public IActionResult DeleteUser(string id)
{
string select = @"SELECT * FROM Users WHERE Username='******'";
Console.WriteLine(select);
Console.WriteLine(id);
DataTable ds = DBUtl.GetTable(select, id);
if (ds.Rows.Count != 1)
{
TempData["Message"] = "User record no longer exists.";
TempData["MsgType"] = "warning";
}
else
{
string delete = "DELETE FROM Users WHERE Username='******'";
int res = DBUtl.ExecSQL(delete, id);
if (res == 1)
{
TempData["Message"] = "User Deleted";
TempData["MsgType"] = "success";
}
else
{
TempData["Message"] = DBUtl.DB_Message;
TempData["MsgType"] = "danger";
}
}
return(RedirectToAction("ListUsers"));
}
private bool AuthenticateUser(string uid, string pw, out ClaimsPrincipal principal)
{
principal = null;
DataTable ds = DBUtl.GetTable(LOGIN_SQL, uid, pw);
if (ds.Rows.Count == 1)
{
principal =
new ClaimsPrincipal(
new ClaimsIdentity(
new Claim[] {
new Claim(ClaimTypes.NameIdentifier, uid),
new Claim(ClaimTypes.Name, ds.Rows[0][NAME_COL].ToString()),
new Claim(ClaimTypes.Role, ds.Rows[0][ROLE_COL].ToString())
}, "Basic"
)
);
if (principal != null)
{
bool d = true;
return(d);
}
return(false);
}
return(false);
}
private bool SecureValidUser(string uid,
string pw,
out ClaimsPrincipal principal)
{
string sql = "";
string returnUrl = ViewData["ReturnUrl"] as string;
sql = @"SELECT * FROM AppUser WHERE Id='{0}' AND Password = HASHBYTES('SHA1','{1}')";
DataTable ds = DBUtl.GetTable(sql, uid, pw);
principal = null;
if (ds.Rows.Count == 1)
{
string uname = ds.Rows[0]["Name"].ToString();
string userid = ds.Rows[0]["Id"].ToString();
string role = ds.Rows[0]["Role"].ToString();
principal =
new ClaimsPrincipal(
new ClaimsIdentity(
new Claim[] {
new Claim(ClaimTypes.NameIdentifier, userid),
new Claim(ClaimTypes.Name, uname),
new Claim(ClaimTypes.Role, role)
},
"Basic"));
return(true);
}
else
{
return(false);
}
}
public IActionResult Delete(int id)
{
string select = "SELECT * FROM Exercise WHERE Exercise_id = {0}";
DataTable ds = DBUtl.GetTable(select, id);
if (ds.Rows.Count != 1)
{
TempData["Message"] = "Exercise does not exist";
TempData["MsgType"] = "warning";
}
else
{
string delete = "DELETE FROM Exercise WHERE Exercise_id = {0}";
int res = DBUtl.ExecSQL(delete, id);
if (res == 1)
{
TempData["Message"] = "Exercise Deleted";
TempData["MsgType"] = "success";
}
else
{
TempData["Message"] = DBUtl.DB_Message;
TempData["MsgType"] = "danger";
}
}
return(RedirectToAction("Index"));
}
public IActionResult Delete(string name, string email)
{
string select = @"SELECT * FROM AppUser WHERE UserName='******'";
DataTable ds = DBUtl.GetTable(select, name);
if (ds.Rows.Count != 1)
{
TempData["Message"] = "Company Record No Longer Exists.";
TempData["MsgType"] = "warning";
}
else
{
string delete = "DELETE FROM AppUser WHERE UserName='******'";
string delete1 = "DELETE FROM Email WHERE Email='{0}'";
int res = DBUtl.ExecSQL(delete, name);
int res1 = DBUtl.ExecSQL(delete1, email);
if (res == 1)
{
TempData["Message"] = "Company Deleted.";
TempData["MsgType"] = "success";
}
else
{
TempData["Message"] = DBUtl.DB_Message;
TempData["MsgType"] = "danger";
}
}
return(RedirectToAction("List"));
}
public IActionResult CancelMaint(string id)
{
string select = @"SELECT * FROM Equipment
WHERE Serial_no='{0}'";
DataTable ds = DBUtl.GetTable(select, id);
if (ds.Rows.Count != 1)
{
TempData["Message"] = "Equipment record no longer exists.";
TempData["MsgType"] = "warning";
}
else
{
string update = "UPDATE Equipment SET Status = 'Available' WHERE Serial_no = '{0}' AND Status = 'Maintenance'";
int res = DBUtl.ExecSQL(update, id);
if (res == 1)
{
