protected void Page_Load(object sender, EventArgs e)
{
UserAcct user = new UserAcct();
user = (UserAcct)Session["User"];
if (user == null)
{
Response.Redirect("..\\login.aspx");
}
else
{
if (user.Role != "admin")
{
Response.Redirect("..\\login.aspx");
}
}
}
public IActionResult Edit(int id, [FromBody] UserAcct User)
{
if (ModelState.IsValid)
{
String query = $"Update userAcct set first_name='{User.first_name}', last_name='{User.last_name}', password='******', email='{User.email}', role={User.role}, signature='{User.signature}' WHERE userAcct.id={id}";
String sql = @query;
Console.WriteLine("QUERY: " + sql);
dt = sqlConnection.Connection(sql);
return(Ok());
}
else
{
return(BadRequest());
}
}
public IActionResult Create([FromBody] UserAcct User)
{
if (ModelState.IsValid)
{
String query = $"INSERT INTO userAcct(first_name, last_name, password, email, role, signature) VALUES" +
$"('{User.first_name}', '{User.last_name}', '{User.password}', '{User.email}', {User.role}, '{User.signature}')";
String sql = @query;
Console.WriteLine("QUERY: " + sql);
dt = sqlConnection.Connection(sql);
return(Ok());
}
else
{
return(BadRequest());
}
}
public IActionResult <UserAcct> Index()
{
List <UserAcct> list = new List <UserAcct>();
String query = $"SELECT first_name FROM userAcct WHERE email=" + "'{User.email}'" + "AND password="******"'{User.password}'";
//String sql = @query;
SqlCommand cmd = @query;
//Try this:
// http://csharp.net-informations.com/data-providers/csharp-sqlcommand-executescalar.htm
cmd.CommandType = CommandType.Text;
object obj = cmd.ExecuteScalar();
//http://csharp.net-informations.com/data-providers/csharp-sqlcommand-executescalar.htm
if (obj == null) // No such username or password exist
{
return("NotValid");
}
else
{
return("Valid");
}
dt = sqlConnection.Connection(sql);
foreach (DataRow row in dt.Rows)
{
var user = new UserAcct();
user.id = (int)row["id"];
user.first_name = row["first_name"].ToString();
user.last_name = row["last_name"].ToString();
user.email = row["email"].ToString();
list.Add(user);
}
return(list);
}
protected void InsertNewWCItem(OrderedDictionary newValues)
{
DataClassesDataContext db = new DataClassesDataContext();
string code = newValues["ID"].ToString();
var cust = db.UserAccts.Where(x => x.ID == code).FirstOrDefault();
if (cust != null)
{
return;
}
string hash = AuthHelper.HashString(newValues["PWord"].ToString());
UserAcct item = new UserAcct();
item.ID = newValues["ID"].ToString();
item.Name = newValues["Name"].ToString();
item.PWord = hash;
item.Status = newValues["Status"].ToString();
item.UserType = newValues["UserType"].ToString();
item.CreateBy = hdUserID.Value;
item.CreateDate = DateTime.Now;
db.UserAccts.InsertOnSubmit(item);
db.SubmitChanges();
grid.DataBind();
}
