private void buttonChangePassword_Click(object sender, EventArgs e) { // check if new password was not left blank if (string.IsNullOrWhiteSpace(textBoxNewPassword.Text)) { errorProvider.SetError(textBoxNewPasswordConfirmed, "New password must not be left blank!"); } // check if new password and new password confirmed match else if (textBoxNewPassword.Text == textBoxNewPasswordConfirmed.Text) { string errorMessage = LoginValidation.CheckPasswordStrength(textBoxNewPassword.Text); // check if password meets characteristics if (string.IsNullOrWhiteSpace(errorMessage)) { // check if current password is correct if (LoginValidation.ValidateCredentials(Main.mainApplication.employeeEmail, textBoxCurrentPassword.Text).passwordValid) { // change password DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(DatabaseQueries.UpdateRecord(DatabaseQueries.UPDATE_EMPLOYEE_PASSWORD, LoginValidation.HashPassword(textBoxNewPassword.Text), DatabaseQueries.EMPLOYEE_WHERE_EMAIL, Main.mainApplication.employeeEmail)); // display message box to notify user MessageBox.Show("Password changed successfully.", "Password Change Confirmation"); // and go back to previous page Main.mainApplication.GoBackPage(); } else { errorProvider.SetError(textBoxCurrentPassword, "Password incorrect!"); } } else { errorProvider.SetError(textBoxNewPassword, errorMessage); } } else { errorProvider.SetError(textBoxNewPasswordConfirmed, "Passwords do not match!"); } }
private void buttonResetPassword_Click(object sender, EventArgs e) { // change employee's password to their primary phone number DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(DatabaseQueries.UpdateRecord(DatabaseQueries.UPDATE_EMPLOYEE_PASSWORD, LoginValidation.HashPassword(DatabaseManagement.GetInstanceOfDatabaseConnection().GetSingleAttribute(DatabaseQueries.GetRecord(DatabaseQueries.EMPLOYEE_PHONE_NUMBER, DatabaseQueries.EMPLOYEE_WHERE_EMAIL, employeeEmail))), DatabaseQueries.EMPLOYEE_WHERE_EMAIL, employeeEmail)); // display confirmation message MessageBox.Show("Password successfully reset to employee's phone number.", "Password Reset Confirmation"); }
private void AddNewAccount(string newAccountEmail, string adminRights) { // insert employee into the table of users first DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(string.Format(DatabaseQueries.INSERT_EMPLOYEE, employeeDetails)); // insert employee into the table of employees and link it using the user id from previous query (password belongs employee's phone number) DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(string.Format(DatabaseQueries.INSERT_EMPLOYEE_ROLE, new string[] { newAccountEmail, textBoxJobTitle.Text, LoginValidation.HashPassword(textBoxPhoneNumber.Text), adminRights })); }