public int CreateClientUser(ClientUser user)
{
int ret = 0;
using (connect = new MySqlConnection(_connectionString))
{
connect.Open();
using (MySqlTransaction transaction = connect.BeginTransaction())
{
try
{
string query = "NewClientUser";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("AccountID", user.AccountID);
cmd.Parameters.AddWithValue("pName", user.Name);
cmd.Parameters.AddWithValue("pUsername", user.AccountID);
cmd.Parameters.AddWithValue("pPwd", user.Name);
ret = int.Parse(cmd.ExecuteScalar().ToString());
transaction.Commit();
connect.Close();
}
catch (InvalidOperationException ioException)
{
transaction.Rollback();
connect.Close();
}
}
}
return ret;
}
public void ChangePassword(ClientUser u, String password)
{
using (connect = new MySqlConnection(_connectionString))
{
connect.Open();
using (MySqlTransaction transaction = connect.BeginTransaction())
{
try
{
string query = "ChangeClientPassword";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("pUID", u.Username);
cmd.Parameters.AddWithValue("pPwd", password);
cmd.ExecuteNonQuery();
transaction.Commit();
connect.Close();
}
catch (InvalidOperationException ioException)
{
transaction.Rollback();
connect.Close();
}
}
}
}
// Creates a new client user
public ActionResult CreateClient()
{
// Ensures logged in
if (Session["loggedInState"] == null)
{
return Redirect("/403.html");
}
// Checks if logged in
bool state = (bool)Session["loggedInState"];
if (state == true)
{
// Establishes models
ClientUserModel cModel = new ClientUserModel();
// Establishes handlers
AccountHandler accHand = new AccountHandler();
AddressHandler addHand = new AddressHandler();
BankHandler banHand = new BankHandler();
ContactHandler conHand = new ContactHandler();
CustomerHandler cusHand = new CustomerHandler();
// Extract for account details
int accountType = int.Parse(Request.Form["accountTypes"]);
// Extract for bank details
String sortCode = Request.Form["sortCode"];
int accountNumber = int.Parse(Request.Form["accountNumber"]);
// Extract for client details
String username = Request.Form["username"];
String password = Request.Form["password1"];
String name = Request.Form["clientName"];
// Extract contact details
String forename = Request.Form["contactForename"];
String surname = Request.Form["contactSurname"];
String position = Request.Form["contactPosition"];
String phoneNumber = Request.Form["contactPhone"];
// Extract bank address details
//String blineOne = Request.Form["bankL1"];
//String blineTwo = Request.Form["bankL2"]; ;
//String blineThree = Request.Form["bankL3"];
//String blineFour = Request.Form["bankL4"];
//String blineFive = Request.Form["bankL5"];
//String bcState = Request.Form["bankState"];
//String bcounty = Request.Form["bankCounty"];
//String bcountry = Request.Form["bankCountry"];
//String bpostalCode = Request.Form["bankPostalCode"];
// Extract for customer details
String compName = Request.Form["clientName"];
// Extract customer address details
String clineOne = Request.Form["address1"];
String clineTwo = Request.Form["address2"]; ;
String clineThree = Request.Form["address3"];
String clineFour = Request.Form["address4"];
String clineFive = Request.Form["address5"];
String ccState = Request.Form["state"];
String ccounty = Request.Form["county"];
String ccountry = Request.Form["country"];
String cpostalCode = Request.Form["postcode"];
// Creates objects for user
//int bankAddressID = addHand.create(blineOne, blineTwo, blineThree, blineFour, blineFive, bcState,
// bcounty, bcountry, bpostalCode);
int custAddressID = addHand.create(clineOne, clineTwo, clineThree, clineFour, clineFive, ccState,
ccounty, ccountry, cpostalCode);
int bankID = banHand.create(sortCode, accountNumber);
int contactID = conHand.create(forename, surname, position, phoneNumber);
int customerID = cusHand.create(compName, custAddressID);
int accountID = accHand.create(accountType, bankID, customerID, contactID);
// Holds new objects
ClientUser newClient = new ClientUser();
// Acquires needed Account ID
newClient.Username = username;
// Stored details for the customer
newClient.Name = name;
newClient.Username = username;
newClient.Password = password;
newClient.AccountID = accountID;
// Creates the customer
int clientID = cModel.CreateClientUser(newClient);
// Return created department to view
return Redirect("/Index/adminIndex");
}
else
{
// If not logged in
return Redirect("/login.html");
}
}
public ClientUser SearchClientUser(ClientUser user)
{
return SearchClientUser(user.UserID);
}
// The main method to get a user account.
