public IActionResult FundTransferConfirm(FundTransferVM vm, IList <string> errors) { AddErrors(errors); var accountDto = _accountService.ReadOneAccountByNumber(vm.AccountDesNumber); if (accountDto == null) { AddErrors(new List <string>() { "Invalid account number." }); vm.AccountDesNumber = ""; return(View("FundTransferForm", vm)); } vm.AccountDesName = accountDto.AccountName; vm.AccountDestinationId = accountDto.Id; TempData["ValidateAccountDesId"] = accountDto.Id; return(View(vm)); }
public IActionResult Transfer(FundTransferVM vm) { try { //for security, in case hacker change Destination accountId. if (!TempData.ContainsKey("ValidateAccountDesId") || (int)TempData["ValidateAccountDesId"] != vm.AccountDestinationId) { EndTransaction(vm.AccountId); return(RedirectToAction("Index", new { errors = new List <string>() { "Somthing went wrong. Please try again." } })); } if (_accountService.TransferMoney(vm.AccountId, vm.Value, vm.AccountDestinationId)) { //end transaction EndTransaction(vm.AccountId); return(RedirectToAction("Index", new { transactionCompleted = true })); } } catch (DbUpdateConcurrencyException ex) { return(RedirectToAction("FundTransferConfirm", new { vm = vm, errors = new List <string>() { ex.Message } })); } catch (Exception ex) { EndTransaction(vm.AccountId); return(RedirectToAction("Index", new { errors = new List <string>() { ex.Message } })); } return(RedirectToAction("Index")); }
public IActionResult FundTransferForm(FundTransferVM vm) { return(View(vm)); }