public IActionResult RegisterEmployee(EmployeeCreateModel employee) { if (ModelState.IsValid) { string salt = PasswordHashingLogic.GenerateSalt(); string PasswordHash = PasswordHashingLogic.GeneratePasswordHash(employee.Password, salt); string uniqueFileName = null; if (employee.ProfilePicture != null) { string uploadsFolder = Path.Combine(_hostingEnvironment.WebRootPath, "img", "ProfilePictures"); uniqueFileName = Guid.NewGuid().ToString() + "_" + employee.ProfilePicture.FileName; string filePath = Path.Combine(uploadsFolder, uniqueFileName); employee.ProfilePicture.CopyTo(new FileStream(filePath, FileMode.Create)); } EmployeeProcessor.CreateEmployee( employee.Firstname, employee.Prefix, employee.Lastname, employee.City, employee.Postalcode, employee.Address, uniqueFileName, employee.Email, employee.Phone, salt, PasswordHash, employee.Profession, employee.Role.ToString() ); return(RedirectToAction("ViewEmployees", "Employee")); } return(View()); }
public static void UpdateEmployee(string city, string postalcode, string address, string email, string phone, string profession, string password, int user_Id) { var passwordHash = GetUserById(user_Id).PasswordHash; if (password != null) { var salt = GetUserById(user_Id).Salt; passwordHash = PasswordHashingLogic.GeneratePasswordHash(password, salt); } EmployeeDataModel data = new EmployeeDataModel { Address = address, City = city, Email = email, PasswordHash = passwordHash, PostalCode = postalcode, Phone = phone, Profession = profession, }; string sql = $"Update employee set city = '{city}', postalCode = '{postalcode}', address = '{address}', email = '{email}', phone = '{phone}', profession = '{profession}', passwordHash = '{passwordHash}' WHERE id = '{user_Id}';"; SQLDataAccess.SaveData(sql, data); }