public ClientUser SearchClientUser(int ID)
{
var user = new ClientUser();
using (connect = new MySqlConnection(_connectionString))
{
try
{
string query = "GetClientUser";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("PUID", ID);
connect.Open();
var reader = cmd.ExecuteReader();
while (reader.Read())
{
user.UserID = int.Parse(reader["UID"].ToString());
user.AccountID = int.Parse(reader["Account_ID"].ToString());
user.Name = reader["Name"].ToString();
user.Username = reader["Username"].ToString();
}
connect.Close();
}
catch (InvalidOperationException ioException)
{
connect.Close();
}
return user;
}
}
public LoggedIn Login(ClientUser u)
{
var l = new LoggedIn();
using (connect = new MySqlConnection(_connectionString))
{
try
{
string query = "ClientLoggingIn";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("UsersName", u.Username);
cmd.Parameters.AddWithValue("UserPass", u.Password);
connect.Open();
var reader = cmd.ExecuteReader();
while (reader.Read())
{
l.State = reader["login"].Equals(1);
l.UserID = (int)reader["UID"];
l.AccountID = int.Parse(reader["Account_ID"].ToString());
}
connect.Close();
}
catch (InvalidOperationException ioException)
{
connect.Close();
}
}
return l;
}
public List<ClientUser> ListAccounts()
{
var userList = new List<ClientUser>();
using (connect = new MySqlConnection(_connectionString))
{
try
{
string query = "ListClientUser";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
connect.Open();
var reader = cmd.ExecuteReader();
while (reader.Read())
{
var user = new ClientUser();
user.UserID = int.Parse(reader["UID "].ToString());
user.AccountID = int.Parse(reader["Account_ID"].ToString());
user.Name = reader["Name"].ToString();
user.Username = reader["Username"].ToString();
userList.Add(user);
}
connect.Close();
}
catch (InvalidOperationException ioException)
{
connect.Close();
}
return userList;
}
}
public void EditClientUser(ClientUser user)
{
using (connect = new MySqlConnection(_connectionString))
{
connect.Open();
using (MySqlTransaction transaction = connect.BeginTransaction())
{
try
{
string query = "EditClientUser";
var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };
cmd.Parameters.AddWithValue("PUID", user.UserID);
cmd.Parameters.AddWithValue("AccountID", user.AccountID);
cmd.Parameters.AddWithValue("pName", user.Name);
cmd.Parameters.AddWithValue("pUsername", user.AccountID);
cmd.Parameters.AddWithValue("PPWD", user.Name);
cmd.ExecuteNonQuery();
transaction.Commit();
connect.Close();
}
catch (InvalidOperationException ioException)
{
transaction.Rollback();
connect.Close();
}
}
}
}
public ActionResult loginpost()
{
LoginModel loginModel = new LoginModel();
ClientUserModel clientmModel = new ClientUserModel();
// To store login details
String username;
String password;
// Acquire login details from front-end
username = Request.Form[0];
password = Request.Form[1];
// Composes object
User thisUser = new User();
thisUser.username = username;
thisUser.password = password;
ClientUser client = new ClientUser();
client.Username = username;
client.Password = password;
// get Account Type / Access levels from Database
LoggedIn logState;
logState = loginModel.Login(thisUser);
if (logState.State)
{
Session["loggedInState"] = logState.State;
Session["username"] = thisUser.username;
Session["userID"] = logState.UserID;
Session["Type"] = "Employee";
}
else
{
logState = clientmModel.Login(client);
Session["loggedInState"] = logState.State;
Session["username"] = client.Username;
Session["userID"] = logState.UserID;
Session["Type"] = "Client";
}
// Sets the Session variables
// Acquire type of user from Ryan
// Redirect based on user:
// Admin (Staff)
// User (Client)
// variable to store the path to redirect to
String pageToDirectTo = "/index.html";
try {
bool state = (bool)Session["loggedInState"];
if (state == true)
{
if (Session["Type"].ToString() == "Employee")
{
pageToDirectTo = "/Index/";
if (logState.AccessLevel.Equals("Admin"))
{
pageToDirectTo = "/Index/adminIndex";
}
}
else
{
pageToDirectTo = "/Index/clientIndex"; // doesn't work
}
}
else
{
pageToDirectTo = "/login.html";
}
}catch(Exception e){
pageToDirectTo = "/403.html";
}
// redirect the user to the relevant page
return Redirect(pageToDirectTo);
}
