public IActionResult OnGet(int?id)
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            Products = new Products();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT * FROM Products WHERE ProductID = @PID";
                command.Parameters.AddWithValue("@PID", id);
                Console.WriteLine("Product ID : " + id);

                SqlDataReader reader = command.ExecuteReader();

                while (reader.Read())
                {
                    Products.ProductID          = reader.GetInt32(0);
                    Products.ProductName        = reader.GetString(1);
                    Products.ProductPrice       = reader.GetString(2);
                    Products.ProductCategory    = reader.GetString(3);
                    Products.ProductDescription = reader.GetString(4);
                }
            }
            conn.Close();
            return(Page());
        }
        public IActionResult OnPost()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            Console.WriteLine("Product ID : " + Products.ProductID);
            Console.WriteLine("Product Name : " + Products.ProductName);
            Console.WriteLine("Product Price : " + Products.ProductPrice);
            Console.WriteLine("Product Category : " + Products.ProductCategory);
            Console.WriteLine("Product Description : " + Products.ProductDescription);

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = "UPDATE Products SET ProductName=@PName, ProductPrice=@PPrice, ProductCategory=@PCategory, ProductDescription=@PDescription WHERE ProductID = @PID";
                command.Parameters.AddWithValue("@PID", Products.ProductID);
                command.Parameters.AddWithValue("@PName", Products.ProductName);
                command.Parameters.AddWithValue("@PPrice", Products.ProductPrice);
                command.Parameters.AddWithValue("@PCategory", Products.ProductCategory);
                command.Parameters.AddWithValue("@PDescription", Products.ProductDescription);


                command.ExecuteNonQuery();
            }
            conn.Close();
            return(RedirectToPage("/Product/ProductIndex"));
        }
Exemplo n.º 3
0
        public IActionResult OnPost()
        {
            var FileToUpload = Path.Combine(_env.WebRootPath, "Files", File.FileName);//this variable consists of file path

            Console.WriteLine("File Name : " + FileToUpload);

            using (var FStream = new FileStream(FileToUpload, FileMode.Create))
            {
                File.CopyTo(FStream);//copy the file into FStream variable
            }

            DatabaseConnect DBCon    = new DatabaseConnect();
            string          DbString = DBCon.DatabaseString();
            SqlConnection   conn     = new SqlConnection(DbString);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"INSERT StudentFile (StudentName, FileName) VALUES (@StdName, @FName)";
                command.Parameters.AddWithValue("@StdName", FileRec.Name);
                command.Parameters.AddWithValue("@FName", File.FileName);
                Console.WriteLine("File name : " + FileRec.Name);
                Console.WriteLine("File name : " + File.FileName);
                command.ExecuteNonQuery();
            }

            return(RedirectToPage("/index"));
        }
        public IActionResult OnGet(int?id)
        {
            DatabaseConnect dbstring     = new DatabaseConnect();     //creating an object from the class
            string          DbConnection = dbstring.DatabaseString(); //calling the method from the class

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = "SELECT * FROM Customer WHERE Id = @ID";
                command.Parameters.AddWithValue("@ID", id);

                SqlDataReader reader = command.ExecuteReader();
                CustomerRec = new Customer();
                while (reader.Read())
                {
                    CustomerRec.Id               = reader.GetInt32(0);
                    CustomerRec.CustomerID       = reader.GetString(1);
                    CustomerRec.CustomerName     = reader.GetString(2);
                    CustomerRec.CustomerLastName = reader.GetString(3);
                    CustomerRec.Email            = reader.GetString(4);
                }
            }

            conn.Close();

            return(Page());
        }
Exemplo n.º 5
0
        public IActionResult OnPost()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            Console.WriteLine("User ID :" + Users.UserID);
            Console.WriteLine("User First Name : " + Users.FirstName);
            Console.WriteLine("User Last Name : " + Users.LastName);
            Console.WriteLine("User Email Address : " + Users.EmailAddress);
            Console.WriteLine("User Password : "******"User Role : " + Users.Role);