TempData["Message"] = "Maintenance Notice Cancelled";
TempData["MsgType"] = "success";
}
else
{
TempData["Message"] = "Something went wrong.";
TempData["MsgType"] = "danger";
}
}
return(RedirectToAction("EquipmentMaintCancel"));
}
public IActionResult Delete(string id)
{
string select = @"SELECT * FROM Event WHERE Id={0}";
DataTable ds = DBUtl.GetTable(select, id);
if (ds.Rows.Count != 1)
{
TempData["Message"] = "Event does not exist";
TempData["MsgType"] = "warning";
}
else
{
string docFile = ds.Rows[0]["fileName"].ToString();
string fullpath = Path.Combine(_env.WebRootPath, "files/" + docFile);
System.IO.File.Delete(fullpath);
string delete = "DELETE FROM Event WHERE Id={0}";
int res = DBUtl.ExecSQL(delete, id);
if (res == 1)
{
TempData["Message"] = "Event Deleted";
TempData["MsgType"] = "success";
}
else
{
TempData["Message"] = DBUtl.DB_Message;
TempData["MsgType"] = "danger";
}
}
return(RedirectToAction("Events"));
}
public IActionResult DeleteAccessory(string id)
{
string select = @"SELECT * FROM Equipment_accessories
WHERE Equipment_accessories_id='{0}'";
DataTable ds = DBUtl.GetTable(select, id);
if (ds.Rows.Count != 1)
{
TempData["Message"] = "Accessory record no longer exists.";
TempData["MsgType"] = "warning";
}
else
{
string delete = "DELETE FROM Equipment_accessories WHERE Equipment_accessories_id='{0}'";
int res = DBUtl.ExecSQL(delete, id);
if (res == 1)
{
TempData["Message"] = "Accessory Deleted";
TempData["MsgType"] = "success";
}
else
{
TempData["Message"] = "Please delete related records before deleting this record!";
TempData["MsgType"] = "danger";
}
}
return(RedirectToAction("Index"));
}
public IActionResult ToggleMaint(string id)
{
string select = @"SELECT * FROM Users WHERE role !='Admin'";
DataTable ds = DBUtl.GetTable(select, id);
if (ds.Rows.Count < 0)
{
TempData["Message"] = "Toggle failed";
TempData["MsgType"] = "warning";
}
else
{
string set = "UPDATE Users SET Maintenance_status = 'True' WHERE role != 'Admin'";
int res = DBUtl.ExecSQL(set, id);
if (res > 0)
{
TempData["Message"] = "Maintenance Toggle successful";
TempData["MsgType"] = "success";
}
else
{
TempData["Message"] = "Toggle maintenance unsuccessful";
TempData["MsgType"] = "danger";
}
}
return(RedirectToAction("Index"));
}
public IActionResult Create(Company company)
{
if (!ModelState.IsValid)
{
ViewData["Message"] = "Invalid Input";
ViewData["MsgType"] = "warning";
return(View("Create"));
}
else
{
string insert = @"INSERT INTO Email(Email, EmailStatus) VALUES('{0}',0)";
string insert1 = @"INSERT INTO AppUser(UserName, User_PW, RepName, Contact_Num, CompanyName, CompanyWebsite, CompanyIndustry, CompanySize, CompanyType, Email) VALUES('{0}', HASHBYTES('SHA1', '{1}'), '{2}', {3}, '{4}', '{5}', '{6}', '{7}', 2, '{8}')";
int result = DBUtl.ExecSQL(insert, company.Email);
int result1 = DBUtl.ExecSQL(insert1, company.UserName, company.User_PW, company.RepName, company.Contact_Num, company.CompanyName, company.CompanyWebsite, company.CompanyIndustry, company.CompanySize, company.Email);
if (result == 1 && result1 == 1)
{
TempData["Mesage"] = "Account Created";
TempData["MsgType"] = "success";
string email = company.Email.ToString();
string select = "SELECT * FROM AppUser WHERE Email='{0}'";
DataTable dt = DBUtl.GetTable(select, email);
foreach (DataRow row in dt.Rows)
{
string RepName = row.Field <string>("RepName");
string Email = row.Field <string>("Email");
string UserName = row.Field <string>("UserName");
string template = @"Hi {0}, <br></br> Welcome to Tribe Accelerator! Your username is {1}. To activate your account, click here <button><a href='" + Url.Action("Activate", "Company", new { un = Email }, "http") + "'>Activate</a></button><br></br>" + "Regards,<br></br> The Tribe Accelerator team";
