public IActionResult CreateUser(MesahUser usr) { if (!ModelState.IsValid) { ViewData["Message"] = "Invalid Input"; ViewData["MsgType"] = "warning"; return(View("CreateUser")); } else { string insert = @"INSERT INTO MesahUser(UserId, UserPw, FullName, Email, Address, PostalCode, Phone, UserRole) VALUES('{0}',HASHBYTES('SHA1','{1}'),'{2}','{3}','{4}','{5}','{6}','{7}')"; if (DBUtl.ExecSQL(insert, usr.UserId, usr.UserPw, usr.FullName, usr.Email, usr.Address, usr.PostalCode, usr.Phone, usr.UserRole) == 1) { ViewData["Message"] = "User Created"; ViewData["MsgType"] = "success"; } else { ViewData["Message"] = DBUtl.DB_Message; ViewData["MsgType"] = "danger"; } return(RedirectToAction("ShowUsers")); } }
public JsonResult VerifyEmail(string Email) { DbSet <MesahUser> dbs = _dbContext.MesahUser; MesahUser user = dbs.FromSqlInterpolated($"SELECT * FROM MesahUser WHERE Email= {Email}").FirstOrDefault(); if (user != null) { return(Json(true)); } else { return(Json(false)); } }
public IActionResult EditUser(string id) { string userid = User.FindFirst(ClaimTypes.NameIdentifier).Value; string select = @"SELECT * FROM MesahUser WHERE UserId = '{0}'"; List <MesahUser> list = DBUtl.GetList <MesahUser>(select, id); if (list.Count == 1) { MesahUser user = list[0]; return(View("EditUser", user)); } else { TempData["Message"] = "Data not found"; TempData["MsgType"] = "warning"; return(RedirectToAction("Index")); } }
public IActionResult EditUser(string id, MesahUser mesah) { string userid = User.FindFirst(ClaimTypes.NameIdentifier).Value; string sql = @"UPDATE MesahUser SET FullName ='{1}', UserRole ='{2}', Email = '{3}', Phone ='{4}' WHERE UserId = '{0}'"; if (DBUtl.ExecSQL(sql, id, mesah.FullName, mesah.UserRole, mesah.Email, mesah.Phone) == 1) { ViewData["Message"] = "Profile Updated"; ViewData["MsgType"] = "success"; } else { ViewData["Message"] = DBUtl.DB_Message; ViewData["MsgType"] = "danger"; } return(RedirectToAction("ShowUsers")); }
public IActionResult EditProfile(MesahUser mesah) { string userid = User.FindFirst(ClaimTypes.NameIdentifier).Value; string sql = @"UPDATE MesahUser SET FullName ='{1}', Email ='{2}', Address = '{3}', PostalCode = '{4}', Phone ='{5}' WHERE UserId = '{0}'"; if (DBUtl.ExecSQL(sql, userid, mesah.FullName, mesah.Email, mesah.Address, mesah.PostalCode, mesah.Phone) == 1) { ViewData["Message"] = "Profile Updated"; ViewData["MsgType"] = "success"; } else { ViewData["Message"] = DBUtl.DB_Message; ViewData["MsgType"] = "danger"; } return(View("EditProfile")); }