public ActionResult Addition(Guid id, string name, decimal?price, ListingAdditionType latype) { if (name.Length <= 50 && name.Length > 1 && price.HasValue && price.Value >= 0 && latype != ListingAdditionType.Description) { Listing list = data.Listings.GetByID(id); if (list != null && !list.IsDeleted && !list.IsExpired() && WebSecurity.CurrentUserId == list.UserId) { if (list.ListingAdditions.Count(s => (ListingAdditionType)s.AdditionType == latype) < Globals.ListAddOpts[latype]) { ListingAddition la = new ListingAddition() { AdditionType = (short)latype, CreatedDate = DateTime.Now, ListingId = list.ListingId, Name = name }; if (latype == ListingAdditionType.Shipping) // only allow price on shipping for now { la.Price = price; } data.ListingAdditions.Insert(la); data.Save(); } } } return(RedirectToAction("view", new { id = id.StringWithoutDashes() })); }
public ActionResult Append(Guid id, string descadd) { if (descadd.Length <= 500 && descadd.Length > 3) { Listing list = data.Listings.GetByID(id); if (list != null && !list.IsDeleted && !list.IsExpired() && WebSecurity.CurrentUserId == list.UserId) { if (list.ListingAdditions.Count(s => (ListingAdditionType)s.AdditionType == ListingAdditionType.Description) < Globals.ListAddOpts[ListingAdditionType.Description]) { ListingAddition la = new ListingAddition() { AdditionType = (short)ListingAdditionType.Description, CreatedDate = DateTime.Now, ListingId = list.ListingId, Description = descadd }; data.ListingAdditions.Insert(la); data.Save(); } } } return(RedirectToAction("view", new { id = id.StringWithoutDashes() })); }
public HttpResponseMessage Put(string id, EscrowWebCreate form) { Guid listid; if (!string.IsNullOrEmpty(id) && Guid.TryParse(id, out listid)) { Listing list = data.Listings.GetByID(listid); if (list != null) { if (!form.PubKey.StartsWith("-----BEGIN PUBLIC KEY-----\nMI") || !form.PubKey.EndsWith("-----END PUBLIC KEY-----")) { ModelState.AddModelError("PubKey", "Invalid public key"); } if (list.UserProfile.UserId == WebSecurity.CurrentUserId) // cant buy own item { ModelState.AddModelError("id", "Cannot buy own item"); } if (list.ListingAdditions.Any(s => (ListingAdditionType)s.AdditionType == ListingAdditionType.Shipping) && (!form.ShippingId.HasValue || !list.ListingAdditions.Where(s => (ListingAdditionType)s.AdditionType == ListingAdditionType.Shipping) .Any(s => s.LAId == form.ShippingId.Value))) // Bad shipping selection { ModelState.AddModelError("ShippingId", "Invalid shipping id"); } if ((form.VariationId.HasValue && form.VariationId.Value > -1) && !list.ListingAdditions.Where(s => (ListingAdditionType)s.AdditionType == ListingAdditionType.SingleSelect) .Any(s => s.LAId == form.VariationId.Value)) // Bad variation { ModelState.AddModelError("VariationId", "Invalid variation id"); } if (!ModelState.IsValid) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } else { ListingAddition ship = form.ShippingId.HasValue ? list.ListingAdditions.SingleOrDefault(s => s.LAId == form.ShippingId.Value) : null; ListingAddition vari = form.VariationId.HasValue && form.VariationId.Value > -1 ? list.ListingAdditions.SingleOrDefault(s => s.LAId == form.VariationId.Value) : null; EscrowCodeSet cs = new EscrowCodeSet(); Escrow escrow = new Escrow() { EscrowId = Guid.NewGuid(), BuyerId = WebMatrix.WebData.WebSecurity.CurrentUserId, SellerId = list.UserId, BuyerPubkey = form.PubKey, BuyerPrivkey = form.EncPrivKey, EicA = cs.EscrowInvitationCodeA, EicB = cs.EscrowInvitationCodeB, State = (int)EscrowState.Created, CreatedDate = DateTime.Now, ListingId = list.ListingId, ShippingName = ship != null ? ship.Name : null, ShippingPrice = ship != null ? ship.Price : new Nullable <decimal>(), VariationName = vari != null ? vari.Name : null }; //pubkeymd5 = MD5.Create() // .ComputeHash(Encoding.UTF8.GetBytes(form.PubKey)) // .Select(x => x.ToString("x2")) // .Aggregate((i, j) => i + j) try { data.Escrows.Insert(escrow); data.Save(); User buyer = data.Users.GetByID(WebMatrix.WebData.WebSecurity.CurrentUserId); string emailBodyText = "<p>User <b>" + buyer.UserName + "</b> wants to purchase your listing for: </p>" + "<p><i>" + escrow.Listing.Title + "</p></i>" + "<p>Click <a href=\"https://anark.it/escrow/\">here</a> to view your transactions</p><br/>" + "<p>You may contact the buyer at <a href=\"mailto:" + buyer.Email + "\">" + buyer.Email + "</a></p>" + "<p>For extra security, ask for the Session Code from the buyer if he has not already emailed it to you.</p>"; Globals.SendEmail(list.UserProfile.Email, "You have a purchase request!", emailBodyText); } catch (Exception err) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Failed to save")); } return(Request.CreateResponse(HttpStatusCode.Created, list.UserProfile.Email)); } } else { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, "Not found")); } } else { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, "Not found")); } }
public ActionResult Create(string id, int?Variation, int?ShippingSelection) { Guid listid; if (!Guid.TryParse(id, out listid)) { return(RedirectToAction("notfound", "error")); } Listing list = data.Listings.GetByID(listid); if (list != null) { if (list.Escrows.Where(s => s.ClosedDt == null) .Any(s => s.BuyerId == WebSecurity.CurrentUserId)) { return(RedirectToAction("Index")); // user already has active escrow } if (list.UserProfile.UserId == WebSecurity.CurrentUserId) // cant buy own item { return(RedirectToAction("view", "listings", new { id = id })); } if (list.ListingAdditions.Any(s => (ListingAdditionType)s.AdditionType == ListingAdditionType.Shipping) && (!ShippingSelection.HasValue || !list.ListingAdditions.Where(s => (ListingAdditionType)s.AdditionType == ListingAdditionType.Shipping) .Any(s => s.LAId == ShippingSelection.Value))) // Bad shipping selection { return(RedirectToAction("view", "listings", new { id = id })); } if ((Variation.HasValue && Variation.Value > -1) && !list.ListingAdditions.Where(s => (ListingAdditionType)s.AdditionType == ListingAdditionType.SingleSelect) .Any(s => s.LAId == Variation.Value)) // Bad variation { return(RedirectToAction("view", "listings", new { id = id })); } ListingAddition ship = ShippingSelection.HasValue ? list.ListingAdditions.SingleOrDefault(s => s.LAId == ShippingSelection.Value) : null; ListingAddition vari = Variation.HasValue && Variation.Value > -1 ? list.ListingAdditions.SingleOrDefault(s => s.LAId == Variation.Value) : null; EscrowCreateView view = new EscrowCreateView() { Id = listid.StringWithoutDashes(), Item = ListingToItem(list), FeedBadge = new FeedbackBadgeModel() { Sales = list.UserProfile.FeedbacksAbout.Count, Username = list.UserProfile.UserName, Score = list.UserProfile.SellerScore } }; view.Item.Options = new PurchaseOptions() { ShippingId = ShippingSelection, ShippingName = ship != null ? ship.Name : null, ShippingPrice = ship != null ? ship.Price : null, VariationId = Variation, VariationChoice = vari != null ? vari.Name : null }; ViewBag.Title = "Request buy: " + list.Title; return(View(view)); } return(RedirectToAction("notfound", "error")); }