public void addToLog(Inventory inventory, User user, int quantityUsed)
{
string procedureName = "addToLog";
List <SqlParameter> parameters = new List <SqlParameter>();
parameters.Add(new SqlParameter("@stockId", inventory.getStockID()));
parameters.Add(new SqlParameter("@userName", user.getUsername()));
parameters.Add(new SqlParameter("@quantityUsed", quantityUsed));
SqlDataReader reader = executeStoredProcedure(procedureName, parameters);
closeReader(ref reader);
}
public void addUser(User user)
{
string queryString = "addUser";
SqlCommand command = new SqlCommand(queryString, conn);
command.CommandType = System.Data.CommandType.StoredProcedure;
command.Parameters.Add(new SqlParameter("@userName", user.getUsername()));
command.Parameters.Add(new SqlParameter("@password", user.getPassword()));
command.Parameters.Add(new SqlParameter("@userType", user.isAdmin()));
command.Connection = conn;
SqlDataReader reader = command.ExecuteReader();
reader.Close();
}
public bool validateUserType(User user)
{
string procedureName = "validateUserType";
List <SqlParameter> parameters = new List <SqlParameter>();
parameters.Add(new SqlParameter("@UserName", user.getUsername()));
SqlDataReader reader = executeStoredProcedure(procedureName, parameters);
reader.Read();
bool isAdmin = reader.GetBoolean(0);
closeReader(ref reader);
return(isAdmin);
}
public bool validateLogin(User user)
{
string procedureName = "validateLogin";
List <SqlParameter> parameters = new List <SqlParameter>();
parameters.Add(new SqlParameter("@userName", user.getUsername()));
parameters.Add(new SqlParameter("@givenPW", user.getPassword()));
SqlDataReader reader = executeStoredProcedure(procedureName, parameters);
reader.Read();
bool isValid = reader.GetBoolean(0);
closeReader(ref reader);
return(isValid);
}
private void Login(string username, string password) //Update for actual security checking
{
string message; // for any messageboxes to follow
string caption;
string hashedPassword = CreateHash(password); // create sha256 hash of password
RADGSHALibrary.User user = new RADGSHALibrary.User(username, hashedPassword);
DBConnectionObject db;
try
{
db = DBConnectionObject.getInstance();
}
catch (Exception e)
{
message = e.Message;
caption = "Error!";
MessageBoxButtons buttons = MessageBoxButtons.OK;
MessageBox.Show(message, caption, buttons);
return;
}
bool valid = db.validateLogin(user);
if (valid)
{
Console.WriteLine("validated successfully");
}
else
{
Console.WriteLine("invalid login attempt");
}
if (valid)
{
bool isAdmin = db.validateUserType(user);
if (isAdmin)
{
Console.Write("User is admin user");
}
else
{
Console.WriteLine("User is not admin user");
}
user.setAdmin(isAdmin);
usernameTextBox.Text = "";
passwordTextBox.Text = "";
this.Hide();
RADGSHALibrary.User validatedUserNoPassword = new RADGSHALibrary.User(user.getUsername(), "", user.isAdmin());
MainPage M = new MainPage(validatedUserNoPassword, this);
M.Closed += (s, args) => this.Close();
M.Show();
}
else
{
message = "Error: User name or password is not valid!";
caption = "Error!";
MessageBoxButtons buttons = MessageBoxButtons.OK;
MessageBox.Show(message, caption, buttons);
numberOfTries++;
}
if (numberOfTries == 5)
{
message = "Error: You've unsuccessfully tried to log in five times. You've been locked out for 10 minutes.";
caption = "Error!";
MessageBoxButtons buttons = MessageBoxButtons.OK;
MessageBox.Show(message, caption, buttons);
loginButton.Enabled = false;
timerLogin.Enabled = true;
}
}