            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = "UPDATE Users SET FirstName=@FName, LastName=@LName, EmailAddress=@EAddress, Password=@PWD, Role=@URole WHERE UserID = @UID";

                command.Parameters.AddWithValue("@UID", Users.UserID);
                command.Parameters.AddWithValue("@FName", Users.FirstName);
                command.Parameters.AddWithValue("@LName", Users.LastName);
                command.Parameters.AddWithValue("@EAddress", Users.EmailAddress);
                command.Parameters.AddWithValue("@PWD", Users.Password);
                command.Parameters.AddWithValue("@URole", Users.Role);

                command.ExecuteNonQuery();
            }
            conn.Close();
            return(RedirectToPage("/User/UserManagement"));
        }
Exemplo n.º 6
0
        public IActionResult OnGet(int?id)
        {
            DatabaseConnect DbCon = new DatabaseConnect();
            SqlConnection   conn  = new SqlConnection(DbCon.DatabaseString());

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = "SELECT * FROM PlayerTable WHERE Id = @ID";
                command.Parameters.AddWithValue("@ID", id);

                SqlDataReader reader = command.ExecuteReader();
                PlayerRec = new Player();
                while (reader.Read())
                {
                    PlayerRec.Id              = reader.GetInt32(0);
                    PlayerRec.PlayerID        = reader.GetString(1);
                    PlayerRec.PlayerFirstName = reader.GetString(2);
                    PlayerRec.PlayerSurname   = reader.GetString(3);
                    PlayerRec.PlayerAge       = reader.GetInt32(4);
                }
            }

            conn.Close();

            return(Page());
        }
Exemplo n.º 7
0
        public IActionResult OnPost()
        {
            var FileToUpload = Path.Combine(_env.WebRootPath, "Files", Files.FileName);//this variable consists of file path

            Console.WriteLine("File Name : " + FileToUpload);



            using (var FStream = new FileStream(FileToUpload, FileMode.Create))
            {
                Files.CopyTo(FStream); //copy the file into FStream variable
            }

            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"INSERT UserTable (Username, FileName, FirstName) VALUES (@UName, @FName, @FirstName)";
                command.Parameters.AddWithValue("@UName", FileRec.Username);
                command.Parameters.AddWithValue("@FName", Files.FileName);
                command.Parameters.Add("@FirstName", System.Data.SqlDbType.VarChar, 20).Value = "Ross";
                Console.WriteLine("File name : " + FileRec.Username);
                Console.WriteLine("File name : " + Files.FileName);
                command.ExecuteNonQuery();
            }



            return(RedirectToPage("/Index"));
        }
Exemplo n.º 8
0
        public void OnGet()
        {
            DatabaseConnect Dbstring       = new DatabaseConnect();
            string          DatabaseString = Dbstring.DatabaseString();
            SqlConnection   conn           = new SqlConnection(DatabaseString);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT * FROM StudentFile";

                var reader = command.ExecuteReader();

                FileRec = new List <User>();

                while (reader.Read())
                {
                    User rec = new User();
                    rec.Id       = reader.GetInt32(0); // we need this to send the Id to Delete page for another enquiry
                    rec.UserName = reader.GetString(1);
                    rec.FileName = reader.GetString(2);
                    FileRec.Add(rec);
                }
            }
        }
Exemplo n.º 9
0
        public IActionResult OnPost()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            Console.WriteLine(Products.ProductName);
            Console.WriteLine(Products.ProductPrice);
            Console.WriteLine(Products.ProductCategory);
            Console.WriteLine(Products.ProductDescription);

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = "INSERT INTO Products (ProductName, ProductPrice, ProductCategory, ProductDescription) VALUES (@PName, @PPrice, @PCategory, @PDescription)";


                command.Parameters.AddWithValue("@PName", Products.ProductName);
                command.Parameters.AddWithValue("@PPrice", Products.ProductPrice);
                command.Parameters.AddWithValue("@PCategory", Products.ProductCategory);
                command.Parameters.AddWithValue("@PDescription", Products.ProductDescription);
                command.ExecuteNonQuery();
            }

            return(RedirectToPage("/Product/ProductIndex"));
        }
Exemplo n.º 10
0
        public void OnGet()
        {
            var             connectionStringBuilder = new SqliteConnectionStringBuilder();
            DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
            string          dbStringConnection = DBCon.DatabaseString();

            connectionStringBuilder.DataSource = dbStringConnection;
            var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);

            connection.Open();


            var command = connection.CreateCommand();

            command.CommandText = @"SELECT * FROM UserTable";

            var reader = command.ExecuteReader();


