public ActionResult Like(int?id, string returnURL) { string queryString = "UPDATE review set like_count = like_count+1 where review_id = " + id; Console.WriteLine(id); QueryHandler.nonQuery(queryString); return(Redirect(returnURL)); }
//adds usernames to follows_user public ActionResult follow() { string currUser = ((User)System.Web.HttpContext.Current.Session["UserID"]).username; string selUser = ((User)System.Web.HttpContext.Current.Session["selectedUser"]).username; string query = "INSERT INTO follows_user " + "(follower, following) " + "VALUES('" + currUser + "', '" + selUser + "')"; QueryHandler.nonQuery(query); return(RedirectToAction("User", "User", new{ username = selUser })); }
public ActionResult CreateUser(string username, string password, string firstName, string lastName) { if (username.Equals("")) { ViewBag.invalid = true; ViewBag.invalidMessage = "A username is required"; return(View()); } if (password.Equals("")) { ViewBag.invalid = true; ViewBag.invalidMessage = "A password is required"; return(View()); } if (firstName.Equals("")) { ViewBag.invalid = true; ViewBag.invalidMessage = "Please enter a first name"; return(View()); } if (lastName.Equals("")) { ViewBag.invalid = true; ViewBag.invalidMessage = "Please enter a last name"; return(View()); } string queryString = "Select * From \"User\" where username = '******'"; ArrayList usernames = QueryHandler.read(queryString, 1); foreach (string i in usernames) { //check validity if (username.Equals(i)) { ViewBag.invalid = true; ViewBag.invalidMessage = "username invalid"; return(View()); } } ViewBag.invalid = false; queryString = "INSERT INTO \"User\" (username, password, first_name, last_name, is_anonymous) VALUES('" + username + "'" + ", " + "'" + password + "'" + ", " + "'" + firstName + "'" + ", " + "'" + lastName + "'" + ", " + false + ")"; QueryHandler.nonQuery(queryString); return(RedirectToAction("Index", "Home")); }