0

User1 has the following field names enabled:

TrialStartDate: 26/05/2013

TrialExpiryDate: 31/05/2013

WIC_ALL: true

Price_StartDate: 28/05/2013

Price_ExpiryDate: 31/05/2013

I have two queries, and user1 falls under full-test query, however when i login as user1 against the query(full_test), it shows up as access denied. However, I can login user1 using the (NewsTrial) query. How can I differentiate the queries to ensure user1 is recongnised as (full_test) query. I have made couple changes to query, however that had no effect on the output for user1. 

  public UserDetail NewsTrial(string username, string password)
    {

        var query = from s in db.Subscriptions
                    join u in db.UserDetails on s.sUID equals u.uID
                    where s.sTrialExpiryDate >= DateTime.Now &&
                    s.sPID.Value == 163 &&
                    u.uUsername == username &&
                    u.uPassword == password
                    select u; //
        return query.FirstOrDefault();

    }

    public UserDetail full_test(string username, string password)
    {
        var query = from s in db.Subscriptions
                    join u in db.UserDetails on s.sUID equals u.uID
                    where s.sPrice_ExpiryDate >= DateTime.Now &&
                    s.sPID.Value == 163 &&
                    s.sWIC_All.Value == true &&
                    u.uUsername == username &&
                    u.uPassword == password
                    select u;
        return query.FirstOrDefault();
    }

Any advice would be very much appreciated. Many thanks.

user3070072
  • 610
  • 14
  • 37

3 Answers3

0

Well in your first method your are checking date against sTrialExpiryDate and in your second method full_test you are comparing date against sPrice_ExpiryDate. Both values for the Date part seems similar, may be it is the Time part which is different, Just to compare Date part do:

where EntityFunctions.TruncateTime(s.sPrice_ExpiryDate) >= DateTime.Today &&

Do the same with your first method.

As a side note, don't store password as plain text, store its hash value and compare against it. See: Why are plain text passwords bad, and how do I convince my boss that his treasured websites are in jeopardy?

Community
  • 1
  • 1
Habib
  • 219,104
  • 29
  • 407
  • 436
  • Thank you for your response. the above code is currently throwing: API_09Oct.Subscription' does not contain a definition for 'sPrice_ExpiryDate' and no extension method 'sPrice_ExpiryDate' accepting a first argument of type 'API_09Oct.Subscription' could be found (are you missing a using directive or an assembly reference?) ---> error. Please advice. – user3070072 Jun 06 '14 at 14:03
  • @user3070072, may be it is nullable try, `s.sPrice_ExpiryDate.Value` – Habib Jun 06 '14 at 14:08
  • apology, i have tried updating the code as yours above earlier and it still throws the same error. And yes that is correct, that my date parameters are nullable. Thank you for your help. – user3070072 Jun 06 '14 at 14:16
0

You have one condition in FullTest that you do not have in NewsTrial and that is 

s.sWIC_All.Value == true

is sWIC_All bool?

and if so then why use?

s.sWIC_All.Value == true

the better syntax would be 

s.sWIC_All
  • According to the question it is true. – Daniel Kelley Jun 06 '14 at 14:01
  • Ok, are you using the correct one, you say the user has these properties but you reference this column from the Subscription table. Is the same column in both tables? –  Jun 06 '14 at 14:02
  • wic_all is from the subscription table. user1 has Trialexpiry date and priceExpiry date setup, which are exactly the same. I am trying to look for a solution, which can overide the newsQuery, if user has priceExpiry Date and wic_all=true, enabling it login as full_test query. I hope this explains my desired solution much clearer. please advice, if possible. – user3070072 Jun 06 '14 at 14:12
  • have you tested the full_test query without using sWIC_ALL? –  Jun 06 '14 at 14:18
  • i converted the full-test query to sql query and user1 is present under the full-test query but not under the newsTrial query, hence I need the wic_all parameter in the full-test, am I correct? – user3070072 Jun 06 '14 at 14:24
  • Yes, it sounds correct, but I start by looking at what is different and rule them out. At this time I do not have any advice for you. You said that you tested using a sql query, did you put a break point and check out what EF returns, objects and types and values..... –  Jun 06 '14 at 14:33
  • Thank you for your feedback. To clarify this is how the user's logic work --> If User1 has trialStart and trialExpiry Date setup, then user becomes a newsUser. However , when the user1 also has wic_all, PriceStart and PriceExpiry Date setup too, then user1 becomes full user, making it overide the (NewsTrials) query. Do I need to create a new query which joins the trialNews query and from their i could set some logic? – user3070072 Jun 06 '14 at 14:36
0

In each case you're returning UserDetail, so there's no reason to have two separate methods that you need to then guess which is most appropriate to call. From what I understand, the only real differentiation is that a user may or may not have a value for the wic_all, PriceStart and PriceExpiry properties. However, in either case you want some sort or UserDetail instance returned, so don't make that part of your query to retrieve the user.

Then, if you want to tell if the user is a "newsUser" or "fullUser" you can add a property on your UserDetail class to determine this:

public bool IsFullUser
{
    get { return wic_All && PriceStart.HasValue && PriceExpiry.HasValue; }
}

That's a bit contrived, because honestly, I don't really understand the logic of how you're making this determination, but that should at least give you a general idea. Basically, just run whatever test determines that a user is a "fullUser" there and return true or false, appropriately. Then you can use that boolean property elsewhere in your code when you need to know this information.

Chris Pratt
  • 232,153
  • 36
  • 385
  • 444
  • This is little helpful. I'll try working around your suggestion. I may get back to you, if I am little unclear along the way, but thanks. – user3070072 Jun 06 '14 at 15:19