public ActionResult Register(Customer cus)
{
if (string.IsNullOrEmpty(cus.CustomerLoginName))
{
ViewBag.Message2 = "請填寫帳號";
return(View("Register", cus));
}
if (string.IsNullOrEmpty(cus.CustomerPassword))
{
ViewBag.Message3 = "請填寫密碼";
return(View("Register", cus));
}
var Customer = db.Customers
.Where(c => c.CustomerLoginName == cus.CustomerLoginName)
.FirstOrDefault();
if (Customer == null)
{
Guid userGuid = Guid.NewGuid();
cus.CustomerGuid = userGuid;
cus.CustomerPassword = PasswordSecurity.HashSHA1(cus.CustomerPassword + userGuid);
db.Customers.Add(cus);
db.SaveChanges();
return(RedirectToAction("RegisterOk", cus));
}
ViewBag.Message = "此帳號己有人使用,註冊失敗";
return(View());
}
/// <summary>
/// Method to insert user to database.
/// </summary>
/// <param name="user"></param>
public void InsertUser(User user)
{
string hashedPassword = PasswordSecurity.HashSHA1(user.Password);
using (var connection = new SqlConnection(this.connectionString))
{
var command = new SqlCommand
{
Connection = connection,
CommandText = "InsertUser",
CommandType = System.Data.CommandType.StoredProcedure
};
command.Parameters.AddWithValue("@firstName", user.FirstName);
command.Parameters.AddWithValue("@lastName", user.LastName);
command.Parameters.AddWithValue("@login", user.Login);
command.Parameters.AddWithValue("@password", hashedPassword);
connection.Open();
command.ExecuteNonQuery();
}
}