public ActionResult Add([Bind(Include = "student_ID,GrantDescription,GrantValue,DateOfIssue,KuhaFunds,grant_type_id")] StudentVoucher studentVoucher) { StudentRegistrationsModel db = new StudentRegistrationsModel(); //lets make sure student exists if (this.studentExists(studentVoucher.student_ID) == false) { ModelState.AddModelError("Student_ID", "Student ID Does Not Exist"); //return View(StudentRegistration); } //check the required grant requirements have been meet GrantType GrantType = db.GrantTypes.Find(studentVoucher.grant_type_id); if (GrantType.grant_description == true && (String.IsNullOrEmpty(studentVoucher.GrantDescription))) ModelState.AddModelError("GrantDescription", "Grant description must contain details it is required"); if (GrantType.grant_value == true && studentVoucher.GrantValue <= 0) ModelState.AddModelError("GrantValue", "GrantValue needs to be greater than 0"); if (ModelState.IsValid) { db.StudentVouchers.Add(studentVoucher); db.SaveChanges(); return RedirectToAction("Index"); } //pass back our data ViewBag.grant_type_id = db.GrantTypes; ViewBag.student_ID = (studentVoucher.student_ID != null) ? studentVoucher.student_ID : String.Empty; return View(studentVoucher); }
public bool GetUserRoles(string username, string access_level) { if (username == null || access_level == null) return false; //get users roles try { StudentRegistrationsModel db = new StudentRegistrationsModel(); var adminRoles = from theAdmin in db.Administrators where theAdmin.Email == username //join theRoles in db.Roles on theAdmin.UserId equals theRoles.UserId join theAdminRoles in db.RoleTypes on theAdmin.role_type_id equals theAdminRoles.role_type_id select new { role_name = theAdminRoles.role_name }; foreach (var role in adminRoles){ if (role.role_name == access_level) return true; } return false; } catch (Exception e) { return false; } }
public ActionResult Create([Bind(Include = "Student_ID,FirstName,LastName,Gender,DOB,Address1,Accomodition_Type,Phone,Mobile,Email,Marital_Status,Contact,Main_Ethnicity,id_faculty,id_courses,Detailed_Ethnicity,id_campus")] StudentRegistration studentRegistration) { StudentRegistrationsModel db = new StudentRegistrationsModel(); //error checking goes here //lets make sure we don't already have this Student_ID if (this.studentExists(studentRegistration.Student_ID)) { ModelState.AddModelError("Student_ID", "Student ID Already Exists"); //return View(StudentRegistration); } if (studentRegistration.Student_ID == null || studentRegistration.Student_ID.ToString().Trim() == String.Empty) { ModelState.AddModelError("Student_ID", "Can not be blank or empty"); //return View(StudentRegistration); } if (ModelState.IsValid) { //administrator.UserType = "Admin"; // db.Administrators.Add(administrator); db.StudentRegistrations.Add(studentRegistration); db.SaveChanges(); /* try { // Could also be before try if you know the exception occurs in SaveChanges } catch (DbEntityValidationException e) { foreach (var eve in e.EntityValidationErrors) { System.Diagnostics.Debug.WriteLine("Entity of type \"{0}\" in state \"{1}\" has the following validation errors:", eve.Entry.Entity.GetType().Name, eve.Entry.State); foreach (var ve in eve.ValidationErrors) { System.Diagnostics.Debug.WriteLine("- Property: \"{0}\", Value: \"{1}\", Error: \"{2}\"", ve.PropertyName, eve.Entry.CurrentValues.GetValue<object>(ve.PropertyName), ve.ErrorMessage); } } throw; } */ return RedirectToAction("Index"); } ViewBag.id_courses = new SelectList(db.Courses, "id_courses", "course_name"); ViewBag.id_faculty = new SelectList(db.Faculties, "id_faculty", "faculty_name"); ViewBag.id_campus = new SelectList(db.Campus, "id_campus", "campus_name"); return View(studentRegistration); }
