public string Login(string email, string password)
{
if (Session["user"] != null)
{
return("#Error: Could not log in.");
}
using (var db = new AuctionHouseDB())
{
try
{
User user = db.FindUserByEmailAndPassword(email, password, out var isAdmin);
if (user == null)
{
return("#Error: Invalid email/password.");
}
Session["user"] = user;
Session["isAdmin"] = isAdmin;
return("Successfully logged in.");
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
public string ChangeSystem([Bind(Include = "RecentAuctions,DefaultAuctionTime,SilverPackage,GoldPackage,PlatinumPackage,Currency,PriceRate")] SystemParameters parameters)
{
if (!ModelState.IsValid)
{
return("#Error: One or more parameters are not valid.");
}
using (var db = new AuctionHouseDB())
{
try
{
var current = db.GetCurrentSystemParameters();
current.RecentAuctions = parameters.RecentAuctions;
current.DefaultAuctionTime = parameters.DefaultAuctionTime;
current.SilverPackage = parameters.SilverPackage;
current.GoldPackage = parameters.GoldPackage;
current.PlatinumPackage = parameters.PlatinumPackage;
current.Currency = parameters.Currency;
current.PriceRate = parameters.PriceRate;
db.Entry(current).State = EntityState.Modified;
db.SaveChanges();
return("Successfully changed parameters!");
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return("#Error: Could change parameters.");
}
}
}
public string Register([Bind(Include = "FirstName,LastName,Email,Password")] User user)
{
if (!ModelState.IsValid)
{
foreach (var state in ModelState.Values)
{
foreach (var error in state.Errors)
{
return("#Error: " + error.ErrorMessage);
}
}
return("#Error: Unknown error.");
}
using (var db = new AuctionHouseDB())
{
try
{
user.ID = Guid.NewGuid();
user.Password = user.Password.ToMD5();
db.Users.Add(user);
db.SaveChanges();
return("Successfully registered!");
}
catch (Exception ex)
{
log.Warn(ex.Message, ex);
return("#Error: Could not register. Email already in use.");
}
}
}
public string Manage(string guid, bool approve)
{
if (Session["user"] == null || !(bool)Session["isAdmin"])
{
return(string.Empty);
}
if (string.IsNullOrWhiteSpace(guid) || !Guid.TryParse(guid, out var id))
{
return("#Error: Invalid auction id.");
}
using (var db = new AuctionHouseDB())
{
using (var transaction = db.Database.BeginTransaction(IsolationLevel.Serializable))
{
try
{
var auction = db.FindAuctionById(id);
if (auction == null)
{
throw new TransactionException("Could not find auction with such id.");
}
if (auction.OpenedOn != null)
{
throw new TransactionException("Auction was already managed.");
}
auction.OpenedOn = DateTime.Now;
if (!approve)
{
auction.CompletedOn = auction.OpenedOn;
}
db.Entry(auction).State = EntityState.Modified;
db.SaveChanges();
transaction.Commit();
try { AuctionHub.HubContext.Clients.All.onAuctionManaged(auction.ID.ToString(), auction.Title, approve ? auction.AuctionTime : 0, auction.StartingPrice, string.Empty, "[No bidder]", "<b>" + auction.OpenedOn.Value.ToString(Settings.DateTimeFormat) + "</b>", auction.CompletedOn != null ? "<b>" + auction.CompletedOn.Value.ToString(Settings.DateTimeFormat) + "</b>" : "<b style=\"color: red;\">Not complete</b>"); }
catch (Exception ex) { log.Error(ex); }
return("Auction successfully managed.");
}
catch (TransactionException ex)
{
transaction.Rollback();
return("#Error: " + ex.Message);
}
catch (Exception ex)
{
transaction.Rollback();
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
}
public string OrderTokens(int package)
{
if (Session["user"] == null)
{
return(string.Empty);
}
using (var db = new AuctionHouseDB())
{
try
{
var parameters = db.GetCurrentSystemParameters();
decimal amount = 0;
switch (package)
{
case 0: amount = parameters.SilverPackage; break;
case 1: amount = parameters.GoldPackage; break;
case 2: amount = parameters.PlatinumPackage; break;
default: return("#Error: Such package does not exist.");
}
