public List<string> ValidateUserEdit(EditUserInfoDTO info, out List<string> invalidIds)
{
var validationMessage = new List<string>();
var validationId = new List<string>();
if (string.IsNullOrEmpty(info.FirstName))
{
validationMessage.Add("First Name is empty.");
validationId.Add("Firstname");
}
if (string.IsNullOrEmpty(info.Surname))
{
validationMessage.Add("Surname is empty.");
validationId.Add("Surname");
}
if (string.IsNullOrEmpty(info.FirmName))
{
validationMessage.Add("Firmname is empty.");
validationId.Add("Firmname");
}
if (string.IsNullOrEmpty(info.Email))
{
validationMessage.Add("Email is empty.");
validationId.Add("Email");
}
else
{
var regex = new Regex(@"^([\w\.\-]+)@([\w\-]+)((\.(\w){2,3})+)$");
var match = regex.Match(info.Email);
if (!match.Success)
{
validationMessage.Add("Invalid email format.");
validationId.Add("Email");
}
}
invalidIds = validationId;
return validationMessage;
}
public static void UpdateUser(EditUserInfoDTO user)
{
using (var connection = new SqlConnection(GetConnection()))
{
const string sql = @"UPDATE [dbo].[users] SET Firstname=@f, Surname=@s, Firm=@fn, Email=@e WHERE [Id] = @id";
connection.Open();
var cmd = new SqlCommand(sql, connection);
cmd.Parameters.Add(new SqlParameter("@id", SqlDbType.NVarChar)).Value = user.UserId;
cmd.Parameters.Add(new SqlParameter("@f", SqlDbType.NVarChar)).Value = user.FirstName;
cmd.Parameters.Add(new SqlParameter("@s", SqlDbType.NVarChar)).Value = user.Surname;
cmd.Parameters.Add(new SqlParameter("@fn", SqlDbType.NVarChar)).Value = user.FirmName;
cmd.Parameters.Add(new SqlParameter("@e", SqlDbType.NVarChar)).Value = user.Email;
cmd.ExecuteNonQuery();
}
}
public ActionResult UpdateUserDetail(EditUserInfoDTO dto)
{
var validationIds = new List<string>();
var validationMessage = ValidateUserEdit(dto, out validationIds);
if (!validationMessage.Any())
{
UserManagement.UpdateUser(dto);
}
return Json(new
{
passed = !validationMessage.Any(),
validationIds,
validationMessage = string.Join("</br>", validationMessage)
});
}