//StudentRegistration/Create public ActionResult Create() { StudentRegistrationsModel db = new StudentRegistrationsModel(); ViewBag.id_courses = new SelectList(String.Empty, "id_courses", "course_name"); ViewBag.id_faculty = new SelectList(db.Faculties, "id_faculty", "faculty_name"); ViewBag.id_campus = new SelectList(db.Campus, "id_campus", "campus_name"); return View(); }
public ActionResult Add() { StudentRegistrationsModel db = new StudentRegistrationsModel(); Administrator theAdmins = new Administrator(); //theAdmins = db.Administrators(); //var role_list = db.RoleTypes; //var model = new Administrator(); //model.Roles = new SelectList(db.RoleTypes, "role_type_id", "role_name"); ViewBag.role_type_id = new SelectList(db.RoleTypes, "role_type_id", "role_description"); ViewBag.password_match = String.Empty; return View(theAdmins); }
public ActionResult Add(Administrator newAdmin) { StudentRegistrationsModel db = new StudentRegistrationsModel(); //newAdmin.Roles = Request.Form["admin_roles"]; ViewBag.role_type_id = new SelectList(db.RoleTypes, "role_type_id", "role_description"); //ViewBag.Roles = Request.Form["admin_roles"]; ViewBag.password_match = Request.Form["password_match"]; //check for unique email address //if (ModelState.ContainsKey("Roles")) // ModelState["Roles"].Errors.Clear(); if (db.Administrators.Any(m => m.Email.ToLower() == newAdmin.Email.ToLower())) { ModelState.AddModelError("Email", "Admin email already exists!"); } //check password match if (newAdmin.Password != Request.Form["password_match"]) { //clear the viewbag password so they re-type ViewBag.password_match = String.Empty; ModelState.AddModelError("Password", "Passwords don't match"); } //check mobile phone number if added if (!ModelState.IsValid) { return View(newAdmin); } //PasswordHashing passwordHash = new PasswordHashing(); newAdmin.Password = PasswordHashing.Encrypt(newAdmin.Password); //add the admin db.Administrators.Add(newAdmin); db.SaveChanges(); //we will now have admin id if saved //int theAdmin_id = newAdmin.UserId; //check roles that need to be added //store roles into a string array //this.addRoles(newAdmin, Request.Form["roles"]); return RedirectToAction("Admins"); }
// GET: StudentVouchers/Add public ActionResult Add(String id) { StudentRegistrationsModel db = new StudentRegistrationsModel(); StudentVoucher studentVoucher = new StudentVoucher(); //voucher.GrantType = db.GrantTypes.ToList(); //parsing to the view //ViewBag.GrantType = Helpers.Helpers.GrantTypes(); ViewBag.grant_type_id = db.GrantTypes; // new SelectList(db.GrantTypes, "grant_type_id", "grant_name"); //ViewBag.grant_type_id = new SelectList(db.GrantTypes, "grant_type_id", "grant_name"); ViewBag.student_ID = (id != null) ? id : String.Empty; studentVoucher.grant_type_id = 0; return View(studentVoucher); }
public ActionResult byStudentID(string id) { StudentRegistrationsModel db = new StudentRegistrationsModel(); if (id == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } var theVouchers = (from a in db.StudentVouchers where a.student_ID == id select a.id_student_vouchers ).FirstOrDefault(); if (theVouchers == null) return RedirectToAction("Error", new { message = "Invalid student details." }); //var other_grants = db.StudentVouchers.Where(a => a.student_ID == studentVoucher.student_ID); //studentVoucher.student_ID return RedirectToAction("Details", new { id = theVouchers }); }
/// <summary> /// IsValid checks a email and password against the database /// @todo encrypt or salt password /// </summary> /// <param name="AdministratorLogin">by ref pass AdministratorLogin details</param> /// <returns>returns true or false</returns> private bool IsValid(ref AdministratorLogin administrator) { StudentRegistrationsModel db = new StudentRegistrationsModel(); bool IsValid = false; string admin_email = administrator.Email; //grab the user var user = db.Administrators.FirstOrDefault(theUser => theUser.Email == admin_email); if (user != null) { if (PasswordHashing.passwordValid(administrator.Password, user.Password)) { //account is valid we need to update our admin account with the ID administrator.UserId = user.UserId; IsValid = true; } } return IsValid; }