            User = new List <User>();

            while (reader.Read())
            {
                User userRec = new User();
                userRec.Id        = reader.GetInt32(0);
                userRec.FirstName = reader.GetString(1);
                userRec.UserName  = reader.GetString(2);
                userRec.Role      = reader.GetString(4);
                User.Add(userRec);
            }
        }
Exemplo n.º 11
0
        public IActionResult OnPost()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();     //creating an object from the class
            string          DbConnection = dbstring.DatabaseString(); //calling the method from the class

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            Console.WriteLine(User.FirstName);
            Console.WriteLine(User.Username);
            Console.WriteLine(User.Password);
            Console.WriteLine(User.Role);

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"INSERT INTO UserTable (FirstName, Username, Password, Role, FileName) VALUES (@FName, @UName, @Pwd, @URole, @FileName)";

                command.Parameters.AddWithValue("@FName", User.FirstName);
                command.Parameters.AddWithValue("@UName", User.Username);
                command.Parameters.AddWithValue("@Pwd", User.Password);
                command.Parameters.AddWithValue("@URole", User.Role);
                command.Parameters.Add("@FileName", System.Data.SqlDbType.VarChar, 50).Value = "Placeholder";
                command.ExecuteNonQuery();
            }

            return(RedirectToPage("/Index"));
        }
Exemplo n.º 12
0
        public void deletePicture(int Id, string FileName)
        {
            Console.WriteLine("Record Id : " + Id);
            Console.WriteLine("File Name : " + FileName);

            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"DELETE FROM StudentFile WHERE Id = @Id";
                command.Parameters.AddWithValue("@Id", Id);

                command.ExecuteNonQuery();
            }
            Console.WriteLine(FileName);
            string RetrieveImage = Path.Combine(_env.WebRootPath, "Files", FileName);

            System.IO.File.Delete(RetrieveImage);
            Console.WriteLine("File has been deleted");
        }
        public void OnGet()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();     //creating an object from the class
            string          DbConnection = dbstring.DatabaseString(); //calling the method from the class

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT * FROM Customer";

                SqlDataReader reader = command.ExecuteReader(); //SqlDataReader is used to read record from a table

                CustomerRec = new List <Customer>();            //this object of list is created to populate all records from the table

                while (reader.Read())
                {
                    Customer record = new Customer();              //a local var to hold a record temporarily
                    record.Id               = reader.GetInt32(0);  //getting the first field from the table
                    record.CustomerID       = reader.GetString(1); //getting the second field from the table
                    record.CustomerName     = reader.GetString(2); //getting the third field from the table
                    record.CustomerLastName = reader.GetString(3);
                    record.Email            = reader.GetString(4);

                    CustomerRec.Add(record); //adding the single record into the list
                }

                // Call Close when done reading.
                reader.Close();
            }
        }
Exemplo n.º 14
0
        public IActionResult OnPost()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();


            Console.WriteLine(Users.FirstName);
            Console.WriteLine(Users.LastName);
            Console.WriteLine(Users.EmailAddress);
            Console.WriteLine(Users.Password);
            Console.WriteLine(Users.Role);


            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"INSERT INTO Users (FirstName, LastName, EmailAddress, Password, Role) VALUES (@FName, @LName, @EAddress, @Pwd, @Role)";


                command.Parameters.AddWithValue("@FName", Users.FirstName);
                command.Parameters.AddWithValue("@LName", Users.LastName);
                command.Parameters.AddWithValue("@EAddress", Users.EmailAddress);
                command.Parameters.AddWithValue("@Pwd", Users.Password);
                command.Parameters.AddWithValue("@Role", Users.Role);
                command.ExecuteNonQuery();
            }

            return(RedirectToPage("/User/UserManagement"));
        }
Exemplo n.º 15
0
        public IActionResult OnGet()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = "SELECT * FROM Products";

                SqlDataReader reader = command.ExecuteReader();

