public ActionResult Edit(UserData user, FormCollection collection)
{
try
{
string UserId = user.UserId;
string EmailId = user.EmailId;
string Password = user.Password;
string FirstName = user.FirstName;
string LastName = user.LastName;
string BillingAddress = user.BillingAddress;
string ShippingAddress = user.ShippingAddress;
long CardNumber = user.CardNumber;
string CardType = user.CardType;
DateTime CardExpiryDate = user.CardExpiryDate;
long PhoneNumber = user.PhoneNumber;
LetsShopImplementation.UpdateUser(user);
return RedirectToAction("Index");
}
catch
{
return View();
}
}
//_______________________________________________________________________
/// <summary>
/// This method is used by a registered user to update his information (such as default shipping address, card no. etc).
/// </summary>
/// <param name="ud"></param>
/// <returns></returns>
public static string UpdateUser(UserData ud)
{
try
{
Database _db = EnterpriseLibraryContainer.Current.GetInstance<Database>("LetsShopConnString");
DbCommand CmdObj = _db.GetStoredProcCommand("UpdateUser");
_db.AddInParameter(CmdObj, "@UserId", DbType.String, ud.UserId);
_db.AddInParameter(CmdObj, "@EmailId", DbType.String, ud.EmailId);
_db.AddInParameter(CmdObj, "@Password", DbType.String, ud.Password);
_db.AddInParameter(CmdObj, "@FirstName", DbType.String, ud.FirstName);
_db.AddInParameter(CmdObj, "@LastName", DbType.String, ud.LastName);
_db.AddInParameter(CmdObj, "@SecurityQuestion", DbType.String, ud.SecurityQuestion);
_db.AddInParameter(CmdObj, "@SecurityAnswer", DbType.String, ud.SecurityAnswer);
_db.AddInParameter(CmdObj, "@BillingAddress", DbType.String, ud.BillingAddress);
_db.AddInParameter(CmdObj, "@ShippingAddress", DbType.String, ud.ShippingAddress);
_db.AddInParameter(CmdObj, "@CardNumber", DbType.Int64, ud.CardNumber);
_db.AddInParameter(CmdObj, "@CardType", DbType.String, ud.CardType);
_db.AddInParameter(CmdObj, "@CardExpiryDate", DbType.DateTime, ud.CardExpiryDate);
_db.AddInParameter(CmdObj, "@PhoneNumber", DbType.Int64, ud.PhoneNumber);
_db.AddOutParameter(CmdObj, "@strMessage", DbType.String, 255);
_db.ExecuteNonQuery(CmdObj);
return _db.GetParameterValue(CmdObj, "@strMessage").ToString();
}
catch (Exception ex)
{
bool rethrow = ExceptionPolicy.HandleException(ex, "Database Policy");
if (rethrow) throw;
string result = " Error in updating user.";
return result;
}
}
//_____________________________________________________________________
/// <summary>
/// This method is used during login by a security answer, when a user forgets his/her password.
/// </summary>
/// <param name="UserIds"></param>
/// <param name="SecurityAnswer"></param>
/// <returns></returns>
public static UserCredentials LoginAfterForgotPassword(string UserIds, string SecurityAnswer)
{
UserData userdata = new UserData();
string SecurityQuestion = userdata.SecurityQuestion;
Database _db = EnterpriseLibraryContainer.Current.GetInstance<Database>("LetsShopConnString");
DbCommand cmdObj = _db.GetStoredProcCommand("LoginAfterForgotPassword");
_db.AddInParameter(cmdObj, "@UserId", DbType.String, UserIds);
_db.AddInParameter(cmdObj, "@SecurityQuestion", DbType.String, SecurityQuestion);
_db.AddInParameter(cmdObj, "@SecurityAnswer", DbType.String, SecurityAnswer);
_db.AddOutParameter(cmdObj, "@strMessage", DbType.String, 255);
_db.ExecuteNonQuery(cmdObj);
string result = _db.GetParameterValue(cmdObj, "@strMessage").ToString();
UserCredentials use1 = new UserCredentials();
use1.UserId = UserIds;
use1.Password = result;
return use1;
}
//_____________________________________________________________________
/// <summary>
/// This method gets the details of the logged user in order to display it in his account summary page.
