public IActionResult Index(Customer cc)
{
try
{
var usr = _dbc.Customer.FromSqlRaw($"SELECT * FROM customer WHERE Username = '******' ");
var email = _dbc.Customer.FromSqlRaw($"SELECT * FROM customer WHERE Uemail = '{cc.Uemail}' ");
if (usr.FirstOrDefault() != null)
{
ViewBag.message = "The username " + cc.Username + " already exists!";
}
else if (email.FirstOrDefault() != null)
{
ViewBag.message = "The email " + cc.Uemail + " already exists!";
}
else
{
cc.Active = "1";
cc.Pwd = Encipher(cc.Pwd, 3);
cc.enabled = false;
_dbc.Add(cc);
_dbc.SaveChanges();
ViewBag.message = "The User " + cc.Username + " Is Saved Successfully!";
}
return(View());
}
catch (Exception sqlerror)
{
ViewBag.message = sqlerror;
}
return(View());
}
public IActionResult Create(Report r)
{
_dbc.Add(r);
_dbc.SaveChanges();
return(Redirect("/Home"));
}
public async Task <IActionResult> CreateFeed()
{
string content = string.Empty;
using (Stream receiveStream = HttpContext.Request.Body)
{
using (StreamReader reader = new StreamReader(receiveStream))
{
content = reader.ReadToEnd();
}
}
var entry = JsonConvert.DeserializeObject <Customer>(content, new JsonSerializerSettings
{
TypeNameHandling = TypeNameHandling.Auto // A6 - Insecure Deserialization - You should instead use TypeNameHandling.None
});
_context.Add(entry);
await _context.SaveChangesAsync();
return(Ok());
}
public IActionResult AddToCart(int id)
{
if (HttpContext.Request.Cookies["user_id"] != null)
{
var currentUserId = Int32.Parse(HttpContext.Request.Cookies["user_id"]);
var cart = _db.Cart.Where(x => x.UserId.Equals(currentUserId)).FirstOrDefault();
if (cart == null)
{
var cartEntry = new Cart {
UserId = currentUserId
};
_db.Add(cartEntry);
_db.SaveChanges();
var cartNew = _db.Cart.Where(x => x.UserId.Equals(currentUserId)).FirstOrDefault();
var cartItemNew = _db.CartItem.Where(x => x.ProductId.Equals(id) && x.ShoppingCartId.Equals(cartEntry.CartId)).FirstOrDefault();
var items = GetProductById($"{id}");
if (cartItemNew == null)
{
var cartItemEntry = new CartItem {
ProductId = id, Quantity = 1, ShoppingCartId = cartNew.CartId, ProductPrice = items.Price, ProductTitle = items.Title
};
_db.Add(cartItemEntry);
_db.SaveChanges();
}
else
{
_db.CartItem.Update(new CartItem {
Id = cartItemNew.Id, ProductId = cartItemNew.ProductId, Quantity = cartItemNew.Quantity + 1, ShoppingCartId = cartItemNew.ShoppingCartId, ProductPrice = cartItemNew.ProductPrice, ProductTitle = cartItemNew.ProductTitle
});
_db.SaveChanges();
}
}
else
{
var cartEntry = _db.Cart.Where(x => x.UserId.Equals(currentUserId)).FirstOrDefault();
var cartItemNew = _db.CartItem.Where(x => x.ProductId.Equals(id) && x.ShoppingCartId.Equals(cartEntry.CartId)).FirstOrDefault();
var items = GetProductById($"{id}");
if (cartItemNew == null)
{
var cartItemEntry = new CartItem
{
ProductId = id,
Quantity = 1,
ShoppingCartId = cartEntry.CartId,
ProductPrice = items.Price,
ProductTitle = items.Title
};
_db.Add(cartItemEntry);
_db.SaveChanges();
}
else
{
//_db.CartItem.Update(new CartItem { Id = cartItemNew.Id, ProductId = cartItemNew.ProductId, Quantity = cartItemNew.Quantity + 1, ShoppingCartId = cartItemNew.ShoppingCartId });
cartItemNew.Quantity += 1;
_db.SaveChanges();
}
}
return(RedirectToAction("Index", "Shop"));
}
else
{
TempData["ErrorMessage"] = "Please login to add to cart!";
return(RedirectToAction("Login", "Account"));
}
}
