public IActionResult CreateAccount(Address address, ContactDetails contactDetails, Account account, string confirmPassword) { //this checks if the if (account.Password == null || account.Username == null || account.Name == null || account.DOB == null || address.Postcode == null || address.Postcode == null || address.Region == null || address.StreetName == null || address.StreetNumber.ToString() == null || (contactDetails.Email == null && ((contactDetails.HomePhone == null) || (contactDetails.MobilePhone == null) || (contactDetails.WorkPhone == null)))) { if (account.Password == null) { TempData["password"] = "******"; } if (confirmPassword == null) { TempData["password"] = "******"; } if (account.Username == null) { TempData["Username"] = "******"; } if (contactDetails.Email == null && ((contactDetails.HomePhone == null) || (contactDetails.MobilePhone == null) || (contactDetails.WorkPhone == null))) { TempData["ContactDetails"] = "Either email or phone number must be entered into the relevant areas"; } string error = "Details must be entered in the relevant sections"; TempData["Error"] = error; return(View()); } else { if (account.Password == confirmPassword && account.Username.Length >= 1 && account.Name.Length >= 4 && account.Password.Length >= 6 /* && (account.CHINumber.Length == 10 || account.CHINumber == null || account.CHINumber.Length >= 0 )*/) { if (contactDetails.Email.Length >= 6 || (contactDetails.HomePhone.Length >= 11 && contactDetails.HomePhone.Length <= 13) || (contactDetails.MobilePhone.Length >= 11 && contactDetails.MobilePhone.Length <= 13) || (contactDetails.WorkPhone.Length >= 11 && contactDetails.WorkPhone.Length <= 13)) { if (address.Postcode.Length >= 6 && address.Postcode.Length <= 9 && address.Region.Length >= 3 && address.StreetName.Length >= 7 && address.StreetNumber > 0) { //IDataProtectionService protect Role role = roleRepository.Role.FirstOrDefault(r => r.UserRole == "Patient"); Account accounts = new Account(); //this allows the hashing of password variables using (MD5 hash = MD5.Create()) { accounts.Password = GetMd5Hash(hash, account.Password.ToString()); } //this attempted to encrypt the password //_protector.Protect(account.Password); //string password = password(account.Password); account.RoleID = role.ID; int[] ids = new int[3]; accounts.RoleID = account.RoleID; //this encrypts the string variables if they do not equal null or if they have a value in the accounts model accounts.MedicalPersonnel = Encrypted.encrypt("New Doctor"); //protect.Protect("New Doctor");/*Encrypted.encrypt protect.Protect*/ //_protector.Protect("New Doctor"); accounts.Name = Encrypted.encrypt(account.Name.ToString()); /*Encrypted.encryptprotect.Protect*/ /*protect.Protect*/ //_protector.Protect(account.Name); //_protector.Protect(account.Name); accounts.Username = Encrypted.encrypt(account.Username.ToString()); /*Encrypted.encrypt protect.Protect*/ // protect.Protect(account.Username.ToString());//;_protector.Protect(account.Username); if (account.CHINumber != null) { accounts.CHINumber = Encrypted.encrypt(account.CHINumber.ToString()); /*Encrypted.encrypt protect.Protect*/// protect.Protect(account.CHINumber.ToString());//_protector.Protect(account.CHINumber); } else { accounts.CHINumber = null; } //this adds the date of birth as it has been accounts.DOB = account.DOB;// _protector.Protect(account.DOB.ToString()); Address addresses = new Address(); addresses.StreetNumber = address.StreetNumber; //this encrypts the string variables if they do not equal null or if they have a value in the address model addresses.StreetName = Encrypted.encrypt(address.StreetName.ToString()); /*/*Encrypted.encrypt protect.Protect*/ //protect.Protect(address.StreetName.ToString());// _protector.Protect(address.StreetName); addresses.Region = Encrypted.encrypt(address.Region.ToString()); /*/*Encrypted.encrypt protect.Protect*/ //protect.Protect(address.Region.ToString());//_protector.Protect(address.Region); addresses.Postcode = Encrypted.encrypt(address.Postcode.ToString()); /*/*Encrypted.encrypt protect.Protect*/ //protect.Protect(address.Postcode.ToString());//_protector.Protect(address.Postcode); if (address.County == null) { addresses.County = " "; } else { addresses.County = Encrypted.encrypt(address.County.ToString()); /*/*Encrypted.encrypt protect.Protect*/ //protect.Protect(address.County.ToString());// _protector.Protect(address.County); } ContactDetails cds = new ContactDetails(); //this encrypts the string variables if they do not equal null or if they have a value in the contact details model if (contactDetails.Email == null) { cds.Email = contactDetails.Email.ToString();// null; } else { cds.Email = contactDetails.Email.ToString(); //Encrypted.encrypt(contactDetails.Email.ToString());/*/*Encrypted.encrypt protect.Protect*/ //protect.Protect(contactDetails.Email.ToString());// _protector.Protect(contactDetails.Email); } if (contactDetails.HomePhone == null) { cds.HomePhone = null; } else { cds.HomePhone = Encrypted.encrypt(contactDetails.HomePhone.ToString()); /*/*Encrypted.encrypt protect.Protect*/// protect.Protect(contactDetails.HomePhone.ToString());// _protector.Protect(contactDetails.HomePhone); } if (contactDetails.WorkPhone != null) { cds.WorkPhone = Encrypted.encrypt(contactDetails.WorkPhone.ToString()); /*/*Encrypted.encrypt protect.Protect*/ //protect.Protect(contactDetails.WorkPhone.ToString());// _protector.Protect(contactDetails.WorkPhone); } else { cds.WorkPhone = null; } if (contactDetails.MobilePhone == null) { cds.MobilePhone = null; } else { cds.MobilePhone = Encrypted.encrypt(contactDetails.MobilePhone.ToString()); /*/*Encrypted.encrypt protect.Protect*/ // protect.Protect(contactDetails.MobilePhone.ToString());// _protector.Protect(contactDetails.MobilePhone); } cds.NextOfKin = Encrypted.encrypt(contactDetails.NextOfKin.ToString()); /*/*Encrypted.encrypt protect.Protect*/ //protect.Protect(contactDetails.NextOfKin.ToString());//_protector.Protect(contactDetails.NextOfKin); //this calls the method SaveAccount which creates the account record in the database with the account model supplied accountRepository.SaveAccount(accounts); Account ID = accountRepository.Accounts.FirstOrDefault(a => a.ID == accounts.ID); ids[0] = ID.ID; //this calls the method CreateContactDetails which creates the contact details record in the database with the contact details model supplied and assigns the integer returned to the 2nd entry in the array ids[1] = CDRepository.CreateContactDetails(cds); //this calls the method CreateAddress which creates the address record in the database with the address model supplied and assigns the integer returned to the 3rd entry in the array ids[2] = addressRepository.CreateAddress(addresses); string[] stringIDs = new string[3]; stringIDs[0] = ids[0].ToString(); stringIDs[1] = ids[1].ToString(); stringIDs[2] = ids[2].ToString(); //this allows the accountRepository.SetUpAccount(ids[0], accounts, ids[1], ids[2]); //this creates sessions that will be used for the appointments and the medical history HttpContext.Session.setJson("Account", account); HttpContext.Session.setJson("Address", address); HttpContext.Session.setJson("CD", contactDetails); HttpContext.Session.SetString("Name", account.Name); HttpContext.Session.SetString("Type", "Patient"); //this redirects the user to the index page of the patient controller return(RedirectToAction("Index", "Patient")); } else { //this alerts the user to Invalid Address Details TempData["Error"] = "Invalid Address Details"; return(View()); } } else { //this alerts the user that there must be a way to contact the person creating an account TempData["Error"] = "You must enter either Email/HomePhone/MobilePhone/WorkPhone details so you can be contacted"; return(View()); } } else { //this alerts the user to an account has already created TempData["Error"] = "Account Created Already"; return(View()); } } }