private void btnAdd_Click(object sender, RoutedEventArgs e) { if (!General.oRep.isAdmin) { MessageBox.Show("You must be an administrator to add users"); return; } Random rnd = new Random(); int unrnd = rnd.Next(10, 99); string username = ""; string password = "", hashpassword = ""; Rep tmprep = new Rep(); if (string.IsNullOrEmpty(tboxFirstName.Text)) { MessageBox.Show("First Name is required"); return; } else if (string.IsNullOrEmpty(tboxPassword.Text)) { MessageBox.Show("Password is required"); return; } username = tboxFirstName.Text.Substring(0, 1).ToLower() + tboxLastName.Text.ToLower() + unrnd.ToString(); password = tboxPassword.Text; hashpassword = PasswordHash.CreateHash(password); tmprep.Name = tboxFirstName.Text + " " + tboxLastName.Text; tmprep.Company = cboxCompany.Text; tmprep.Password = hashpassword; tmprep.isAdmin = (bool)chAdmin.IsChecked; tmprep.isCustomerAdmin = (bool)chkCAdmin.IsChecked; tmprep.PasswordResetRequired = false; tmprep.Username = username; if (General.database.AddRep(tmprep)) { MessageBox.Show("Success! Username is: " + username); } else { MessageBox.Show("Failure!"); } }
public bool UpdateRep(Rep rp) { using (SQLiteCommand command = m_dbConnection.CreateCommand()) { try { sql = "UPDATE Reps SET Name=@repname, Company=@company, Admin=@admin, PWReset=@pwreset, Password=@newpw WHERE ID=@repid"; command.CommandText = @sql; command.CommandType = CommandType.Text; int admin = (Convert.ToInt32(rp.isAdmin)); int cadmin = (Convert.ToInt32(rp.isCustomerAdmin)); int admflags = Convert.ToInt32(string.Format("{0}{1}", cadmin, admin)); command.Parameters.AddWithValue("@repname", rp.Name); command.Parameters.AddWithValue("@company", rp.Company); command.Parameters.AddWithValue("@admin", admflags); command.Parameters.AddWithValue("@pwreset", Convert.ToInt32(rp.PasswordResetRequired)); command.Parameters.AddWithValue("@newpw", rp.Password); command.Parameters.AddWithValue("@repid", rp.RepID); int i = command.ExecuteNonQuery(); return true; } catch { return false; } } }
public bool AddRep(Rep rp) { using (SQLiteCommand command = m_dbConnection.CreateCommand()) { try { sql = "INSERT INTO Reps (Name,Company,Username,Password,Admin,PWReset) VALUES(@repname,@company,@username,@password,@admin,@pwreset)"; command.CommandText = @sql; command.CommandType = CommandType.Text; int admin = (Convert.ToInt32(rp.isAdmin)); int cadmin = (Convert.ToInt32(rp.isCustomerAdmin)); int admflags = Convert.ToInt32(string.Format("{0}{1}", cadmin, admin)); command.Parameters.AddWithValue("@repname", rp.Name); command.Parameters.AddWithValue("@company", rp.Company); command.Parameters.AddWithValue("@admin", admflags); command.Parameters.AddWithValue("@pwreset", Convert.ToInt32(rp.PasswordResetRequired)); command.Parameters.AddWithValue("@password", rp.Password); command.Parameters.AddWithValue("@username", rp.Username); command.ExecuteNonQuery(); return true; } catch { return false; } } }
public bool OpenRep(string username, out Rep outrep) { Rep tmprep = new Rep(); sql = "SELECT * FROM Reps WHERE Username = @repuname"; using (SQLiteCommand command = m_dbConnection.CreateCommand()) { try { command.CommandText = sql; command.Parameters.AddWithValue("@repuname", username); command.CommandType = CommandType.Text; var da = new SQLiteDataAdapter(command); DataSet ds = new DataSet(); da.Fill(ds); tmprep.Name = ds.Tables[0].Rows[0].ItemArray[0].ToString(); tmprep.Company = ds.Tables[0].Rows[0].ItemArray[1].ToString(); tmprep.Username = ds.Tables[0].Rows[0].ItemArray[2].ToString(); tmprep.Password = ds.Tables[0].Rows[0].ItemArray[3].ToString(); tmprep.isAdmin = Convert.ToBoolean((Convert.ToInt32(ds.Tables[0].Rows[0].ItemArray[4]) & ISADMIN)); tmprep.isCustomerAdmin = Convert.ToBoolean((Convert.ToInt32(ds.Tables[0].Rows[0].ItemArray[4]) & ISCADMIN)); tmprep.PasswordResetRequired = Convert.ToBoolean(ds.Tables[0].Rows[0].ItemArray[5]); tmprep.RepID = Convert.ToInt32(ds.Tables[0].Rows[0].ItemArray[6].ToString()); outrep = tmprep; return true; } catch { outrep = null; return false; } } }