private void buttonChangePassword_Click(object sender, EventArgs e)
{
// check if new password was not left blank
if (string.IsNullOrWhiteSpace(textBoxNewPassword.Text))
{
errorProvider.SetError(textBoxNewPasswordConfirmed, "New password must not be left blank!");
}
// check if new password and new password confirmed match
else if (textBoxNewPassword.Text == textBoxNewPasswordConfirmed.Text)
{
string errorMessage = LoginValidation.CheckPasswordStrength(textBoxNewPassword.Text);
// check if password meets characteristics
if (string.IsNullOrWhiteSpace(errorMessage))
{
// check if current password is correct
if (LoginValidation.ValidateCredentials(Main.mainApplication.employeeEmail, textBoxCurrentPassword.Text).passwordValid)
{
// change password
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(DatabaseQueries.UpdateRecord(DatabaseQueries.UPDATE_EMPLOYEE_PASSWORD, LoginValidation.HashPassword(textBoxNewPassword.Text), DatabaseQueries.EMPLOYEE_WHERE_EMAIL, Main.mainApplication.employeeEmail));
// display message box to notify user
MessageBox.Show("Password changed successfully.", "Password Change Confirmation");
// and go back to previous page
Main.mainApplication.GoBackPage();
}
else
{
errorProvider.SetError(textBoxCurrentPassword, "Password incorrect!");
}
}
else
{
errorProvider.SetError(textBoxNewPassword, errorMessage);
}
}
else
{
errorProvider.SetError(textBoxNewPasswordConfirmed, "Passwords do not match!");
}
}
private void buttonResetPassword_Click(object sender, EventArgs e)
{
// change employee's password to their primary phone number
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(DatabaseQueries.UpdateRecord(DatabaseQueries.UPDATE_EMPLOYEE_PASSWORD, LoginValidation.HashPassword(DatabaseManagement.GetInstanceOfDatabaseConnection().GetSingleAttribute(DatabaseQueries.GetRecord(DatabaseQueries.EMPLOYEE_PHONE_NUMBER, DatabaseQueries.EMPLOYEE_WHERE_EMAIL, employeeEmail))), DatabaseQueries.EMPLOYEE_WHERE_EMAIL, employeeEmail));
// display confirmation message
MessageBox.Show("Password successfully reset to employee's phone number.", "Password Reset Confirmation");
}
private void AddNewAccount(string newAccountEmail, string adminRights)
{
// insert employee into the table of users first
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(string.Format(DatabaseQueries.INSERT_EMPLOYEE, employeeDetails));
// insert employee into the table of employees and link it using the user id from previous query (password belongs employee's phone number)
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(string.Format(DatabaseQueries.INSERT_EMPLOYEE_ROLE, new string[] { newAccountEmail, textBoxJobTitle.Text, LoginValidation.HashPassword(textBoxPhoneNumber.Text), adminRights }));
}