public List<string> ValidateUserEdit(EditUserInfoDTO info, out List<string> invalidIds)
        {
            var validationMessage = new List<string>();
            var validationId = new List<string>();

            if (string.IsNullOrEmpty(info.FirstName))
            {
                validationMessage.Add("First Name is empty.");
                validationId.Add("Firstname");
            }

            if (string.IsNullOrEmpty(info.Surname))
            {
                validationMessage.Add("Surname is empty.");
                validationId.Add("Surname");
            }

            if (string.IsNullOrEmpty(info.FirmName))
            {
                validationMessage.Add("Firmname is empty.");
                validationId.Add("Firmname");
            }

            if (string.IsNullOrEmpty(info.Email))
            {
                validationMessage.Add("Email is empty.");
                validationId.Add("Email");
            }
            else
            {

                var regex = new Regex(@"^([\w\.\-]+)@([\w\-]+)((\.(\w){2,3})+)$");
                var match = regex.Match(info.Email);
                if (!match.Success)
                {
                    validationMessage.Add("Invalid email format.");
                    validationId.Add("Email");
                }
            }
            invalidIds = validationId;
            return validationMessage;
        }
        public static void UpdateUser(EditUserInfoDTO user)
        {
            using (var connection = new SqlConnection(GetConnection()))
            {

                const string sql = @"UPDATE [dbo].[users] SET Firstname=@f, Surname=@s, Firm=@fn, Email=@e WHERE [Id] = @id";
                connection.Open();
                var cmd = new SqlCommand(sql, connection);
                cmd.Parameters.Add(new SqlParameter("@id", SqlDbType.NVarChar)).Value = user.UserId;
                cmd.Parameters.Add(new SqlParameter("@f", SqlDbType.NVarChar)).Value = user.FirstName;
                cmd.Parameters.Add(new SqlParameter("@s", SqlDbType.NVarChar)).Value = user.Surname;
                cmd.Parameters.Add(new SqlParameter("@fn", SqlDbType.NVarChar)).Value = user.FirmName;
                cmd.Parameters.Add(new SqlParameter("@e", SqlDbType.NVarChar)).Value = user.Email;

                cmd.ExecuteNonQuery();
            }
        }
        public ActionResult UpdateUserDetail(EditUserInfoDTO dto)
        {
            var validationIds = new List<string>();
            var validationMessage = ValidateUserEdit(dto, out validationIds);
            if (!validationMessage.Any())
            {
               UserManagement.UpdateUser(dto);
            }

            return Json(new
            {
                passed = !validationMessage.Any(),
                validationIds,
                validationMessage = string.Join("</br>", validationMessage)
            });
        }