Exemplo n.º 1
0
        public void ChangePassword(User u, String password)
        {
            using (connect = new MySqlConnection(_connectionString))
            {
                connect.Open();
                using (MySqlTransaction transaction = connect.BeginTransaction())
                {

                    try
                    {
                        string query = "ChangePassword";
                        var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };

                        cmd.Parameters.AddWithValue("pUID", u.username);
                        cmd.Parameters.AddWithValue("pPwd", password);

                        cmd.ExecuteNonQuery();

                        transaction.Commit();

                        connect.Close();
                    }
                    catch (InvalidOperationException ioException)
                    {
                        transaction.Rollback();

                        connect.Close();
                    }
                }
            }
        }
Exemplo n.º 2
0
        public int CreateUser(User u)
        {
            int ret = 0;
            using (connect = new MySqlConnection(_connectionString))
            {
                connect.Open();
                using (MySqlTransaction transaction = connect.BeginTransaction())
                {

                    try
                    {
                        string query = "NewUserAccount";
                        var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };

                        cmd.Parameters.AddWithValue("PUsername", u.username);
                        cmd.Parameters.AddWithValue("PPWD", u.password);
                        cmd.Parameters.AddWithValue("EmployeeID", u.EmployeeID);

                        ret = int.Parse(cmd.ExecuteScalar().ToString());

                        transaction.Commit();

                        connect.Close();
                    }
                    catch (InvalidOperationException ioException)
                    {
                        transaction.Rollback();

                        connect.Close();
                    }
                }
            }
            return ret;
        }
Exemplo n.º 3
0
        /*
         * Handles login for the class
         *
         * @param:
         * @return: If successful
         */
        public bool doLogin()
        {
            // Holds the state of the login
            LoggedIn result = null;

            if (username != null && password != null)
            {
                // Establishes model for login
                LoginModel loginControl = new LoginModel();

                // Creates a new user with the specified details
                User newUser = new User();
                newUser.username = username;
                newUser.password = password;

                // Passes the user to the login model
                result = loginControl.Login(newUser);

                // Returns bool. State of the login attempt
                return result.State;

            }
            else
            {
                // Failure to login
                return false;
            }
        }
Exemplo n.º 4
0
        public List<User> UsersList()
        {
            var lu = new List<User>();

            using (connect = new MySqlConnection(_connectionString))
            {
                try
                {
                    string query = "ListUserAccount";
                    var cmd = new MySqlCommand(query, connect) { CommandType = CommandType.StoredProcedure };

                    connect.Open();

                    var reader = cmd.ExecuteReader();
                    while (reader.Read())
                    {
                        var u = new User();

                        u.ID = int.Parse(reader["UID"].ToString());
                        u.username = reader["Username"].ToString();
                        u.AccessLevel = reader["AccessLevel"].ToString();

                        lu.Add(u);
                    }

                    connect.Close();
                }
                catch (InvalidOperationException ioException)
                {
                    connect.Close();
                }
            }

            return lu;
        }
Exemplo n.º 5
0
 // Calls the main search users method.
 public User SearchUsers(User u)
 {
     return SearchUsers(u.ID);
 }
Exemplo n.º 6
0
        public LoggedIn Login(User u)
        {
            var l = new LoggedIn();

            using (connect = new MySqlConnection(_connectionString))
            {
                try
                {
                    string query = "LoggingIn";
                    var cmd = new MySqlCommand(query, connect) {CommandType = CommandType.StoredProcedure};

                    cmd.Parameters.AddWithValue("UsersName", u.username);
                    cmd.Parameters.AddWithValue("UserPass", u.password);

                    connect.Open();

                    var reader = cmd.ExecuteReader();
                    while (reader.Read())
                    {
                        l.State = reader["login"].Equals(1);
                        l.UserID = (int)reader["UID"];
                        l.AccessLevel = reader["AccessLevel"].ToString();
                    }

                    connect.Close();
                }
                catch (InvalidOperationException ioException)
                {
                    connect.Close();
                }
            }

            return l;
        }
Exemplo n.º 7
0
        // Creates a new employee user
        public ActionResult CreateEmployee()
        {
            // Ensures logged in
            if (Session["loggedInState"] == null)
            {
                return Redirect("/403.html");
            }