var order = new TokenOrder
{
ID = Guid.NewGuid(),
Buyer = ((User)Session["user"]).ID,
Amount = amount,
Currency = parameters.Currency,
PriceRate = parameters.PriceRate,
Status = null
};
try
{
db.TokenOrders.Add(order);
db.SaveChanges();
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return("#Error: Could not initiate order. Please, try again.");
}
AuctionHub.HubContext.Clients.All.onTokenOrderCreated(order.Buyer.ToString(), order.ID.ToString(), order.Amount.ToString(Settings.DecimalFormat), order.Currency, order.PriceRate.ToString(Settings.DecimalFormat));
return("<a id=\"c-mobile-payment-widget\" href=\"https://stage.centili.com/payment/widget?apikey=b23180535003ba668fe3d1d2876ad928&reference=" + order.ID + "&country=rs&package=" + package + "\" target=\"_blank\"><img src=\"https://www.centili.com/images/centili-widget-button.png\"/></a>");
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
public ActionResult Index()
{
using (var db = new AuctionHouseDB())
{
try
{
ViewBag.NavIndex = 0;
ViewBag.RecentAuctions = db.GetCurrentSystemParameters().RecentAuctions;
return(View(db.FindActiveAndCompletedAuctions(true)));
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return(View("Error"));
}
}
}
public ActionResult System()
{
if (Session["user"] == null || !(bool)Session["isAdmin"])
{
return(HttpNotFound());
}
using (var db = new AuctionHouseDB())
{
try
{
ViewBag.NavIndex = 4;
return(View(db.GetCurrentSystemParameters()));
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return(View("Error"));
}
}
}
public ActionResult ViewProfile(string id)
{
using (var db = new AuctionHouseDB())
{
try
{
if (Session["user"] == null)
{
return(HttpNotFound());
}
User user = null;
if (Guid.TryParse(id, out var userid))
{
user = db.FindUserById(userid);
}
else
{
user = db.FindUserById(((User)Session["user"]).ID);
}
if (user == null)
{
user = Models.User.Dummy;
}
else if (user.ID == ((User)Session["user"]).ID)
{
ViewBag.TokenOrders = db.FindUserTokenOrders(user);
}
return(View(user));
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return(View("Error"));
}
}
}
public void PaymentProcessed(string clientId, string status)
{
using (var db = new AuctionHouseDB())
{
using (var transaction = db.Database.BeginTransaction(IsolationLevel.Serializable))
{
try
{
TokenOrder order = null;
if (Guid.TryParse(clientId, out var id))
{
order = db.FindTokenOrderByGuid(id);
}
if (order == null)
{
throw new TransactionException("Invalid payment id.");
}
if (order.Status != null)
{
throw new TransactionException("Payment already proccessed.");
}
order.Status = status == "success";
db.Entry(order).State = EntityState.Modified;
var user = db.FindUserById(order.Buyer);
decimal balance = -1;
if (order.Status.Value)
{
user.Balance += order.Amount;
balance = user.Balance;
db.Entry(user).State = EntityState.Modified;
}
db.SaveChanges();
transaction.Commit();
try
{
AuctionHub.HubContext.Clients.All.onTokenOrderCompleted(order.Buyer.ToString(), order.ID.ToString(), balance, order.Status.Value);
Mailer.SendMail(Settings.SMTPUsername, "Auction House", user.Email, user.FirstName + " " + user.LastName, "Auction House - Token Order",
"Dear " + user.FirstName + "," + Environment.NewLine +
Environment.NewLine +
"This e-mail has been sent to inform you that your token order" + Environment.NewLine +
"has been processed and marked as [" + (order.Status.Value ? "COMPLETE" : "FAILED") + "]." + Environment.NewLine +
Environment.NewLine +
"Please, do not reply to this e-mail as you will not get any response." + Environment.NewLine +
Environment.NewLine +
"Kind regards," + Environment.NewLine +
"Auction House"
);
}
catch (Exception ex) { log.Error(ex.Message, ex); }
}
catch (TransactionException ex)
{
transaction.Rollback();
log.Warn(ex.Message, ex);
}
catch (Exception ex)
{
transaction.Rollback();
log.Error(ex.Message, ex);
}
}
}
}
