public ActionResult Create(String errorMessage) { ViewBag.errorMessage = errorMessage; SystemInfoAccountUser user = new SystemInfoAccountUser(); user.user = new AccountUser(); user.info = new SystemInfo(); return(View("~/Views/AccountUser/Create.cshtml", user)); }
public ActionResult Create(SystemInfoAccountUser systemInfoAccountUser) { ViewBag.errorMessage = null; if (String.IsNullOrEmpty(systemInfoAccountUser.user.Username)) { String errorMessage = "Please specify a Username"; return(RedirectToAction("Create", "SystemInfoAccountUser", new { errorMessage = errorMessage })); } if (String.IsNullOrEmpty(systemInfoAccountUser.user.EmailAddress)) { String errorMessage = "Please specify an Email Address"; return(RedirectToAction("Create", "SystemInfoAccountUser", new { errorMessage = errorMessage })); } if (String.IsNullOrEmpty(systemInfoAccountUser.user.Password)) { String errorMessage = "Please specify a Password"; return(RedirectToAction("Create", "SystemInfoAccountUser", new { errorMessage = errorMessage })); } Database db = new Database(); //CHECKING FOR IDENTICAL EMAILS OracleCommand emailCmd = new OracleCommand(); emailCmd.Connection = db.conn; emailCmd.CommandText = String.Format("SELECT * FROM AccountUser WHERE" + " EmailAddress='{0}'", systemInfoAccountUser.user.EmailAddress); if (emailCmd.ExecuteReader().HasRows) { String errorMessage = String.Format("Email address {0} is already used.", systemInfoAccountUser.user.EmailAddress); emailCmd.Dispose(); db.Dispose(); return(RedirectToAction("Create", "SystemInfoAccountUser", new { errorMessage = errorMessage })); } emailCmd.Dispose(); //CHECKING FOR IDENTICAL USERNAMES OracleCommand nameCmd = new OracleCommand(); nameCmd.Connection = db.conn; nameCmd.CommandText = String.Format("SELECT * FROM AccountUser WHERE" + " Username='******'", systemInfoAccountUser.user.Username); if (nameCmd.ExecuteReader().HasRows) { String errorMessage = String.Format("Username {0} is already used.", systemInfoAccountUser.user.Username); nameCmd.Dispose(); db.Dispose(); return(RedirectToAction("Create", "SystemInfoAccountUser", new { errorMessage = errorMessage })); } //CREATING A MANAGER String managerPassword = ""; OracleCommand cmd = new OracleCommand(); cmd.CommandText = "select ManagerPassword from SystemInfo"; cmd.Connection = db.conn; cmd.CommandType = System.Data.CommandType.Text; OracleDataReader reader = cmd.ExecuteReader(); reader.Read(); managerPassword = reader.GetString(0); reader.Dispose(); String inputPassword = systemInfoAccountUser.info.ManagerPassword; if (!String.IsNullOrEmpty(inputPassword)) { if (inputPassword.Equals(managerPassword)) { systemInfoAccountUser.user.insert(); Manager manager = new Manager(); manager.user = systemInfoAccountUser.user; manager.Username = systemInfoAccountUser.user.Username; manager.insert(); cmd.Dispose(); db.Dispose(); return(RedirectToAction("Index", "Home")); } else { String errorMessage = "Incorrect manager password"; cmd.Dispose(); db.Dispose(); return(RedirectToAction("Create", "SystemInfoAccountUser", new { errorMessage = errorMessage })); } } cmd.Dispose(); db.Dispose(); systemInfoAccountUser.user.insert(); Customer customer = new Customer(); customer.username = systemInfoAccountUser.user.Username; customer.insert(); return(RedirectToAction("Index", "Home")); }