string securityAnswer = reader["securityAnswer"].ToString();
string email = reader["email"].ToString();
user = new User(username, password, customerId, securityQuestion, securityAnswer, email);
}
}
}
catch (Exception e)
{
user = null;
Logger.LogException(e);
}
}
return user;
}
protected void Page_Load(object sender, EventArgs e)
{
Response.Cache.SetExpires(DateTime.UtcNow.AddDays(-1));
Response.Cache.SetValidUntilExpires(false);
Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches);
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetNoStore();
if (Request.Form.Count != 0 && Request.Form["username"] != null && Request.Form["password"] != null)
{
User user = new Models.User(Request.Form["username"], Request.Form["password"]);
if (Models.User.IsRegistered(user))
{
user.LoadUserDetails();
Session.Add("customerId", user.CustomerId);
Response.Redirect("OrderStatus.aspx");
}
else
{
Response.Redirect("Index.aspx?tab=login&error=true");
}
}
else
Response.Redirect("Index.aspx");
}
protected void Page_Load(object sender, EventArgs e)
{
Response.Cache.SetExpires(DateTime.UtcNow.AddDays(-1));
Response.Cache.SetValidUntilExpires(false);
Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches);
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetNoStore();
if (Request.Form.Count != 0)
{
User user = new Models.User(Request.Form["username"], Request.Form["password"], Request.Form["customerId"], Request.Form["securityQuestion"], Request.Form["securityAnswer"], Request.Form["email"]);
if (Models.User.TryRegister(user))
{
Session.Add("customerId", user.CustomerId);
Response.Redirect("OrderStatus.aspx");
}
else
{
Response.Redirect("Index.aspx?tab=register&error=true");
}
}
else
Response.Redirect("Index.aspx");
}
public static void RegisterUser(User user)
{
if (user != null)
{
try
{
using (OracleConnection connection = new OracleConnection(CONNECTION_STRING))
{
OracleCommand command = new OracleCommand();
command.CommandText = "INSERT INTO Users VALUES(:username,:password,:customerId,:securityQuestion,:securityAnswer,:email)";
command.Parameters.Add(":username", OracleDbType.NVarchar2).Value = user.Username;
command.Parameters.Add(":password", OracleDbType.NVarchar2).Value = user.Password;
command.Parameters.Add(":customerId", OracleDbType.NVarchar2).Value = user.CustomerId;
command.Parameters.Add(":securityQuestion", OracleDbType.NVarchar2).Value = user.SecurityQuestion;
command.Parameters.Add(":securityAnswer", OracleDbType.NVarchar2).Value = user.SecurtiyAnswer;
command.Parameters.Add(":email", OracleDbType.NVarchar2).Value = user.EmailId;
command.Connection = connection;
connection.Open();
command.ExecuteNonQuery();
}
}
catch (Exception e)
{
Logger.LogException(e);
}
}
}
public static bool IsUserExists(User user)
{
bool exists = false;
if(user!= null)
{
try
{
using (OracleConnection connection = new OracleConnection(CONNECTION_STRING))
{
OracleCommand command = new OracleCommand();
command.CommandText = "SELECT COUNT(*) FROM Users WHERE username LIKE :username AND password LIKE :password";
command.Parameters.Add(":username", OracleDbType.NVarchar2).Value = user.Username;
command.Parameters.Add(":password", OracleDbType.NVarchar2).Value = user.Password;
command.Connection = connection;
connection.Open();
int count = Convert.ToInt32(command.ExecuteScalar());
if (count == 1)
exists= true;
else
exists= false;
}
}
catch (Exception e)
{
exists = false;
Logger.LogException(e);
}
}
return exists;
}
public static bool TryRegister(User user)
{
if(DataAccessHelper.IsUserNameAvailable(user.Username) && DataAccessHelper.IsCustomerIdAvailable(user.CustomerId))
{
if (ServiceJsonHelper.PullProfile(user.CustomerId) != null)
{
DataAccessHelper.RegisterUser(user);
return true;
}
else
return false;
}
else
{
return false;
}
}
public static bool IsRegistered(User user)
{
return DataAccessHelper.IsUserExists(user);
}
