public ActionResult Index( FormCollection form )
{
DataAccessor data = new DataAccessor();
String username = form["username"];
String password = form["password"];
if (!data.isUser(username))
{
Session["Error"] = "No such user: "******"Error");
}
User current = data.login(username, password);
if (current == null)
{
Session["Error"] = "Invalid password";
return RedirectToAction("Error");
}
Session["User"] = current;
return View();
}
public string userUpdate(int userID, bool userActive, string userPassword, int studyID, int studyUserGroupID)
{
DataAccessor database = new DataAccessor();
User u = database.getUserByID(userID);
User uu = database.login(u.Username, userPassword);
StudiesUser su = database.studiesUserFromUser(u);
bool movable = database.userEligibileToMove(userID);
if (database.studyIDFromUser(u) != studyID || su.UserGroupID != studyUserGroupID)
{
if (!movable) return "Error: Cannot move user.";
database.updateStudiesUser(userID, studyID, studyUserGroupID);
}
if(uu == null || (u.Active != userActive) )
{
database.updateUser(userID, userActive, userPassword);
}
return "Update successful.";
}