public string ChangeInfo(string oldpassword, string firstname, string lastname, string email, string password)
{
if (Session["user"] == null)
{
return(string.Empty);
}
using (var db = new AuctionHouseDB())
{
try
{
if (string.IsNullOrWhiteSpace(oldpassword))
{
return("#Error: You must supply your old password!");
}
User user = (User)Session["user"];
if (user.Password != oldpassword.ToMD5())
{
return("#Error: Old password does not match your current one.");
}
user = db.FindUserById(user.ID);
StringBuilder sb = new StringBuilder("Success: [");
if (!string.IsNullOrWhiteSpace(firstname))
{
user.FirstName = firstname;
sb.Append("First Name,");
}
if (!string.IsNullOrWhiteSpace(lastname))
{
user.LastName = lastname;
sb.Append("Last Name,");
}
if (!string.IsNullOrWhiteSpace(email) && db.FindUserByEmail(email) == null)
{
user.Email = email;
sb.Append("Email,");
}
if (!string.IsNullOrWhiteSpace(password))
{
user.Password = password;
sb.Append("Password,");
}
sb[sb.Length - 1] = ']';
if (!ModelState.IsValid)
{
foreach (var state in ModelState.Values)
{
foreach (var error in state.Errors)
{
return("#Error: " + error.ErrorMessage);
}
}
return("#Error: Unknown error.");
}
user.Password = user.Password.ToMD5();
db.Entry(user).State = EntityState.Modified;
try { db.SaveChanges(); }
catch { return("#Error: One or more fields are not in a correct format (eg. invalid email)."); }
Session["user"] = user;
return(sb.ToString());
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
public string Create(string title, int time, decimal price)
{
if (Session["user"] == null)
{
return(string.Empty);
}
using (var db = new AuctionHouseDB())
{
try
{
var sysparams = db.GetCurrentSystemParameters();
if (title == null || string.IsNullOrWhiteSpace(title))
{
return("#Error: Invalid title.");
}
if (time <= 0)
{
time = sysparams.DefaultAuctionTime;
}
if (price < 0)
{
return("#Error: Invalid price.");
}
var uploadFailed = true;
var guid = Guid.NewGuid();
for (int i = 0; i < Request.Files.Count; ++i)
{
if (Request.Files[i].ContentType == "image/png")
{
Directory.CreateDirectory(Server.MapPath("~/assets/storage/auctions/" + guid.ToString() + "/"));
Request.Files[i].SaveAs(Server.MapPath("~/assets/storage/auctions/" + guid.ToString() + "/" + i + ".png"));
uploadFailed = false;
}
}
if (uploadFailed)
{
return("#Error: You must supply at least one image.");
}
var user = (User)Session["user"];
var auction = new Auction
{
ID = guid,
Title = title,
AuctionTime = time,
CreatedOn = DateTime.Now,
OpenedOn = null,
CompletedOn = null,
StartingPrice = price,
Currency = sysparams.Currency,
PriceRate = sysparams.PriceRate,
Holder = user.ID
};
try
{
db.Auctions.Add(auction);
db.SaveChanges();
}
catch { return("#Error: Could not create the auction. Some of the values are invalid."); }
AuctionHub.HubContext.Clients.All.onAuctionCreated(auction.ID.ToString(), auction.Title, auction.AuctionTime, auction.StartingPrice, auction.CreatedOn.ToString(Settings.DateTimeFormat), user.FirstName + " " + user.LastName);
return(auction.ID.ToString());
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
public string Claim(string guid)
{
var user = Session["user"] as User;
if (user == null)
{
return(string.Empty);
}
using (var db = new AuctionHouseDB())
{
using (var transaction = db.Database.BeginTransaction(IsolationLevel.Serializable))
{
try
{
Auction auction = null;
if (Guid.TryParse(guid, out var id))
{
auction = db.FindAuctionById(id);
}
if (auction == null)
{
throw new TransactionException("Invalid auction.");
}
if (auction.Holder != user.ID)
{
throw new TransactionException("Can't claim auction prize.");
}
if (auction.OpenedOn == null)
{
throw new TransactionException("Auction is not opened.");
}
var now = DateTime.Now;
if (now < auction.OpenedOn.Value.AddSeconds(auction.AuctionTime))
{
throw new TransactionException("Auction is not finished yet.");
}
if (auction.CompletedOn != null)
{
