public int CreateClientUser(ClientUser user) { int ret = 0; using (connect = new MySqlConnection(_connectionString)) { connect.Open(); using (MySqlTransaction transaction = connect.BeginTransaction()) { try { string query = "NewClientUser"; var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure }; cmd.Parameters.AddWithValue("AccountID", user.AccountID); cmd.Parameters.AddWithValue("pName", user.Name); cmd.Parameters.AddWithValue("pUsername", user.AccountID); cmd.Parameters.AddWithValue("pPwd", user.Name); ret = int.Parse(cmd.ExecuteScalar().ToString()); transaction.Commit(); connect.Close(); } catch (InvalidOperationException ioException) { transaction.Rollback(); connect.Close(); } } } return ret; }
public void ChangePassword(ClientUser u, String password) { using (connect = new MySqlConnection(_connectionString)) { connect.Open(); using (MySqlTransaction transaction = connect.BeginTransaction()) { try { string query = "ChangeClientPassword"; var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure }; cmd.Parameters.AddWithValue("pUID", u.Username); cmd.Parameters.AddWithValue("pPwd", password); cmd.ExecuteNonQuery(); transaction.Commit(); connect.Close(); } catch (InvalidOperationException ioException) { transaction.Rollback(); connect.Close(); } } } }
// Creates a new client user public ActionResult CreateClient() { // Ensures logged in if (Session["loggedInState"] == null) { return Redirect("/403.html"); } // Checks if logged in bool state = (bool)Session["loggedInState"]; if (state == true) { // Establishes models ClientUserModel cModel = new ClientUserModel(); // Establishes handlers AccountHandler accHand = new AccountHandler(); AddressHandler addHand = new AddressHandler(); BankHandler banHand = new BankHandler(); ContactHandler conHand = new ContactHandler(); CustomerHandler cusHand = new CustomerHandler(); // Extract for account details int accountType = int.Parse(Request.Form["accountTypes"]); // Extract for bank details String sortCode = Request.Form["sortCode"]; int accountNumber = int.Parse(Request.Form["accountNumber"]); // Extract for client details String username = Request.Form["username"]; String password = Request.Form["password1"]; String name = Request.Form["clientName"]; // Extract contact details String forename = Request.Form["contactForename"]; String surname = Request.Form["contactSurname"]; String position = Request.Form["contactPosition"]; String phoneNumber = Request.Form["contactPhone"]; // Extract bank address details //String blineOne = Request.Form["bankL1"]; //String blineTwo = Request.Form["bankL2"]; ; //String blineThree = Request.Form["bankL3"]; //String blineFour = Request.Form["bankL4"]; //String blineFive = Request.Form["bankL5"]; //String bcState = Request.Form["bankState"]; //String bcounty = Request.Form["bankCounty"]; //String bcountry = Request.Form["bankCountry"]; //String bpostalCode = Request.Form["bankPostalCode"]; // Extract for customer details String compName = Request.Form["clientName"]; // Extract customer address details String clineOne = Request.Form["address1"]; String clineTwo = Request.Form["address2"]; ; String clineThree = Request.Form["address3"]; String clineFour = Request.Form["address4"]; String clineFive = Request.Form["address5"]; String ccState = Request.Form["state"]; String ccounty = Request.Form["county"]; String ccountry = Request.Form["country"]; String cpostalCode = Request.Form["postcode"]; // Creates objects for user //int bankAddressID = addHand.create(blineOne, blineTwo, blineThree, blineFour, blineFive, bcState, // bcounty, bcountry, bpostalCode); int custAddressID = addHand.create(clineOne, clineTwo, clineThree, clineFour, clineFive, ccState, ccounty, ccountry, cpostalCode); int bankID = banHand.create(sortCode, accountNumber); int contactID = conHand.create(forename, surname, position, phoneNumber); int customerID = cusHand.create(compName, custAddressID); int accountID = accHand.create(accountType, bankID, customerID, contactID); // Holds new objects ClientUser newClient = new ClientUser(); // Acquires needed Account ID newClient.Username = username; // Stored details for the customer newClient.Name = name; newClient.Username = username; newClient.Password = password; newClient.AccountID = accountID; // Creates the customer int clientID = cModel.CreateClientUser(newClient); // Return created department to view return Redirect("/Index/adminIndex"); } else { // If not logged in return Redirect("/login.html"); } }