public ActionResult Edit([Bind(Include = "UserId,Email,Password,FirstName,LastName,mobile,role_type_id")] Administrator administrator) { StudentRegistrationsModel db = new StudentRegistrationsModel(); if (ModelState.IsValid) { db.Entry(administrator).State = EntityState.Modified; db.SaveChanges(); return RedirectToAction("Admins"); } ViewBag.role_type_id = new SelectList(db.RoleTypes, "role_type_id", "role_name", administrator.role_type_id); return View(administrator); }
public ActionResult Edit(int? id) { StudentRegistrationsModel db = new StudentRegistrationsModel(); if (id == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } Administrator administrator = db.Administrators.Find(id); if (administrator == null) { return HttpNotFound(); } ViewBag.role_type_id = new SelectList(db.RoleTypes, "role_type_id", "role_name", administrator.role_type_id); return View(administrator); }
public ActionResult Details(int? id) { StudentRegistrationsModel db = new StudentRegistrationsModel(); if (id == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } Administrator administrator = db.Administrators.Find(id); if (administrator == null) { return HttpNotFound(); } return View(administrator); }
public ActionResult DeleteConfirmed(int id) { StudentRegistrationsModel db = new StudentRegistrationsModel(); Administrator administrator = db.Administrators.Find(id); db.Administrators.Remove(administrator); db.SaveChanges(); return RedirectToAction("Admins"); }
public ActionResult ChangePassword(AdministratorLogin theAdmin) { StudentRegistrationsModel db = new StudentRegistrationsModel(); //passing back from session so no injection of userID or email can happen we also need to clear the model state and re-validate ModelState.Clear(); theAdmin.Email = this.AdminSession().Email; theAdmin.UserId = this.AdminSession().UserId; TryValidateModel(theAdmin); //ModelState.Clear(); //check password match if (theAdmin.Password != Request.Form["password_match"]) { //clear the viewbag password so they re-type ViewBag.password_match = String.Empty; ModelState.AddModelError("Password", "Passwords don't match"); } if (!ModelState.IsValid) { foreach (ModelState modelState in ViewData.ModelState.Values) { foreach (ModelError error in modelState.Errors) { Console.Write(error); } } return View(theAdmin); } //grab the current admin session and update password //process the update AdministratorLogin thisUser = this.AdminSession(); var change = (from a in db.Administrators where a.UserId == thisUser.UserId select a).SingleOrDefault(); //rehash password change.Password = PasswordHashing.Encrypt(theAdmin.Password); //clean up from recovery if (Session["AdministratorRecovery"] != null) { Session.Remove("AdministratorRecovery"); //remove any recovery options that are set var recovery = (from b in db.Recoveries where b.UserId == change.UserId select b); foreach (var entry in recovery) db.Recoveries.Remove(entry); } db.Entry(change).State = EntityState.Modified; db.SaveChanges(); return RedirectToAction("Index"); }
/// <summary> /// Checks if a student exists /// </summary> /// <param name="theStudentID">ID Of student</param> /// <returns>true or false if exists</returns> public bool studentExists(string theStudentID) { StudentRegistrationsModel db = new StudentRegistrationsModel(); //lets make sure we don't already have this Student_ID .Any(). will return a boolean if the entity was found return (db.StudentRegistrations.Any(m => m.Student_ID.ToLower() == theStudentID.ToLower())); }
// GET: StudentVouchers/Details/5 //_student_vouchers public ActionResult StudentVouchersAll(string id) { StudentRegistrationsModel db = new StudentRegistrationsModel(); IEnumerable<StudentVoucher> studentVouchers = db.StudentVouchers.Where(a => a.student_ID == id).ToList(); if (studentVouchers == null) return RedirectToAction("Error", new { message = "Invalid student details." }); return View(studentVouchers); }