string title = "Account Activation";
string message = string.Format(template, RepName, UserName);
string rs;
if (EmailUtl.SendEmail(email, title, message, out rs))
{
ViewData["Message"] = "Email successfully sent";
ViewData["MsgType"] = "success";
}
else
{
ViewData["Message"] = result;
ViewData["MsgType"] = "warning";
}
return(View("Confirmation"));
}
}
else
{
TempData["Message"] = DBUtl.DB_Message;
TempData["MsgType"] = "danger";
}
return(Redirect("~/Home/Index"));
}
}
public IActionResult VerifyUserID(string userId)
{
string select = $"SELECT * FROM UserRegister WHERE UserId='{userId}'";
if (DBUtl.GetTable(select).Rows.Count > 0)
{
return(Json($"[{userId}] already in use"));
}
return(Json(true));
}
public IActionResult VerifyUserName(String UserName)
{
string select = $"SELECT * FROM Account WHERE UserName='******'";
if (DBUtl.GetTable(select).Rows.Count > 0)
{
return(Json($"[{UserName}] already in use"));
}
return(Json(true));
}
public bool VerifyEmail(String Email)
{
string select = @"SELECT * FROM AppUser WHERE Email='{0}'";
DataTable ds = DBUtl.GetTable(select, Email);
if (ds.Rows.Count == 1)
{
return(true);
}
return(false);
}
public IActionResult Create(User newUser)
{
if (!ModelState.IsValid)
{
ViewData["Message"] = "Invalid Input";
ViewData["MsgType"] = "warning";
return(View("Create"));
}
else
{
string insert =
@"INSERT INTO Users(Username, FullName, Email, Password, UserRole, CompanyName, ContactNo)
VALUES('{0}', '{1}', '{2}', HASHBYTES('SHA1', '{3}'), '{4}', '{5}', '{6}')";
int result = DBUtl.ExecSQL(insert, newUser.Username, newUser.FullName, newUser.Email, newUser.Password, newUser.UserRole, newUser.CompanyName, newUser.ContactNo);
if (result == 1)
{
TempData["Message"] = "User Created";
TempData["MsgType"] = "success";
string email = newUser.Email.ToString();
string select = "SELECT * FROM Users WHERE Email='{0}'";
DataTable dt = DBUtl.GetTable(select, email);
foreach (DataRow row in dt.Rows)
{
string fullname = row.Field <string>("FullName");
string Email = row.Field <string>("Email");
string template = @"Hi {0}, <br></br>
Please press this link to activate your Accelerator Account. <br></br>
<button><a href='" + Url.Action("Activation", "Account", new { un = fullname }, "http") + "'>Activate</a></button><br></br>" + "Cheers, <br></br>" + "<i>Accelerator</i>";
string title = "Activating Accelerator Account";
string message = String.Format(template, fullname);
string rs;
if (EmailUtl.SendEmail(email, title, message, out rs))
{
ViewData["Message"] = "Email Successfully Sent";
ViewData["MsgType"] = "success";
}
else
{
ViewData["Message"] = result;
ViewData["MsgType"] = "warning";
}
return(View("Activate"));
}
}
else
{
TempData["Message"] = DBUtl.DB_Message;
TempData["MsgType"] = "danger";
}
return(RedirectToAction("ListUsers"));
}
}
private bool AuthenticateUser(string uid, string pw, out ClaimsPrincipal principal)
{
principal = null;
//If email is confirmed
var dsconfirm = new DataTable();
string sql = $"SELECT Email FROM AppUser WHERE UserName = '******' AND User_PW = HASHBYTES('SHA1','{pw}') ";
DataTable dsemail = DBUtl.GetTable(sql, uid, pw);
if (dsemail.Rows.Count > 0)
{
string select = $"SELECT * FROM Email WHERE Email = '{dsemail.Rows[0]["Email"]}'";
dsconfirm = DBUtl.GetTable(select);
}
DataTable ds = DBUtl.GetTable(LOGIN_SQL, uid, pw);
if (ds.Rows.Count == 1)
{
var a = dsconfirm.Rows[0]["EmailStatus"].ToString();
if (a.Equals("1"))
{
string r = "";
int ro = int.Parse(ds.Rows[0][ROLE_COL].ToString());
if (ro == 1)
