public ActionResult CreateUser([Bind(Exclude = "uniqueUserId")] UserInfo ui) { SetRolesForViewBag(); SetTypeOfActionWithRequestForm("Create"); if (!ModelState.IsValid) //Checks if input fields have the correct format { return(View(ui)); //Returns the view with the input values so that the user doesn't have to retype again } else { try { string decryptedPassword = CustomEncrypt.Encrypt(ui.userPwd); if (CheckIfSuchUserAlreadyExistsInDatabase(ui.userId, false) == true) { ModelState.AddModelError("userId", "Username must be unique"); return(View(ui)); } else { string uniqueEightDigitNumber = GenerateUniqueValues.ReturnUniqueEightDigitNumber(); string connectionStringCommon = CommonManager.ReturnNeededConnectionStringForCommonDatabase(); string sqlToCreateUser = @"INSERT INTO tblUser (userId, userPwd, userEmployer, userUniqueDatabaseId, ifRemoved) VALUES (@userId, @userPwd, @userEmployer, @userUniqueDatabaseId, @ifRemoved)"; using (SqlConnection conn = new SqlConnection(connectionStringCommon)) { conn.Open(); SqlCommand cmdToCreateUser = new SqlCommand(sqlToCreateUser, conn); cmdToCreateUser.Parameters.AddWithValue("@userId", ui.userId); cmdToCreateUser.Parameters.AddWithValue("@userPwd", decryptedPassword); cmdToCreateUser.Parameters.AddWithValue("@userEmployer", GetCurrentClaimValues.GetCurrentUserEmployer()); cmdToCreateUser.Parameters.AddWithValue("@userUniqueDatabaseId", uniqueEightDigitNumber); cmdToCreateUser.Parameters.AddWithValue("@ifRemoved", 0); cmdToCreateUser.ExecuteNonQuery(); } string connectionStringHotel = CommonManager.ReturnNeededConnectionStringForHotel(); string sqlToCreateInfoAboutUser = @"INSERT INTO tblUserInformation (userFullName, userType, userId, userUniqueDatabaseId, userEmail, userPhoneNumber, ifRemoved) VALUES (@userFullName, @userType, @userId, @userUniqueDatabaseId, @userEmail, @userPhoneNumber, @ifRemoved)"; using (SqlConnection conn = new SqlConnection(connectionStringHotel)) { conn.Open(); SqlCommand cmdToCreateMainUser = new SqlCommand(sqlToCreateInfoAboutUser, conn); cmdToCreateMainUser.Parameters.AddWithValue("@userId", ui.userId); cmdToCreateMainUser.Parameters.AddWithValue("@userFullName", ui.userFullName); cmdToCreateMainUser.Parameters.AddWithValue("@userType", ui.userType); cmdToCreateMainUser.Parameters.AddWithValue("@userUniqueDatabaseId", uniqueEightDigitNumber); cmdToCreateMainUser.Parameters.AddWithValue("@userEmail", ui.userEmail); cmdToCreateMainUser.Parameters.AddWithValue("@userPhoneNumber", ui.userPhoneNumber); cmdToCreateMainUser.Parameters.AddWithValue("@ifRemoved", 0); cmdToCreateMainUser.ExecuteNonQuery(); if (ui.userType == "Driver") { string sqlDriverAvailability = @"INSERT INTO tblDriverAvailability VALUES (@driverUniqueId, @driverAvailability)"; SqlCommand cmdToCreateDriverAvailability = new SqlCommand(sqlDriverAvailability, conn); cmdToCreateDriverAvailability.Parameters.AddWithValue("@driverUniqueId", uniqueEightDigitNumber); cmdToCreateDriverAvailability.Parameters.AddWithValue("@driverAvailability", true); cmdToCreateDriverAvailability.ExecuteNonQuery(); } } return(RedirectToAction("Index")); } } catch (Exception ex) { //Console.WriteLine(ex); return(HttpNotFound("Something went wrong. Please, contact the administration")); } } }
public static string ReturnNeededConnectionStringForHotel() { return(ConfigurationManager.ConnectionStrings[CommonPaths.RerurnConnectionString() + GetCurrentClaimValues.GetCurrentUserEmployer()].ConnectionString); }