protected void Page_Load(object sender, EventArgs e) { UserAcct user = new UserAcct(); user = (UserAcct)Session["User"]; if (user == null) { Response.Redirect("..\\login.aspx"); } else { if (user.Role != "admin") { Response.Redirect("..\\login.aspx"); } } }
public IActionResult Edit(int id, [FromBody] UserAcct User) { if (ModelState.IsValid) { String query = $"Update userAcct set first_name='{User.first_name}', last_name='{User.last_name}', password='******', email='{User.email}', role={User.role}, signature='{User.signature}' WHERE userAcct.id={id}"; String sql = @query; Console.WriteLine("QUERY: " + sql); dt = sqlConnection.Connection(sql); return(Ok()); } else { return(BadRequest()); } }
public IActionResult Create([FromBody] UserAcct User) { if (ModelState.IsValid) { String query = $"INSERT INTO userAcct(first_name, last_name, password, email, role, signature) VALUES" + $"('{User.first_name}', '{User.last_name}', '{User.password}', '{User.email}', {User.role}, '{User.signature}')"; String sql = @query; Console.WriteLine("QUERY: " + sql); dt = sqlConnection.Connection(sql); return(Ok()); } else { return(BadRequest()); } }
public IActionResult <UserAcct> Index() { List <UserAcct> list = new List <UserAcct>(); String query = $"SELECT first_name FROM userAcct WHERE email=" + "'{User.email}'" + "AND password="******"'{User.password}'"; //String sql = @query; SqlCommand cmd = @query; //Try this: // http://csharp.net-informations.com/data-providers/csharp-sqlcommand-executescalar.htm cmd.CommandType = CommandType.Text; object obj = cmd.ExecuteScalar(); //http://csharp.net-informations.com/data-providers/csharp-sqlcommand-executescalar.htm if (obj == null) // No such username or password exist { return("NotValid"); } else { return("Valid"); } dt = sqlConnection.Connection(sql); foreach (DataRow row in dt.Rows) { var user = new UserAcct(); user.id = (int)row["id"]; user.first_name = row["first_name"].ToString(); user.last_name = row["last_name"].ToString(); user.email = row["email"].ToString(); list.Add(user); } return(list); }
protected void InsertNewWCItem(OrderedDictionary newValues) { DataClassesDataContext db = new DataClassesDataContext(); string code = newValues["ID"].ToString(); var cust = db.UserAccts.Where(x => x.ID == code).FirstOrDefault(); if (cust != null) { return; } string hash = AuthHelper.HashString(newValues["PWord"].ToString()); UserAcct item = new UserAcct(); item.ID = newValues["ID"].ToString(); item.Name = newValues["Name"].ToString(); item.PWord = hash; item.Status = newValues["Status"].ToString(); item.UserType = newValues["UserType"].ToString(); item.CreateBy = hdUserID.Value; item.CreateDate = DateTime.Now; db.UserAccts.InsertOnSubmit(item); db.SubmitChanges(); grid.DataBind(); }