                Prod     = new List <Products>();
                IsSelect = new List <bool>();
                while (reader.Read())
                {
                    Products rec = new Products();
                    rec.ProductID          = reader.GetInt32(0);
                    rec.ProductName        = reader.GetString(1);
                    rec.ProductPrice       = reader.GetString(2);
                    rec.ProductCategory    = reader.GetString(3);
                    rec.ProductDescription = reader.GetString(4);
                    Prod.Add(rec);
                    IsSelect.Add(false);
                }
            }


            return(Page());
        }
Exemplo n.º 16
0
        public void OnGet()
        {
            DatabaseConnect DBCon = new DatabaseConnect();
            SqlConnection   conn  = new SqlConnection(DBCon.DatabaseString());

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT * FROM FileTable";

                var reader = command.ExecuteReader();

                FileRec = new List <PlayerFile>();

                while (reader.Read())
                {
                    PlayerFile rec = new PlayerFile();
                    rec.Id         = reader.GetInt32(0); // we need this to send the Id to Delete page for another enquiry
                    rec.PlayerName = reader.GetString(1);
                    rec.FileName   = reader.GetString(2);
                    FileRec.Add(rec);
                }
            }
        }
Exemplo n.º 17
0
        public IActionResult OnPost()
        {
            UserToEdit = new List <User>();      //create the object for Module to be deleted. This variable now an empty list
            for (int i = 0; i < User.Count; i++) //Read all rows from Module. Each row has a checkbox!
            {
                if (IsSelect[i] == true)         //if the checkbox of the row is true
                {
                    UserToEdit.Add(User[i]);     //collect the item for the row
                }
            }

            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            for (int i = 0; i < UserToEdit.Count(); i++)
            {
                using (SqlCommand command = new SqlCommand())
                {
                    command.Connection  = conn;
                    command.CommandText = @"UPDATE UserTable SET FirstName = 'Edited' WHERE Id = @UserID";
                    command.Parameters.AddWithValue("@UserID", UserToEdit[i].Id);
                    command.ExecuteNonQuery();
                }
            }

            return(RedirectToPage("/AdminPages/ViewUsers"));
        }
Exemplo n.º 18
0
        public IActionResult OnPost()
        {
            DatabaseConnect DbCon = new DatabaseConnect();
            SqlConnection   conn  = new SqlConnection(DbCon.DatabaseString());

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"INSERT INTO PlayerTable (PlayerID, PlayerFirstName, PlayerSurname, PlayerAge) VALUES (@PID, @FName, @SName, @PAge)";

                command.Parameters.AddWithValue("@PID", PlayerRec.PlayerID);
                command.Parameters.AddWithValue("@FName", PlayerRec.PlayerFirstName);
                command.Parameters.AddWithValue("@SName", PlayerRec.PlayerSurname);
                command.Parameters.AddWithValue("@PAge", PlayerRec.PlayerAge);


                Console.WriteLine(PlayerRec.PlayerID);
                Console.WriteLine(PlayerRec.PlayerFirstName);
                Console.WriteLine(PlayerRec.PlayerSurname);
                Console.WriteLine(PlayerRec.PlayerAge);



                command.ExecuteNonQuery();
            }



            return(RedirectToPage("/Index"));
        }
Exemplo n.º 19
0
        public IActionResult OnGet()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = "SELECT * FROM Users";

                SqlDataReader reader = command.ExecuteReader();

                Users    = new List <Users>();
                IsSelect = new List <bool>();
                while (reader.Read())
                {
                    Users rec = new Users();

                    rec.UserID       = reader.GetInt32(0);
                    rec.FirstName    = reader.GetString(1);
                    rec.LastName     = reader.GetString(2);
                    rec.EmailAddress = reader.GetString(3);
                    rec.Password     = reader.GetString(4);
                    rec.Role         = reader.GetString(5);
                    Users.Add(rec);
                    IsSelect.Add(false);
                }
            }


            return(Page());
        }
Exemplo n.º 20
0
        public IActionResult OnGet(int?UserID) //we receive this Id from View.cs
        {
            DatabaseConnect Dbstring       = new DatabaseConnect();
            string          DatabaseString = Dbstring.DatabaseString();
            SqlConnection   conn           = new SqlConnection(DatabaseString);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT UserID FROM UserTable WHERE UserID = @UserID";
                command.Parameters.AddWithValue("@UserID", UserID);

                var reader = command.ExecuteReader();

