//[ValidateAntiForgeryToken] public ActionResult Registration(user user1) { string fileName = Path.GetFileNameWithoutExtension(user1.userInfo.FileName); string extension = Path.GetExtension(user1.userInfo.FileName); fileName = fileName + DateTime.Now.ToString("yymmssfff") + extension; user1.profilePicture = "~/PPDir/" + fileName; fileName = Path.Combine(Server.MapPath("~/PPDir/"), fileName); user1.userInfo.SaveAs(fileName); // Validacija modela if (ModelState.IsValid) { // Hashing lozinke - preuzima se lozinka koju korisnik unosi i hashira se - takva se pohranjuje u bazu podataka // Znači da ne spremamo čisti string u bazu podataka,što je doprinosi sigurnosti računa korisnika user1.Password = Crypto.Hash(user1.Password); user1.ConfirmPassword = Crypto.Hash(user1.ConfirmPassword); // Pohranjivanje podataka u bazu podataka using (DbBaza dc = new DbBaza()) { dc.userInfo.Add(user1); try { dc.SaveChanges(); } catch (DbEntityValidationException ex) { foreach (var entityValidationErrors in ex.EntityValidationErrors) { foreach (var validationError in entityValidationErrors.ValidationErrors) { Response.Write("Property: " + validationError.PropertyName + " Error: " + validationError.ErrorMessage); } } } RedirectToAction("Index"); } } return(View(user1)); }
public ActionResult Add(video videoModel) { // U ovoj varijabli iUser je spremljen ID usera koji je loginan trenutno,pa moremo koristiti da ga spremimo u taj // videouserId kad uploadamo video string username = User.Identity.GetUserName(); var wholeUser = db.userInfo.FirstOrDefault(x => x.Username == username); int iUser = wholeUser.UserID; //convert v file path ime datoteke i extension posebno string fileName = Path.GetFileNameWithoutExtension(videoModel.videoFile.FileName); string extension = Path.GetExtension(videoModel.videoFile.FileName); //provjera ako je file video formata if (extension == ".mp4" || extension == ".3gp" || extension == ".webm" || extension == ".flv" || extension == ".ogg" || extension == ".gifv" || extension == ".avi" || extension == ".mov" || extension == ".amv") { //stvaranje modela za upis u bazu //svaki stupac tablice se može dodati i uredi ručno sa sintaksom videoModel.imeStupca fileName = fileName + DateTime.Now.ToString("yymmssfff") + extension; //definira da se sprema u folder SaveDir unutar projekta, promjenjeno bude na neku server mapu videoModel.videoPath = "~/SaveDir/" + fileName; fileName = Path.Combine(Server.MapPath("~/SaveDir/"), fileName); videoModel.videoFile.SaveAs(fileName); videoModel.uploadDate = DateTime.Now; videoModel.userID = iUser; db.videoFile.Add(videoModel); db.SaveChanges(); //trebalo bi returnat stranicu s prikazom uploadonog videja return Content("uploadan"); // return Content("uploadan"); return(RedirectToAction("videoPage", new { id = videoModel.videoID })); } else { //trebalo bi napraviti exception kad se pokusa uploadad file koji nije video formata return(Content("File nije video")); } }
//[ValidateAntiForgeryToken] public ActionResult Registration(user user1) { string message = ""; DbBaza dc = new DbBaza(); string fileName = Path.GetFileNameWithoutExtension(user1.userInfo.FileName); string extension = Path.GetExtension(user1.userInfo.FileName); fileName = fileName + DateTime.Now.ToString("yymmssfff") + extension; user1.profilePicture = "~/PPDir/" + fileName; fileName = Path.Combine(Server.MapPath("~/PPDir/"), fileName); user1.userInfo.SaveAs(fileName); if (!String.IsNullOrEmpty(user1.Username)) { var TakenUsername = dc.userInfo.Any(x => x.Username == user1.Username); if (TakenUsername) { ModelState.AddModelError("Username", "This username is already taken"); } } if (!String.IsNullOrEmpty(user1.Email)) { var emailTaken = dc.userInfo.Any(x => x.Email == user1.Email); if (emailTaken) { ModelState.AddModelError("Email", "There