{
r = "Admin";
}
else if (ro == 2)
{
r = "Current";
}
else if (ro == 3)
{
r = "Alumni";
}
principal = new ClaimsPrincipal(
new ClaimsIdentity(
new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, uid),
new Claim(ClaimTypes.Name, ds.Rows[0] [NAME_COL].ToString()),
new Claim(ClaimTypes.Role, r)
}, "Basic"
)
);
return(true);
}
}
return(false);
}
public IActionResult ViewArchive()
{
updatearchive();
DataTable dt = DBUtl.GetTable(@"SELECT Exercise_id, E.Package_id, U.nric AS [SAF11B], E.company AS [Company],
E.unit AS [Unit], P.Name AS [Weapon Package], E.start_date AS [Start Date], E.end_date AS [End Date],
E.description AS [Description], E.status AS [Status]
FROM Exercise E
INNER JOIN Users U ON E.nric = U.nric
INNER JOIN Package P ON E.Package_id = P.Package_id
WHERE E.archive = 1");
return(View("ViewArchive", dt.Rows));
}
public IActionResult ResetPassword(ResetPassword rp)
{
if (!ModelState.IsValid)
{
ViewData["Message"] = "Invalid Input";
ViewData["MsgType"] = "warning";
return(View("RPwd"));
}
else
{
string email = rp.Email.ToString();
string password = rp.UserPw.ToString();
string select = @"SELECT * FROM Users WHERE Email='{0}'";
DataTable dt = DBUtl.GetTable(select, email);
if (dt.Rows.Count == 1)
{
string uname = dt.Rows[0]["Username"].ToString();
string cfmEmail = dt.Rows[0]["Email"].ToString();
if (email.Equals(cfmEmail))
{
string update = @"UPDATE Users SET Password=HASHBYTES('SHA1','{1}') WHERE Username='******'";
int res = DBUtl.ExecSQL(update, uname, password, cfmEmail);
if (res == 1)
{
ViewData["Message"] = "Password has been reset successfully.";
ViewData["MsgType"] = "success";
return(View("RPwdCfm"));
}
else
{
ViewData["Message"] = "Password reset unsuccessful.";
ViewData["MsgType"] = "warning";
return(View("RPwd"));
}
}
else
{
ViewData["Message"] = "Email cannot be verified.";
ViewData["MsgType"] = "danger";
return(View("RPwd"));
}
}
else
{
return(View("RPwd"));
}
}
}
private bool SecureValidUser(string uid,
string pw,
out ClaimsPrincipal principal)
{
string sql = "";
string returnUrl = ViewData["ReturnUrl"] as string;
if (returnUrl.Contains("SingRoom"))
{
sql = @"SELECT * FROM SRUser
WHERE Email='{0}'
AND Password = HASHBYTES('SHA1','{1}')";
}
else
{
sql = @"SELECT * FROM PHUser
WHERE Email='{0}'
AND Password = HASHBYTES('SHA1','{1}')";
}
DataTable ds = DBUtl.GetTable(sql, uid, pw);
principal = null;
if (ds.Rows.Count == 1)
{
string uname = ds.Rows[0]["Name"].ToString();
string userid = ds.Rows[0]["Id"].ToString();
string role = ds.Rows[0]["Role"].ToString();
// TODO P06 Task 1a: Add the role of user from database as a claim under Role claim type
principal =
new ClaimsPrincipal(
new ClaimsIdentity(
new Claim[] {
new Claim(ClaimTypes.NameIdentifier, userid),
new Claim(ClaimTypes.Name, uname),
new Claim(ClaimTypes.Role, role)
},
"Basic"));
return(true);
}
else
{
return(false);
}
}
public IActionResult ResetPW(ResetPW reset)
{
if (!ModelState.IsValid)
{
ViewData["Message"] = "Invalid Input";
ViewData["MsgType"] = "warning";
return(View("ResetPW"));
}
else
{
//string UserName = reset.UserName.ToString();
string UserName = TempData["un"].ToString();
string password = reset.User_PW_New.ToString();
string cfmpassword = reset.ConfirmPasswordNew.ToString();
string sql = @"SELECT * FROM AppUser WHERE UserName='******'";
string select = String.Format(sql, UserName);
DataTable dt = DBUtl.GetTable(select);
if (password.Equals(cfmpassword))
{
string update = @"UPDATE AppUser SET User_PW = HASHBYTES('SHA1','{1}') WHERE UserName = '******'";
int res = DBUtl.ExecSQL(update, UserName, password);
if (res == 1)
{
ViewData["Message"] = "Password reset successful!";