/// </summary>
/// <param name="UserId"></param>
/// <returns></returns>
public static UserData GetUserDetailsByUserName2(string UserId)
{
var user = new UserData();
Database _db = EnterpriseLibraryContainer.Current.GetInstance<Database>("LetsShopConnString");
DbCommand cmdObj = _db.GetStoredProcCommand("GetUserByUsername2");
_db.AddInParameter(cmdObj, "@UserId", DbType.String, UserId);
_db.AddOutParameter(cmdObj, "@strMessage", DbType.String, 255);
using (IDataReader dataReader = _db.ExecuteReader(cmdObj))
{
while (dataReader.Read())
{
user.CustomerId = dataReader["CustomerId"].ToString();
user.UserId = dataReader["UserId"].ToString();
user.EmailId = dataReader["EmailId"].ToString();
user.Password = dataReader["Password"].ToString();
user.SecurityQuestion = dataReader["SecurityQuestion"].ToString();
user.FirstName = dataReader["FirstName"].ToString();
user.LastName = dataReader["LastName"].ToString();
user.BillingAddress = dataReader["BillingAddress"].ToString();
user.ShippingAddress = dataReader["ShippingAddress"].ToString();
long cardNumber;
long.TryParse(dataReader["CardNumber"].ToString(), out cardNumber);
user.CardNumber = cardNumber;
user.CardType = dataReader["CardType"].ToString();
DateTime cardExpiry;
DateTime.TryParse(dataReader["CardExpiryDate"].ToString(), out cardExpiry);
user.CardExpiryDate = cardExpiry;
long phoneNo;
long.TryParse(dataReader["PhoneNumber"].ToString(), out phoneNo);
user.PhoneNumber = phoneNo;
}
return user;
}
}
//_____________________________________________________________________
/// <summary>
/// An administrator uses this method to keep a track on all the users registered with the website.
/// </summary>
/// <returns></returns>
public static List<UserData> GetAllUsers()
{
var userslist = new List<UserData>();
Database _db = EnterpriseLibraryContainer.Current.GetInstance<Database>("LetsShopConnString");
DbCommand cmdObj = _db.GetStoredProcCommand("GetUsers");
using (IDataReader dataReader = _db.ExecuteReader(cmdObj))
{
while (dataReader.Read())
{
var user = new UserData();
user.CustomerId = dataReader["CustomerId"].ToString();
user.UserId = dataReader["UserId"].ToString();
user.EmailId = dataReader["EmailId"].ToString();
user.FirstName = dataReader["FirstName"].ToString();
user.LastName = dataReader["LastName"].ToString();
user.BillingAddress = dataReader["BillingAddress"].ToString();
user.ShippingAddress = dataReader["ShippingAddress"].ToString();
long cardNumber;
long.TryParse(dataReader["CardNumber"].ToString(),out cardNumber);
user.CardNumber = cardNumber;
user.CardType = dataReader["CardType"].ToString();
DateTime cardExpiry;
DateTime.TryParse(dataReader["CardExpiryDate"].ToString(), out cardExpiry);
user.CardExpiryDate = cardExpiry;
long phoneNo;
long.TryParse(dataReader["PhoneNumber"].ToString(), out phoneNo);
user.PhoneNumber = phoneNo;
userslist.Add(user);
}
return userslist;
}
}
public ActionResult SignUp(UserData UserData, FormCollection collection)
{
try
{
string FirstName = UserData.FirstName;
string LastName = UserData.LastName;
string UserId = UserData.UserId;
string Password = UserData.Password;
string BillingAddress = UserData.BillingAddress;
string ShippingAddress = UserData.ShippingAddress;
double CardNumber = UserData.CardNumber;
string CardType = UserData.CardType;
DateTime CardExpiryDate = UserData.CardExpiryDate;
double PhoneNumber = UserData.PhoneNumber;
string EmailId = UserData.EmailId;
ViewBag.SignUpMessage = LetsShopImplementation.CreateUser(UserId, Password, EmailId);
return View();
}
catch(Exception ex)
{
bool rethrow = ExceptionPolicy.HandleException(ex, "UI Policy");
if (rethrow) throw;
return RedirectToAction("ErrorPage", "Product");
}
}
public ActionResult SecurityQuestion(UserData userdata, FormCollection fc1)
{
UserCredentials usercr = new UserCredentials();
usercr = LetsShopImplementation.LoginAfterForgotPassword(userdata.UserId, userdata.SecurityAnswer);
if (usercr.Password == "")
{
ViewBag.message = "Security answer does not match";
return View(LetsShopImplementation.ForgotPassword(userdata.UserId));
}
else
{
Login(usercr, fc1);
return RedirectToAction("Index", "Home");
}
}
//______________________________________________________________________________________
/// <summary>
/// This method is used by a registered user to update his information (such as default shipping address, card no. etc).
/// </summary>
/// <param name="ud"></param>
/// <returns></returns>
public static string UpdateUser(UserData ud)
{
return DataProvider.UpdateUser(ud);
}