public ClientUser SearchClientUser(ClientUser user) { return SearchClientUser(user.UserID); }
// The main method to get a user account. public ClientUser SearchClientUser(int ID) { var user = new ClientUser(); using (connect = new MySqlConnection(_connectionString)) { try { string query = "GetClientUser"; var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure }; cmd.Parameters.AddWithValue("PUID", ID); connect.Open(); var reader = cmd.ExecuteReader(); while (reader.Read()) { user.UserID = int.Parse(reader["UID"].ToString()); user.AccountID = int.Parse(reader["Account_ID"].ToString()); user.Name = reader["Name"].ToString(); user.Username = reader["Username"].ToString(); } connect.Close(); } catch (InvalidOperationException ioException) { connect.Close(); } return user; } }
public LoggedIn Login(ClientUser u) { var l = new LoggedIn(); using (connect = new MySqlConnection(_connectionString)) { try { string query = "ClientLoggingIn"; var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure }; cmd.Parameters.AddWithValue("UsersName", u.Username); cmd.Parameters.AddWithValue("UserPass", u.Password); connect.Open(); var reader = cmd.ExecuteReader(); while (reader.Read()) { l.State = reader["login"].Equals(1); l.UserID = (int)reader["UID"]; l.AccountID = int.Parse(reader["Account_ID"].ToString()); } connect.Close(); } catch (InvalidOperationException ioException) { connect.Close(); } } return l; }
public List<ClientUser> ListAccounts() { var userList = new List<ClientUser>(); using (connect = new MySqlConnection(_connectionString)) { try { string query = "ListClientUser"; var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure }; connect.Open(); var reader = cmd.ExecuteReader(); while (reader.Read()) { var user = new ClientUser(); user.UserID = int.Parse(reader["UID "].ToString()); user.AccountID = int.Parse(reader["Account_ID"].ToString()); user.Name = reader["Name"].ToString(); user.Username = reader["Username"].ToString(); userList.Add(user); } connect.Close(); } catch (InvalidOperationException ioException) { connect.Close(); } return userList; } }
public void EditClientUser(ClientUser user) { using (connect = new MySqlConnection(_connectionString)) { connect.Open(); using (MySqlTransaction transaction = connect.BeginTransaction()) { try { string query = "EditClientUser"; var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure }; cmd.Parameters.AddWithValue("PUID", user.UserID); cmd.Parameters.AddWithValue("AccountID", user.AccountID); cmd.Parameters.AddWithValue("pName", user.Name); cmd.Parameters.AddWithValue("pUsername", user.AccountID); cmd.Parameters.AddWithValue("PPWD", user.Name); cmd.ExecuteNonQuery(); transaction.Commit(); connect.Close(); } catch (InvalidOperationException ioException) { transaction.Rollback(); connect.Close(); } } } }
public ActionResult loginpost() { LoginModel loginModel = new LoginModel(); ClientUserModel clientmModel = new ClientUserModel(); // To store login details String username; String password; // Acquire login details from front-end username = Request.Form[0]; password = Request.Form[1]; // Composes object User thisUser = new User(); thisUser.username = username; thisUser.password = password; ClientUser client = new ClientUser(); client.Username = username; client.Password = password; // get Account Type / Access levels from Database LoggedIn logState; logState = loginModel.Login(thisUser); if (logState.State) { Session["loggedInState"] = logState.State; Session["username"] = thisUser.username; Session["userID"] = logState.UserID; Session["Type"] = "Employee"; } else { logState = clientmModel.Login(client); Session["loggedInState"] = logState.State; Session["username"] = client.Username; Session["userID"] = logState.UserID; Session["Type"] = "Client"; } // Sets the Session variables // Acquire type of user from Ryan // Redirect based on user: // Admin (Staff) // User (Client) // variable to store the path to redirect to String pageToDirectTo = "/index.html"; try { bool state = (bool)Session["loggedInState"]; if (state == true) { if (Session["Type"].ToString() == "Employee") { pageToDirectTo = "/Index/"; if (logState.AccessLevel.Equals("Admin")) { pageToDirectTo = "/Index/adminIndex"; } } else { pageToDirectTo = "/Index/clientIndex"; // doesn't work } } else { pageToDirectTo = "/login.html"; } }catch(Exception e){ pageToDirectTo = "/403.html"; } // redirect the user to the relevant page return Redirect(pageToDirectTo); }