public IActionResult OnPostPromote(string user) { if (CurrentLogged.getRole() == 1) { Error = "You are not authorized to promote users"; return(Page()); } DBHandler db = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass())); string query = "SELECT username FROM user WHERE username='******';"; MySqlDataReader reader = db.performQuery(query); Error = "Unknown error occured"; if (!reader.HasRows) { Error = "No user found"; } else { query = "UPDATE user SET roleID = '" + CurrentLogged.getRole() + "' WHERE username='******';"; reader = db.performQuery(query); Error = "Update successful"; } username = CurrentLogged.getUsername(); return(Page()); }
public IActionResult OnPostLogin(string user, string pass) { string query = "SELECT username, password, userID, roleID FROM user WHERE username='******' AND password='******';"; DBHandler db = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass())); // change to username and password later MySqlDataReader reader; try { reader = db.performQuery(query); if (reader == null) { Error = "Could not Query. reader is null"; return(Page()); } else if (!reader.HasRows) { Error = "Could not Login. Bad username or password"; return(Page()); } else { reader.Read(); CurrentLogged.login(reader.GetString("username"), reader.GetInt32("userID"), reader.GetInt32("roleID")); return(Redirect("Account")); } } catch (Exception e) { Error = "Error Querying Database" + db.getError(); return(Page()); } }
public IActionResult OnGet() { if (CurrentLogged.isLoggedIn()) { return(Redirect("Account")); } Error = "Enter your username and password"; return(null); }
public IActionResult OnPostTransaction() { username = CurrentLogged.getUsername(); if (CurrentLogged.getRole() != 2 && CurrentLogged.getRole() != 3) { Error = "You are not authorized to fill out a transaction"; return(Page()); } return(Redirect("Transactions")); }
public IActionResult OnPostReport() { username = CurrentLogged.getUsername(); System.Diagnostics.Debug.WriteLine(CurrentLogged.getRole()); if (CurrentLogged.getRole() != 2 && CurrentLogged.getRole() != 3) { Error = "You are not authorized to search for reports"; return(Page()); } return(Redirect("GetReport")); }
public IActionResult OnGet() { if (!CurrentLogged.isLoggedIn()) { return(Redirect("Login")); } username = CurrentLogged.getUsername(); Error = "Select an option below"; return(Page()); }
public IActionResult OnPostDonation(string name, string description, string quantity) { int quantityValue; if (!int.TryParse(quantity, out quantityValue)) { Error = "Quantity needs to be a number value"; return(Page()); } if (name == null || description == null || quantityValue == null) { Error = "error, no fields can be left blank"; return(Page()); } else { DBHandler db = new DBHandler(DBHandler.connectionStringBuilder(MysqlLogins.getMySqlUser(), MysqlLogins.getMySqlPass())); string query = "INSERT INTO transactions(name, description, userID, time, roleID, QUANTITY) VALUES ('" + name + "', '" + description + "', '" + CurrentLogged.getID() + "', '" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "', '" + CurrentLogged.getRole() + "', '" + quantityValue + "');"; MySqlDataReader reader; try { reader = db.performQuery(query); if (reader == null) { Error = "can not perform query"; return(Page()); } } catch (Exception e) { Error = "Could not perform query"; return(Page()); } } return(Redirect("Account")); }
public void OnGet() { logged = CurrentLogged.isLoggedIn().ToString(); }
public IActionResult OnPostLogout() { CurrentLogged.logout(); return(Redirect("Index")); }