public JsonResult getCourses(string faculty) { StudentRegistrationsModel db = new StudentRegistrationsModel(); int faculty_id = -1; //lets convert to int int.TryParse(faculty, out faculty_id); //if someone modified our ajax request call :) if (String.IsNullOrEmpty(faculty) || faculty_id == 0) return Json("Error wrong data passed!", JsonRequestBehavior.AllowGet); //Get list of courses for a faculty var result = ( from course in db.Courses where course.id_faculty == faculty_id select new { id_course = course.id_courses, course_name = course.course_name } ); /* var result = db.Courses.Where(x => x.id_faculty == faculty).Select(x => new { id_course = x.id_courses, course_name = x.course_name }); */ return Json(result, JsonRequestBehavior.AllowGet); }
//StudentRegistration/Edit /// <summary> /// Allowes editing of a StudentRegistration /// </summary> /// <param name="id">Student ID</param> /// <returns>View</returns> public ActionResult Edit(String id) { StudentRegistrationsModel db = new StudentRegistrationsModel(); //if id == return //StudentRegistration theStudent = (StudentRegistration)db.StudentRegistrations.Where(m => m.Student_ID == id); StudentRegistration theStudent = db.StudentRegistrations.Find(id); ViewBag.id_courses = new SelectList(db.Courses, "id_courses", "course_name"); ViewBag.id_faculty = new SelectList(db.Faculties, "id_faculty", "faculty_name"); ViewBag.id_campus = new SelectList(db.Campus, "id_campus", "campus_name"); return View(theStudent); }
public ActionResult Code(String recovery_key) { if (String.IsNullOrEmpty(recovery_key)) { return Json(new { success = false, message = "Please eter a recovery key" }, JsonRequestBehavior.AllowGet); } StudentRegistrationsModel db = new StudentRegistrationsModel(); /*var theAdmin = (from a in db.Administrators join b in db.Recoveries on a.UserId equals b.UserId where b.recovery_key == theRecoverCodey select a).SingleOrDefault();*/ var theAdmin = (from a in db.Recoveries where a.recovery_key == recovery_key join b in db.Administrators on a.UserId equals b.UserId //where b.recovery_key == theRecoverCodey select a).SingleOrDefault(); if (theAdmin == null) { return Json(new { success = false, message = "Incorrect Recovery KEY Details" }, JsonRequestBehavior.AllowGet); } else { //set session the sesion Session["AdministratorRecovery"] = (Recovery)theAdmin; return Json(new { success = true, message = "<b>Success</b> Redirecting you now...", url = "/Administrators/ChangePassword" }, JsonRequestBehavior.AllowGet); } //secure to only pass some details in session }
public override bool IsUserInRole(string username, string roleName) { using (var db = new StudentRegistrationsModel()) { var adminRoles = from theAdmin in db.Administrators where theAdmin.Email == username join theRoles in db.RoleTypes on theAdmin.role_type_id equals theRoles.role_type_id //join theAdminRoles in db.RoleTypes on theRoles.role_type_id equals theAdminRoles.role_type_id where theRoles.role_name == roleName select theAdmin; return (adminRoles != null) ? true : false; } }
public override string[] GetRolesForUser(string username) { using (var db = new StudentRegistrationsModel()) { var user = db.Administrators.FirstOrDefault(u => u.Email.Equals(username, StringComparison.CurrentCultureIgnoreCase)); var adminRoles = from theAdmin in db.Administrators where theAdmin.Email == username join theRoles in db.RoleTypes on theAdmin.role_type_id equals theRoles.role_type_id //join theAdminRoles in db.RoleTypes on theRoles.role_type_id equals theAdminRoles.role_type_id select theRoles.role_name; return adminRoles.ToArray(); } }