                FileRec = new User();
                while (reader.Read())
                {
                    FileRec.Username = reader.GetString(1); //to display on the html page
                    FileRec.FileName = reader.GetString(2); //to display on the html page
                }

                Console.WriteLine("File name : " + FileRec.FileName);
            }

            return(Page());
        }
Exemplo n.º 21
0
        public IActionResult OnGet(int?Id) //we receive this Id from View.cs
        {
            DatabaseConnect Dbstring       = new DatabaseConnect();
            string          DatabaseString = Dbstring.DatabaseString();
            SqlConnection   conn           = new SqlConnection(DatabaseString);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT * FROM StudentFile WHERE Id = @Id";
                command.Parameters.AddWithValue("@Id", Id);

                var reader = command.ExecuteReader();

                StdFileRec = new User();
                while (reader.Read())
                {
                    StdFileRec.Id       = reader.GetInt32(0);
                    StdFileRec.UserName = reader.GetString(1); //to display on the html page
                    StdFileRec.FileName = reader.GetString(2); //to display on the html page
                }

                Console.WriteLine("File name : " + StdFileRec.FileName);
            }

            return(Page());
        }
Exemplo n.º 22
0
        public IActionResult OnGet()
        {
            //get the session first!
            UserName  = HttpContext.Session.GetString(SessionKeyName1);
            FirstName = HttpContext.Session.GetString(SessionKeyName2);
            SessionID = HttpContext.Session.GetString(SessionKeyName3);


            DatabaseConnect DBCon = new DatabaseConnect();
            SqlConnection   conn  = new SqlConnection(DBCon.DatabaseString());

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT * FROM UserTable";

                var reader = command.ExecuteReader();

                User = new List <User>();
                while (reader.Read())
                {
                    User Row = new User(); //each record found from the table
                    Row.Id        = reader.GetInt32(0);
                    Row.FirstName = reader.GetString(1);
                    Row.UserName  = reader.GetString(2);
                    Row.Role      = reader.GetString(4); // We dont get the password. The role field is in the 5th position
                    User.Add(Row);
                }
            }
            return(Page());
        }
Exemplo n.º 23
0
        public IActionResult OnPost()
        {
            var             connectionStringBuilder = new SqliteConnectionStringBuilder();
            DatabaseConnect DBCon = new DatabaseConnect(); // your own class and method in DatabaseConnection folder
            string          dbStringConnection = DBCon.DatabaseString();

            connectionStringBuilder.DataSource = dbStringConnection;
            var connection = new SqliteConnection(connectionStringBuilder.ConnectionString);

            connection.Open();

            var command = connection.CreateCommand();

            Console.WriteLine(User.FirstName);
            Console.WriteLine(User.UserName);
            Console.WriteLine(User.Password);
            Console.WriteLine(User.Role);



            command.CommandText = @"INSERT INTO UserTable (FirstName, UserName, UserPassword, UserRole) VALUES (@FName, @UName, @Pwd, @Role)";

            command.Parameters.AddWithValue("@FName", User.FirstName);
            command.Parameters.AddWithValue("@UName", User.UserName);
            command.Parameters.AddWithValue("@Pwd", User.Password);
            command.Parameters.AddWithValue("@Role", User.Role);
            command.ExecuteNonQuery();


            return(RedirectToPage("/Index"));
        }
Exemplo n.º 24
0
        public IActionResult OnPost()
        {
            if (!ModelState.IsValid)
            {
                return(Page());
            }


            DatabaseConnect dbstring     = new DatabaseConnect();     //creating an object from the class
            string          DbConnection = dbstring.DatabaseString(); //calling the method from the class

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            Console.WriteLine(User.UserName);
            Console.WriteLine(User.Password);


