public ViewResult AdminList()
{
var results = new List <AdminRow>();
SqlConnection con;
con = new SqlConnection(connectionString);
SqlCommand command;
con.Open();
string query = "SELECT firstname, lastname, email from dbo.account;";
command = new SqlCommand(query, con);
SqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
//We push information from the query into a row and onto the list of rows
AdminRow row = new AdminRow {
firstname = reader.GetString(0), lastname = reader.GetString(1), email = reader.GetString(2)
};
results.Add(row);
}
reader.Close();
con.Close();
return(View("AdminList", results));
}
protected void MakeAdmin(object sender, EventArgs e)
{
try
{
bool success = false;
foreach (GridViewRow AdminRow in gvAdmins.Rows)
{
CheckBox isAdminchk = AdminRow.FindControl("chkAdmin") as CheckBox;
if (isAdminchk.Checked)
{
Label AdminUserID = AdminRow.FindControl("UserID") as Label;
Label lblRollNo = AdminRow.FindControl("lblRollNo") as Label;
UserGroupMapping objUserGroupMapping = new UserGroupMapping();
objUserGroupMapping.UserGroupID = GroupID;
objUserGroupMapping.UserID = AdminUserID.Text;
objUserGroupMapping.isAdmin = true;
objUserGroupMapping.SerialNoForGroup = lblRollNo.Text;
new UserController().DeleteUserGroupMapping(AdminUserID.Text, GroupID);
string strMsg = new UserController().CreateUserGroupMapping(objUserGroupMapping);
success = true;
}
}
if (success == true)
{
General.ShowAlertMessage("Admin Mapped successfully!");
bindGvContacts();
}
}
catch (Exception ex)
{
ErrorMessage.Text = ex.Message;
}
}
public ActionResult newaccount(AdminRow acc)
{
SqlConnection con;
con = new SqlConnection(connectionString);
SqlCommand command;
con.Open();
string query = "INSERT INTO account VALUES('" + acc.email + "','" + acc.pass + "','" + acc.firstname + "','" + acc.lastname + "','" + "NULL" + "')";
command = new SqlCommand(query, con);
SqlDataReader reader = command.ExecuteReader();
reader.Close();
//add reader for potential database errors
return(RedirectToAction("AdminList", "Account"));
}
// [Authorize(Roles = "admin")]
public IActionResult Delete(AdminRow acc)
{
SqlConnection con;
con = new SqlConnection(connectionString);
SqlCommand command;
SqlDataAdapter adapter = new SqlDataAdapter();
con.Open();
string query = "DELETE from account WHERE email = ('" + acc.email + "')";
command = new SqlCommand(query, con);
SqlDataReader reader = command.ExecuteReader();
reader.Close();
return(RedirectToAction("AdminList", "Account"));
}