ViewData["MsgType"] = "success";
return(View("ResetPWActivate"));
}
else
{
ViewData["Message"] = "Password reset unsuccessful.";
ViewData["MsgType"] = "warning";
return(View("ResetPW"));
}
}
else
{
ViewData["Message"] = "Username cannot be verified.";
ViewData["MsgType"] = "danger";
}
return(View("ResetPW"));
}
}
public JsonResult VerifyNewUsername(string NewUsername)
{
DbSet <MesahUser> dbs = _dbContext.MesahUser;
//var userid = User.FindFirst(ClaimTypes.NameIdentifier).Value;
//MesahUser user = dbs.FromSqlInterpolated($"SELECT * FROM MesahUser WHERE UserId = {NewUsername}").FirstOrDefault();
//if (user != null)
//return Json(false);
//else
//return Json(true);
string select = $"SELECT * FROM MesahUser WHERE UserId='{NewUsername}'";
if (DBUtl.GetTable(select).Rows.Count > 0)
{
return(Json($"[{NewUsername}] already in use"));
}
return(Json(true));
}
public IActionResult ResetPWEmail(ResetPWEmail Reset)
{
var output = VerifyEmail(Reset.Email);
if (output == true)
{
string email = Reset.Email.ToString();
string select = "SELECT * FROM AppUser WHERE Email='{0}'";
DataTable dt = DBUtl.GetTable(select, email);
foreach (DataRow row in dt.Rows)
{
string Username = row.Field <string>("UserName");
string Email = row.Field <string>("Email");
string template = @"Hi {0}, <br></br> To reset your password, click the link here : <br></br><a href='" + Url.Action("ResetPW", "Account", new { un = Username }, "http") + "'>Set your new password</a></button><br></br>" + "If you did not a request a password change, you can delete this email.<br></br>" + "Regards,<br></br>" + "<i>Tribe Accelerator</i>";
string title = "Password Change";
string message = String.Format(template, Username);
if (EmailUtl.SendEmail(email, title, message, out string result))
{
ViewData["Message"] = "Email Successfully Sent";
ViewData["MsgType"] = "success";
return(View("ResetPWConfirm"));
}
else
{
ViewData["Message"] = result;
ViewData["MsgType"] = "warning";
}
}
}
else
{
ViewData["Message"] = "No such email exists.";
ViewData["MsgType"] = "warning";
return(View("ResetPWEmail"));
}
return(View());
}
public IActionResult ForgotPwd(ForgotPwd forgotPwd)
{
string email = forgotPwd.Email.ToString();
string select = "SELECT * FROM Users WHERE Email='{0}'";
DataTable dt = DBUtl.GetTable(select, email);
foreach (DataRow row in dt.Rows)
{
string fname = row.Field <string>("FullName");
string Email = row.Field <string>("Email");
string template = @"Hi {0}, <br></br>
We received a request to reset your password for your Accelerator Account. We're here to help!<br></br>
Simply click on the button to set a new password:<br></br>
<button><a href='" + Url.Action("ResetPassword", "Account", new { un = fname }, "http") + "'>Set a New Password</a></button><br></br>" +
"If you didn't ask to change your password, don't worry! Your password is still safe and you can delete this email.<br></br>" +
"Cheers,<br></br>" +
"<i>Accelerator</i>";
string title = "Reset Password";
string message = String.Format(template, fname);
string result;
if (EmailUtl.SendEmail(email, title, message, out result))
{
ViewData["Message"] = "Email Successfully Sent";
ViewData["MsgType"] = "success";
}
else
{
ViewData["Message"] = result;
ViewData["MsgType"] = "warning";
}
return(View("ForgotPwdCfm"));
}
//Create necessary database to store user info if required
// To code for forgot password to send user email for the password reset link //
return(View()); //TO remove or edit this line of code//
}
public JsonResult VerifyCurrentPassword(string CurrentPassword)
{
DbSet <MesahUser> dbs = _dbContext.MesahUser;