            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT FirstName, UserName, UserRole FROM UserTable WHERE UserName = @UName AND UserPassword = @Pwd";

                command.Parameters.AddWithValue("@UName", User.UserName);
                command.Parameters.AddWithValue("@Pwd", User.Password);

                var reader = command.ExecuteReader();

                while (reader.Read())
                {
                    User.FirstName = reader.GetString(0);
                    User.UserName  = reader.GetString(1);
                    User.Role      = reader.GetString(2);
                }
            }

            if (!string.IsNullOrEmpty(User.FirstName))
            {
                SessionID = HttpContext.Session.Id;
                HttpContext.Session.SetString("sessionID", SessionID);
                HttpContext.Session.SetString("username", User.UserName);
                HttpContext.Session.SetString("fname", User.FirstName);

                if (User.Role == "User")
                {
                    return(RedirectToPage("/UserPages/UserIndex"));
                }
                else
                {
                    return(RedirectToPage("/AdminPages/AdminIndex"));
                }
            }
            else
            {
                Message = "Invalid Username and Password!";
                return(Page());
            }
        }
Exemplo n.º 25
0
        public IActionResult OnGet(int?id)
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();
            SqlConnection   conn         = new SqlConnection(DbConnection);

            conn.Open();

            Users = new Users();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = "SELECT * FROM Users WHERE UserID = @UID";

                command.Parameters.AddWithValue("@UID", id);
                Console.WriteLine("User ID : " + id);

                SqlDataReader reader = command.ExecuteReader();

                while (reader.Read())
                {
                    Users.UserID       = reader.GetInt32(0);
                    Users.FirstName    = reader.GetString(1);
                    Users.LastName     = reader.GetString(2);
                    Users.EmailAddress = reader.GetString(3);
                    Users.Password     = reader.GetString(4);
                    Users.Role         = reader.GetString(5);
                }
            }
            return(Page());
        }
Exemplo n.º 26
0
        public IActionResult OnPost()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();     //creating an object from the class
            string          DbConnection = dbstring.DatabaseString(); //calling the method from the class

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"INSERT INTO Customer (CustomerID, CustomerName, CustomerLastName, Email, Password) VALUES (@CID, @CName, @CLName, @Email, @PSWD)";

                command.Parameters.AddWithValue("@CID", Customer.CustomerID);
                command.Parameters.AddWithValue("@CName", Customer.CustomerName);
                command.Parameters.AddWithValue("@CLName", Customer.CustomerLastName);
                command.Parameters.AddWithValue("@Email", Customer.Email);
                command.Parameters.AddWithValue("@PSWD", Customer.Password);

                Console.WriteLine(Customer.CustomerID);
                Console.WriteLine(Customer.CustomerName);
                Console.WriteLine(Customer.CustomerLastName);
                Console.WriteLine(Customer.Email);
                Console.WriteLine(Customer.Password);

                command.ExecuteNonQuery();
            }
            return(RedirectToPage("./Index"));
        }
Exemplo n.º 27
0
        public IActionResult OnPost()
        {
            if (!ModelState.IsValid)
            {
                return(Page());
            }

            DatabaseConnect dbstring     = new DatabaseConnect();     //creating an object from the class
            string          DbConnection = dbstring.DatabaseString(); //calling the method from the class

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            Console.WriteLine(User.FirstName);
            Console.WriteLine(User.UserName);
            Console.WriteLine(User.Password);
            Console.WriteLine(User.Role);

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"INSERT INTO UserTable (FirstName, UserName, UserPassword, UserRole) VALUES (@FName, @UName, @Pwd, @Role)";

                command.Parameters.AddWithValue("@FName", User.FirstName);
                command.Parameters.AddWithValue("@UName", User.UserName);
                command.Parameters.AddWithValue("@Pwd", User.Password);
                command.Parameters.AddWithValue("@Role", User.Role);
                command.ExecuteNonQuery();
            }

            return(RedirectToPage("/AdminPages/ViewUsers"));
        }
Exemplo n.º 28
0
        public IActionResult OnPost()
        {
            if (!ModelState.IsValid)
            {
                return(Page());
            }

            DatabaseConnect dbConn   = new DatabaseConnect();
            string          DbString = dbConn.DatabaseString();

            var connStringBuilder = new SqliteConnectionStringBuilder();

            connStringBuilder.DataSource = DbString;

            var conn = new SqliteConnection(connStringBuilder.ConnectionString);

            conn.Open();

            var command = conn.CreateCommand();