public JsonResult studentSearch(string query) { //search for a student by name or id & last name if (String.IsNullOrWhiteSpace(query)) { return Json("", JsonRequestBehavior.AllowGet); } StudentRegistrationsModel db = new StudentRegistrationsModel(); var result = from student in db.StudentRegistrations where student.Student_ID.StartsWith(query) || student.FirstName.Contains(query) || student.LastName.Contains(query) select new { student_id = student.Student_ID, student_name = student.FirstName + " " + student.LastName }; //only show 10 results max return Json(result.Take(10), JsonRequestBehavior.AllowGet); }
/// <summary> /// Sends the recovery code to the user via email or sms /// </summary> /// <param name="theRecovery">Recovery details</param> /// <returns>JSON if has passed Recovery checks</returns> public JsonResult sendRecoveryCode(Recovery theRecovery) { //session has been removed if (Session["AdministratorRecovery"] == null) { return Json(new { success = false, message = "Invalid Session please refresh the browser" }, JsonRequestBehavior.AllowGet); } Recovery sessRecovery = (Recovery)Session["AdministratorRecovery"]; theRecovery.Administrator.FirstName = sessRecovery.Administrator.FirstName; theRecovery.Administrator.Password = sessRecovery.Administrator.Password; theRecovery.UserId = sessRecovery.Administrator.UserId; //ModelState.Clear(); StudentRegistrationsModel db = new StudentRegistrationsModel(); if (theRecovery.recovery_option == "email") { RecoveryComms theComms = new RecoveryComms(); if (theComms.sendEmail(ref sessRecovery) == true) { //success lets tell the user and save var email = sessRecovery.Administrator.Email; sessRecovery.Administrator = null; db.Recoveries.Add(sessRecovery); db.SaveChanges(); return Json(new { success = true, message = String.Format("<b>Great!</b>, we have emailed you your recovery code to <b>{0}</b>", email) }, JsonRequestBehavior.AllowGet); } else { return Json(new { success = false, message = "Something bad happend" }, JsonRequestBehavior.AllowGet); } } //requesting for recovery code if (theRecovery.recovery_option == "mobile") { string attemptGuess = theRecovery.Administrator.mobile; //int.TryParse(theRecovery.Administrator.mobile,out guessNumber); string correctAttempt = new String(sessRecovery.Administrator.mobile. Where(x => Char.IsDigit(x)).Reverse().Take(4).Reverse().ToArray()); //success here if correct number if (theRecovery.Administrator.mobile == correctAttempt) { //passover the correct mobile details RecoveryComms theComms = new RecoveryComms(); if (theComms.sendSMS(ref sessRecovery) == true) { var mobile_number = sessRecovery.Administrator.mobile; sessRecovery.Administrator = null; db.Recoveries.Add(sessRecovery); db.SaveChanges(); return Json(new { success = true, message = String.Format("<b>Great!</b>, we have sent you a TEXT message with your recovery code to <b>{0}</b>", mobile_number) }, JsonRequestBehavior.AllowGet); } else { return Json(new { success = false, message = "Something bad happend" }, JsonRequestBehavior.AllowGet); } } else { return Json(new { success = false, message = "Failed incorrect last digits" }, JsonRequestBehavior.AllowGet); } } return Json("", JsonRequestBehavior.AllowGet); }
// GET: StudentVouchers/Delete/5 public ActionResult Delete(int id) { StudentRegistrationsModel db = new StudentRegistrationsModel(); if (id == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } StudentVoucher studentVoucher = db.StudentVouchers.Find(id); if (studentVoucher == null) { return HttpNotFound(); } return View(studentVoucher); }
public ActionResult Edit(StudentRegistration theStudent) { StudentRegistrationsModel db = new StudentRegistrationsModel(); //if id == return //StudentRegistration theStudent = (StudentRegistration)db.StudentRegistrations.Where(m => m.Student_ID == id); ViewBag.id_courses = new SelectList(db.Courses, "id_courses", "course_name"); ViewBag.id_faculty = new SelectList(db.Faculties, "id_faculty", "faculty_name"); ViewBag.id_campus = new SelectList(db.Campus, "id_campus", "campus_name"); if (theStudent.Student_ID == null || theStudent.Student_ID.ToString().Trim() == String.Empty) { ModelState.AddModelError("Student_ID", "Can not be blank or empty"); //return View(StudentRegistration); } if (ModelState.IsValid) { //administrator.UserType = "Admin"; // db.Administrators.Add(administrator); db.Entry(theStudent).State = EntityState.Modified; db.SaveChanges(); return RedirectToAction("Index"); } return View(theStudent); }
