public ViewResult AdminList() { var results = new List <AdminRow>(); SqlConnection con; con = new SqlConnection(connectionString); SqlCommand command; con.Open(); string query = "SELECT firstname, lastname, email from dbo.account;"; command = new SqlCommand(query, con); SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { //We push information from the query into a row and onto the list of rows AdminRow row = new AdminRow { firstname = reader.GetString(0), lastname = reader.GetString(1), email = reader.GetString(2) }; results.Add(row); } reader.Close(); con.Close(); return(View("AdminList", results)); }
protected void MakeAdmin(object sender, EventArgs e) { try { bool success = false; foreach (GridViewRow AdminRow in gvAdmins.Rows) { CheckBox isAdminchk = AdminRow.FindControl("chkAdmin") as CheckBox; if (isAdminchk.Checked) { Label AdminUserID = AdminRow.FindControl("UserID") as Label; Label lblRollNo = AdminRow.FindControl("lblRollNo") as Label; UserGroupMapping objUserGroupMapping = new UserGroupMapping(); objUserGroupMapping.UserGroupID = GroupID; objUserGroupMapping.UserID = AdminUserID.Text; objUserGroupMapping.isAdmin = true; objUserGroupMapping.SerialNoForGroup = lblRollNo.Text; new UserController().DeleteUserGroupMapping(AdminUserID.Text, GroupID); string strMsg = new UserController().CreateUserGroupMapping(objUserGroupMapping); success = true; } } if (success == true) { General.ShowAlertMessage("Admin Mapped successfully!"); bindGvContacts(); } } catch (Exception ex) { ErrorMessage.Text = ex.Message; } }
public ActionResult newaccount(AdminRow acc) { SqlConnection con; con = new SqlConnection(connectionString); SqlCommand command; con.Open(); string query = "INSERT INTO account VALUES('" + acc.email + "','" + acc.pass + "','" + acc.firstname + "','" + acc.lastname + "','" + "NULL" + "')"; command = new SqlCommand(query, con); SqlDataReader reader = command.ExecuteReader(); reader.Close(); //add reader for potential database errors return(RedirectToAction("AdminList", "Account")); }
// [Authorize(Roles = "admin")] public IActionResult Delete(AdminRow acc) { SqlConnection con; con = new SqlConnection(connectionString); SqlCommand command; SqlDataAdapter adapter = new SqlDataAdapter(); con.Open(); string query = "DELETE from account WHERE email = ('" + acc.email + "')"; command = new SqlCommand(query, con); SqlDataReader reader = command.ExecuteReader(); reader.Close(); return(RedirectToAction("AdminList", "Account")); }