var userid = User.FindFirst(ClaimTypes.NameIdentifier).Value;
//var pw_bytes = System.Text.Encoding.ASCII.GetBytes(CurrentPassword);
//if (user != null)
// return Json(true);
//else
// return Json(false);
string select = $"SELECT * FROM MesahUser WHERE UserId='{userid}' AND UserPw = HASHBYTES('SHA1', '{CurrentPassword}')";
if (DBUtl.GetTable(select).Rows.Count > 0)
{
return(Json(true));;
}
return(Json(false));
}
public IActionResult Events()
{
if (User.IsInRole("Alumni"))
{
string sql = "SELECT * FROM Event WHERE Type='Alumni'";
DataTable dt = DBUtl.GetTable(sql);
return(View(dt.Rows));
}
else if (User.IsInRole("Startup"))
{
string sql = "SELECT * FROM Event WHERE Type='Startup'";
DataTable dt = DBUtl.GetTable(sql);
return(View(dt.Rows));
}
else
{
string sql = "SELECT * FROM Event";
DataTable dt = DBUtl.GetTable(sql);
return(View(dt.Rows));
}
}
private bool AuthenticateUserFace(string personId, out ClaimsPrincipal principal)
{
principal = null;
DataTable ds = DBUtl.GetTable(login_face, personId);
if (ds.Rows.Count == 1)
{
principal =
new ClaimsPrincipal(
new ClaimsIdentity(
new Claim[] {
new Claim(ClaimTypes.NameIdentifier, personId),
new Claim(ClaimTypes.Name, ds.Rows[0][NAME_COL].ToString()),
new Claim(ClaimTypes.Role, ds.Rows[0][ROLE_COL].ToString())
}, "Basic"
)
);
return(true);
}
return(false);
}
public JsonResult VerifyNewPassword(string NewPassword)
{
DbSet <MesahUser> dbs = _dbContext.MesahUser;
var userid = User.FindFirst(ClaimTypes.NameIdentifier).Value;
//var npw_bytes = System.Text.Encoding.ASCII.GetBytes(NewPassword);
//MesahUser user = dbs.FromSqlInterpolated($"SELECT * FROM MesahUser WHERE UserId = {userid} AND UserPw = HASHBYTES('SHA1', {npw_bytes})").FirstOrDefault();
//if (user != null)
// return Json(false);
//else
// return Json(true);
string select = $"SELECT * FROM MesahUser WHERE UserId='{userid}' AND UserPw = HASHBYTES('SHA1', '{NewPassword}')";
if (DBUtl.GetTable(select).Rows.Count > 0)
{
return(Json(false));;
}
return(Json(true));
}
public IActionResult DeleteProducts(int id)
{
string sql = @"SELECT * FROM Product
WHERE ProductID={0}";
string select = String.Format(sql, id);
DataTable ds = DBUtl.GetTable(select);
if (ds.Rows.Count != 1)
{
TempData["Message"] = "Product record no longer exists.";
TempData["MsgType"] = "warning";
}
else
{
string photoFile = ds.Rows[0]["picture"].ToString();
string fullpath = Path.Combine(_env.WebRootPath, "FoodPics/" + photoFile);
System.IO.File.Delete(fullpath);
string delete = @"DELETE FROM Product WHERE ProductID={0}";
int res = DBUtl.ExecSQL(delete, id);
if (res == 1)
{
TempData["Message"] = "Product Deleted";
TempData["MsgType"] = "success";
}
else
{
TempData["Message"] = DBUtl.DB_Message;
TempData["MsgType"] = "danger";
}
}
return(RedirectToAction("ListOfProducts"));
}
public IActionResult ProductEdit(String id)
{
string sql = "SELECT * FROM Product WHERE ProductId={0}";
string select = String.Format(sql, id);
DataTable dt = DBUtl.GetTable(select);
if (dt.Rows.Count == 1)
{
Product product = new Product
{
ProductId = (int)dt.Rows[0]["ProductId"],
ProductName = dt.Rows[0]["ProductName"].ToString(),
Price = (double)dt.Rows[0]["Price"],
Photo = (IFormFile)dt.Rows[0]["Photo"],
};
return(View(product));
}
else
{
TempData["Message"] = "Product Not Found";
TempData["MsgType"] = "warning";
return(RedirectToAction("ListOfProducts"));
}
}
public IActionResult Index()
{
DataTable dt = DBUtl.GetTable("SELECT * FROM Equipment_accessories");
return(View("Index", dt.Rows));
}
public IActionResult Index()
{
DataTable dt = DBUtl.GetTable("SELECT * FROM Announcement");
return(View("Index", dt.Rows));
}