/// <summary> /// Admin details returns back some of the details to the front end for the user to verify there account /// </summary> /// <param name="theRecovery"></param> /// <returns></returns> public JsonResult adminDetails(Recovery theRecovery) { StudentRegistrationsModel db = new StudentRegistrationsModel(); Administrator AdminAccount; List<string> skipKeys = new List<string>(); skipKeys.Add("Administrator.FirstName"); skipKeys.Add("Administrator.Password"); skipKeys.Add("recovery_key"); clearErrorStates(skipKeys); //only check if model state is okay if (ModelState.IsValid) { AdminAccount = (from a in db.Administrators where a.Email == theRecovery.Administrator.Email select a).FirstOrDefault(); if (AdminAccount == null) ModelState.AddModelError("Administrator.Email", "Account does not exist."); else theRecovery.Administrator = AdminAccount; } //dispose as no longer needed db.Dispose(); theRecovery.UserId = theRecovery.Administrator.UserId; //check the rest of the model state and send back the errors to client if (!ModelState.IsValid) { var errorList = ModelState.ToDictionary( kvp => kvp.Key, kvp => kvp.Value.Errors.Select(e => e.ErrorMessage).ToArray() ); return Json(new { success = false, errors = errorList }, JsonRequestBehavior.AllowGet); } Session["AdministratorRecovery"] = theRecovery; if (theRecovery.recovery_option == "mobile") { if (theRecovery.Administrator.mobile == null) { return Json(new { success = false, mobile_guess = "Sorry no mobile with this account please use email" }, JsonRequestBehavior.AllowGet); } string mobile = "Enter last 4 digits of this number " + theRecovery.Administrator.mobile.Remove(theRecovery.Administrator.mobile.Length - 4, 4) + "****"; return Json(new { success = true, mobile_guess = mobile }, JsonRequestBehavior.AllowGet); } return Json(new { success = true, message = "You can now request a reset a recovery code.." }, JsonRequestBehavior.AllowGet); //return sendRecoveryCode(theRecovery); }
// GET: StudentRegistration/List public ActionResult List() { StudentRegistrationsModel db = new StudentRegistrationsModel(); return View(db.StudentRegistrations.ToList()); }
public ActionResult Admins() { StudentRegistrationsModel db = new StudentRegistrationsModel(); return View(db.Administrators.ToList()); }
// [HttpPost] public ActionResult ChangePassword() { StudentRegistrationsModel db = new StudentRegistrationsModel(); //@important don't pass the administor model for modifying ONLY the AdministratorLogin model for security as this is public //check if we are coming from a recovery if (Session["AdministratorRecovery"] != null) { //remove any logged in session Session.Remove("AdministratorLogin"); Recovery theRecovery = (Recovery)Session["AdministratorRecovery"]; var theAdmin = (from a in db.Administrators join b in db.Recoveries on a.UserId equals b.UserId where b.recovery_key == theRecovery.recovery_key select a).SingleOrDefault(); //clear the password field theAdmin.Password = String.Empty; Session["AdministratorLogin"] = theAdmin.loginDetails(); return View(theAdmin.loginDetails()); } AdministratorLogin CurrentAdmin = this.AdminSession(); //check if we are logged in if (CurrentAdmin == null) { return RedirectToAction("Login"); } CurrentAdmin.Password = ""; return View(CurrentAdmin); }
// GET: StudentVouchers public ActionResult Index(string message) { StudentRegistrationsModel db = new StudentRegistrationsModel(); var studentVouchers = db.StudentVouchers.Include(s => s.StudentRegistration); ViewBag.message = message; return View(studentVouchers.ToList()); }