public IActionResult CreateMessage(ForumModels forumModels) { if (ModelState.IsValid) { string query = $"INSERT INTO messages (user_id, message, created_at, updated_at) VALUES ({(int)HttpContext.Session.GetInt32("userID")}, '{forumModels.MessagePost.MessageContent}', NOW(), NOW());"; _dbConnector.Execute(query); return(RedirectToAction("Index")); } else { // Return validation error and store in TempData foreach (var modelState in ModelState.Values) { foreach (var error in modelState.Errors) { TempData["errors"] = error.ErrorMessage; } } return(RedirectToAction("Index")); } }
public IActionResult Register(UserRegister user) { if (ModelState.IsValid) { // Check for unique email var users = _dbConnector.Query($"SELECT * FROM users WHERE email = '{user.Email}';"); if (users.Count > 0) { ModelState.AddModelError("Email", "Email already exists"); return(View(user)); } else { PasswordHasher <UserRegister> hasher = new PasswordHasher <UserRegister>(); string hashedPassword = hasher.HashPassword(user, user.Password); string query = $"INSERT INTO users (first_name, last_name, email, password, created_at, updated_at) VALUES('{user.FirstName}','{user.LastName}','{user.Email}','{hashedPassword}', NOW(), NOW());"; _dbConnector.Execute(query); int?userID = (int)_dbConnector.Query("SELECT id FROM users ORDER BY created_at DESC LIMIT 1;")[0]["id"]; HttpContext.Session.SetInt32("userID", (int)userID); return(RedirectToAction("Index", "Forum")); } } return(View(user)); }