            Console.WriteLine(User.UserName);
            Console.WriteLine(User.Password);

            command.CommandText = @"SELECT FirstName, UserName, UserRole FROM UserTable WHERE UserName = @UName AND UserPassword = @Pwd";

            command.Parameters.AddWithValue("@UName", User.UserName);
            command.Parameters.AddWithValue("@Pwd", User.Password);

            var reader = command.ExecuteReader();

            while (reader.Read())
            {
                User.FirstName = reader.GetString(0);
                User.UserName  = reader.GetString(1);
                User.Role      = reader.GetString(2);
            }

            if (!string.IsNullOrEmpty(User.FirstName))
            {
                SessionID = HttpContext.Session.Id;
                HttpContext.Session.SetString("sessionID", SessionID);
                HttpContext.Session.SetString("username", User.UserName);
                HttpContext.Session.SetString("fname", User.FirstName);

                if (User.Role == "User")
                {
                    return(RedirectToPage("/UserPages/UserIndex"));
                }
                else
                {
                    return(RedirectToPage("/AdminPages/AdminIndex"));
                }
            }
            else
            {
                Message = "Invalid Username and Password!";
                return(Page());
            }
        }
Exemplo n.º 29
0
        public IActionResult OnPost()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();
            string          DbConnection = dbstring.DatabaseString();

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            Console.WriteLine(Login.Username);
            Console.WriteLine(Login.Password);

            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT FirstName, Username, User_Type FROM Logins WHERE Username = @Username AND Password = @Password";

                command.Parameters.AddWithValue("@Username", Login.Username);
                command.Parameters.AddWithValue("@Password", Login.Password);

                var reader = command.ExecuteReader();

                while (reader.Read())
                {
                    Login.FirstName = reader.GetString(0);
                    Login.Username  = reader.GetString(1);
                    Login.User_Type = reader.GetString(2);
                }
            }
            if (!string.IsNullOrEmpty(Login.FirstName))
            {
                SessionID = HttpContext.Session.Id;
                HttpContext.Session.SetString("SessionID", SessionID);
                HttpContext.Session.SetString("username", Login.Username);
                HttpContext.Session.SetString("fname", Login.FirstName);

                if (Login.User_Type == "Student")
                {
                    return(RedirectToPage("/Student/StudentIndex"));
                }
                if (Login.User_Type == "Teacher")
                {
                    return(RedirectToPage("/Login/Create"));
                }
                else
                {
                    return(RedirectToPage("/Admin/AdminIndex"));
                }
            }
            else
            {
                Message = "Invalid Username or Password!";
                return(Page());
            }
        }
Exemplo n.º 30
0
        public IActionResult OnPost()
        {
            DatabaseConnect dbstring     = new DatabaseConnect();     //creating an object from the class
            string          DbConnection = dbstring.DatabaseString(); //calling the method from the class

            Console.WriteLine(DbConnection);
            SqlConnection conn = new SqlConnection(DbConnection);

            conn.Open();

            Console.WriteLine(AdminReg.Email);
            Console.WriteLine(AdminReg.Password);


            using (SqlCommand command = new SqlCommand())
            {
                command.Connection  = conn;
                command.CommandText = @"SELECT AdminName, AdminLastName, Email, Password FROM Admin WHERE Email = @Email AND Password = @PSWD";

                command.Parameters.AddWithValue("@Email", AdminReg.Email);
                command.Parameters.AddWithValue("@PSWD", AdminReg.Password);

                var reader = command.ExecuteReader();

                while (reader.Read())
                {
                    AdminReg.AdminName     = reader.GetString(0);
                    AdminReg.AdminLastName = reader.GetString(1);
                    AdminReg.Email         = reader.GetString(2);
                }
            }

            if (!string.IsNullOrEmpty(AdminReg.AdminName))
            {
                SessionID = HttpContext.Session.Id;
                HttpContext.Session.SetString("sessionID", SessionID);
                HttpContext.Session.SetString("Email", AdminReg.Email);
                HttpContext.Session.SetString("AdminName", AdminReg.AdminName);
            }
            else
            {
                Message = "Invalid Username and Password!";
                return(Page());
            }
            return(RedirectToPage("/Admins/Login/AdminPage"));
        }