throw new TransactionException("Auction is completed, no prize left to claim.");
}
auction.CompletedOn = now;
db.Entry(auction).State = EntityState.Modified;
var lastBid = auction.LastBid;
if (lastBid != null)
{
user = db.FindUserById(user.ID);
user.Balance += lastBid.Amount;
db.Entry(user).State = EntityState.Modified;
}
db.SaveChanges();
transaction.Commit();
return("Successfully claimed auction prize. Please, check your balance.");
}
catch (TransactionException ex)
{
transaction.Rollback();
return("#Error: " + ex.Message);
}
catch (Exception ex)
{
transaction.Rollback();
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
}
public string Bid(string guid, decimal amount)
{
var user = Session["user"] as User;
if (user == null)
{
return("#Error: Please, log in!");
}
if (!Guid.TryParse(guid, out var id))
{
return("#Error: Invalid guid.");
}
using (var db = new AuctionHouseDB())
{
using (var transaction = db.Database.BeginTransaction(IsolationLevel.Serializable))
{
try
{
var auction = db.FindAuctionById(id);
if (auction == null)
{
throw new TransactionException("Auction does not exist (to bid on such).");
}
if (auction.OpenedOn == null)
{
throw new TransactionException("Auction is not opened yet.");
}
if (auction.CompletedOn != null || DateTime.Now >= auction.OpenedOn.Value.AddSeconds(auction.AuctionTime))
{
throw new TransactionException("Auctions is closed.");
}
if (auction.Holder == user.ID)
{
throw new TransactionException("Cannot bid on owning auction.");
}
var lastBid = auction.LastBid;
if (lastBid != null)
{
if (amount <= lastBid.Amount)
{
throw new TransactionException("Cannot bid with lower price than current.");
}
}
else
{
if (amount <= auction.StartingPrice)
{
throw new TransactionException("Cannot bid with lower price than current.");
}
}
user = db.FindUserById(user.ID);
if (user.Balance < amount)
{
throw new TransactionException("Insufficient funds.");
}
if (lastBid != null)
{
lastBid.User.Balance += lastBid.Amount;
db.Entry(lastBid.User).State = EntityState.Modified;
}
user.Balance -= amount;
db.Entry(user).State = EntityState.Modified;
var bid = new Bid
{
ID = Guid.NewGuid(),
Bidder = user.ID,
Auction = auction.ID,
BidOn = DateTime.Now,
Amount = amount
};
db.Bids.Add(bid);
db.SaveChanges();
transaction.Commit();
try { AuctionHub.HubContext.Clients.All.onBid(auction.ID.ToString(), user.ID.ToString(), user.FirstName + " " + user.LastName, bid.BidOn.ToString(Settings.DateTimeFormat), amount); }
catch (Exception ex) { log.Error(ex); }
return("Bidding successful.");
}
catch (TransactionException ex)
{
transaction.Rollback();
return("#Error: " + ex.Message);
}
catch (Exception ex)
{
transaction.Rollback();
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
}
public ActionResult Show(string id)
{
using (var db = new AuctionHouseDB())
{
try
{
if (!Guid.TryParse(id, out var guid))
{
return(HttpNotFound());
}
var auction = db.FindAuctionById(guid, true);
if (auction == null)
{
return(HttpNotFound());
}
if (auction.OpenedOn == null &&
(Session["user"] == null || !(bool)Session["isAdmin"] && ((User)Session["user"]).ID != auction.Holder))
{
return(HttpNotFound());
}
if (auction.OpenedOn != null && auction.CompletedOn == null)
{
var completedOn = auction.OpenedOn.Value.AddSeconds(auction.AuctionTime);
if (DateTime.Now >= completedOn)
{
auction.CompletedOn = completedOn;
}
}
var images = new List <string>(16);
var path = "/assets/storage/auctions/" + auction.ID.ToString() + "/";
foreach (var file in Directory.EnumerateFiles(Server.MapPath("~" + path)))
{
if (file.EndsWith(".png"))
{
images.Add(path + Path.GetFileName(file));
}
}
ViewBag.ImageSources = images;
var lastBid = auction.LastBid;
if (lastBid != null)
{
ViewBag.Bidder = lastBid.User;
ViewBag.CurrentPrice = lastBid.Amount;
}
else
{
ViewBag.CurrentPrice = auction.StartingPrice;
}
return(View(auction));
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return(View("Error"));
}
}
}