            // Checks if logged in
            bool state = (bool)Session["loggedInState"];
            if (state == true)
            {
                // Establishes models
                LoginModel eModel = new LoginModel();

                // Stored details for the employee
                String firstname = Request.Form["firstname"];
                String surname = Request.Form["lastname"];
                DateTime DOB = DateTime.Parse(Request.Form["DOB"]);
                String contactNum = Request.Form["contactNum"];
                DateTime startDate = DateTime.Parse(Request.Form["startDate"]);
                int dept = int.Parse(Request.Form["dept"]);
                int depot = int.Parse(Request.Form["depot"]);
                int role = int.Parse(Request.Form["role"]);

                // Stored details for the user
                String username = Request.Form["username"];
                String password = Request.Form["password"];
                String email = Request.Form["email"];

                // Establishes handlers
                EmployeeHandler emHandler = new EmployeeHandler();

                // Creates employee for user
                int employeeID = emHandler.create(firstname, surname, DOB, contactNum, startDate, dept, depot, role);

                // Holds new object
                User newUser = new User();

                // Creates user details
                newUser.username = username;
                newUser.password = password;
                newUser.email = email;

                // Return created department to view
                return View(newUser);
            }
            else
            {
                // If not logged in
                return Redirect("/login.html");
            }
        }
Exemplo n.º 8
0
        public ActionResult loginpost()
        {
            LoginModel loginModel = new LoginModel();
            ClientUserModel clientmModel = new ClientUserModel();

            // To store login details
            String username;
            String password;

            // Acquire login details from front-end
            username = Request.Form[0];
            password = Request.Form[1];

            // Composes object
            User thisUser = new User();
            thisUser.username = username;
            thisUser.password = password;
            ClientUser client = new ClientUser();
            client.Username = username;
            client.Password = password;

            // get Account Type / Access levels from Database
            LoggedIn logState;
            logState = loginModel.Login(thisUser);

            if (logState.State)
            {
                Session["loggedInState"] = logState.State;
                Session["username"] = thisUser.username;
                Session["userID"] = logState.UserID;
                Session["Type"] = "Employee";
            }
            else
            {
                logState = clientmModel.Login(client);

                Session["loggedInState"] = logState.State;
                Session["username"] = client.Username;
                Session["userID"] = logState.UserID;
                Session["Type"] = "Client";
            }

            // Sets the Session variables

            // Acquire type of user from Ryan
            // Redirect based on user:
                // Admin (Staff)
                // User (Client)

            // variable to store the path to redirect to
            String pageToDirectTo = "/index.html";

            try {
                bool state = (bool)Session["loggedInState"];
                if (state == true)
                {
                    if (Session["Type"].ToString() == "Employee")
                    {
                        pageToDirectTo = "/Index/";
                        if (logState.AccessLevel.Equals("Admin"))
                        {
                            pageToDirectTo = "/Index/adminIndex";
                        }
                    }
                    else
                    {
                        pageToDirectTo = "/Index/clientIndex"; // doesn't work
                    }
                }
                else
                {
                    pageToDirectTo = "/login.html";
                }
            }catch(Exception e){
                pageToDirectTo = "/403.html";
            }

            // redirect the user to the relevant page
            return Redirect(pageToDirectTo);
        }
Exemplo n.º 9
0
 public ActionResult CreateUser()
 {
     String username = Request.Form["username"].ToString();
     String password = Request.Form["password"].ToString();
     User user = new User();
     user.username = username;
     user.password = password;
     user.AccessLevel = "Admin";
     LoginModel loginMod = new LoginModel();
     loginMod.CreateUser(user);
     return Redirect("adminIndex");
 }