is already a user registered with this email"); } } // Validacija modela if (ModelState.IsValid) { // Hashing lozinke - preuzima se lozinka koju korisnik unosi i hashira se - takva se pohranjuje u bazu podataka // Znači da ne spremamo čisti string u bazu podataka,što je ključno za sigurnost lozinki računa korisnika var passwordHash = jaj.Misc.PasswordHelper.HashPassword(user1.PasswordEnter); // slučajna vrijednost koja sprječava rainbow napad (unaprijed izračunati hashevi lozinki) user1.Salt = passwordHash.Item1; user1.Password = passwordHash.Item2; // Pohranjivanje podataka u bazu podataka dc.userInfo.Add(user1); try { dc.SaveChanges(); message = "Registration successfully done,you can now login "; } catch (DbEntityValidationException ex) { foreach (var entityValidationErrors in ex.EntityValidationErrors) { foreach (var validationError in entityValidationErrors.ValidationErrors) { Response.Write("Property: " + validationError.PropertyName + " Error: " + validationError.ErrorMessage); } } } ViewBag.Message = message; RedirectToAction("Index"); } return(View(user1)); }
public ActionResult Edit(userEdit user2) { using (DbBaza dc = new DbBaza()) { string username = User.Identity.GetUserName(); var wholeUser = dc.userInfo.FirstOrDefault(x => x.Username == username); //int idUser = (int)TempData["mydata"]; //var wholeUser = dc.userInfo.FirstOrDefault(x => x.UserID == idUser); // Baca exception na user2.userInfo //string fileName = Path.GetFileNameWithoutExtension(user2.userInfo.FileName); //string extension = Path.GetExtension(user2.userInfo.FileName); //fileName = fileName + DateTime.Now.ToString("yymmssfff") + extension; //user2.profilePicture = "~/PPDir/" + fileName; //fileName = Path.Combine(Server.MapPath("~/PPDir/"), fileName); //user2.userInfo.SaveAs(fileName); var ajdi = wholeUser.UserID; if (!String.IsNullOrWhiteSpace(user2.Email)) { var emailTaken = dc.userInfo.Any(x => x.Email == user2.Email && x.UserID != ajdi); if (emailTaken) { ModelState.AddModelError("Email", "This Email is already taken"); } } if (!String.IsNullOrWhiteSpace(user2.Username)) { var usernameTaken = dc.userInfo.Any(x => x.Username == user2.Username && x.UserID != ajdi); if (usernameTaken) { ModelState.AddModelError("Username", "This Username is already taken"); } } if (ModelState.IsValid) { var tempUsername = wholeUser.Username; wholeUser.Email = user2.Email; wholeUser.Username = user2.Username; wholeUser.FavTag = user2.FavTag; dc.Entry(wholeUser).State = System.Data.Entity.EntityState.Modified; dc.Configuration.ValidateOnSaveEnabled = false; string usernameuser = wholeUser.Username; dc.SaveChanges(); if (wholeUser.Username != tempUsername) { // Ako se promjeni username onda se stvara novi autorizacijski cookie,nisam kopiral opet sve komentare za svaku // liniju jer sve pise na login post metodi LoggedInUser userIn = new LoggedInUser(wholeUser); LoggedInUserSerializeModel serializeUser = new LoggedInUserSerializeModel(); serializeUser.CopyFromUser(userIn); JavaScriptSerializer serializer = new JavaScriptSerializer(); string userInformation = serializer.Serialize(serializeUser); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, // Verzija userIn.Identity.Name, // Ime tiketa,korisnicko ime jer smo postavili Identity.Name na username DateTime.Now, // Vrijeme trajanja ticketa - od DateTime.Now.AddDays(1), // Vrijeme trajanja ticketa - do - jedan dan traje false, // isPersistent userInformation); // Korisnicki podaci koji su serijalizirani string ticketEncrypted = FormsAuthentication.Encrypt(authTicket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted); Response.Cookies.Add(cookie); return(RedirectToAction("Registration", "User")); } else { return(RedirectToAction("Index", "videoList")); } } return(View(user2)); } }