public ActionResult Create(User _user) { try { // TODO: Add insert logic here if (ModelState.IsValid) { string connectionString = Configuration["ConnectionStrings:DefaultConnection"]; using (SqlConnection connection = new SqlConnection(connectionString)) { int _selectedValueBank = _user.BankId; int _selectedValueBrnach = _user.BranchId; string _selectedValueUserType = _user.UserType; string _password = DataManipulationLayer.EncryptData(_user.Password); _user.CreatedBy = "Admin"; _user.CreatedDate = DateTime.Now; string sql = $"Insert Into tbl_UserInfo (FirstName, LastName, Email,ContactNo,BankId,BranchId,Usertype,Password,CreatedBy,CreatedDate) Values ('{_user.FirstName}', '{_user.LastName}','{_user.Email}','{_user.ContactNo}','{_user.BankId}','{_user.BranchId}','{_user.UserType}','{_password}','{_user.CreatedBy}','{_user.CreatedDate}')"; using (SqlCommand command = new SqlCommand(sql, connection)) { command.CommandType = CommandType.Text; connection.Open(); command.ExecuteNonQuery(); connection.Close(); } return(RedirectToAction("Index")); } } else { return(View()); } //return RedirectToAction(nameof(Index)); } catch (Exception ex) { throw ex; //return View(); } }
public IActionResult Login(LoginViewModel _login) { if (_login.Email != null && _login.Password != null) { // string _password = DataManipulationLayer.EncryptData(_login.Password); string connectionString = Configuration["ConnectionStrings:DefaultConnection"]; User _user = new User(); using (SqlConnection connection = new SqlConnection(connectionString)) { string sql = $"Select ui.Id,ui.FirstName,ui.LastName,ui.Email,ui.Usertype,ui.ContactNo,bi.Id BankId,bi.Name,br.Id BranchId, br.BranchTitle from tbl_UserInfo ui " + $"LEFT JOIN tbl_BankInfo bi on bi.Id=ui.BankId " + $"LEFT JOIN tbl_BranchInfo br on br.Id= ui.BranchId Where ui.Email='{_login.Email}' and ui.Password='******' "; SqlCommand command = new SqlCommand(sql, connection); connection.Open(); using (SqlDataReader dataReader = command.ExecuteReader()) { while (dataReader.Read()) { _user.Id = Convert.ToInt32(dataReader["Id"]); _user.FirstName = Convert.ToString(dataReader["FirstName"]); _user.LastName = Convert.ToString(dataReader["LastName"]); _user.Email = Convert.ToString(dataReader["Email"]); _user.ContactNo = Convert.ToString(dataReader["ContactNo"]); _user.BankName_VW = Convert.ToString(dataReader["Name"]); _user.BankId = Convert.ToInt16(dataReader["BankId"]); _user.BranchId = Convert.ToInt16(dataReader["BranchId"]); _user.BranchName_VW = Convert.ToString(dataReader["BranchTitle"]); string _userType = Convert.ToString(dataReader["Usertype"]); if (_userType == "1") { _user.UserType_VW = "Admin"; _user.UserType = _userType; } else { _user.UserType_VW = "Normal"; _user.UserType = _userType; } } } connection.Close(); } if (_user.Email != null) { //var myComplexObject = new MyClass(); HttpContext.Session.SetObjectAsJson("_userObj", _user); return(RedirectToAction("Index", "Home")); } else { ViewBag.error = "Invalid Account"; return(View()); } } else { ViewBag.error = "Invalid Account"; return(View()); } }