protected void DeleteButton_Click(object sender, EventArgs e)
{
try
{
addDelDiv.Visible = false;
if (ListView1.SelectedIndex >= 0)
{
string deptName = ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptNameLabel")).Text;
if (((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptWardsLabel")).Text == "0")
{
string updaterId = "",
updateCode = "DEPT_DEL";
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else
{
updaterId = (string)Session["Admin"];
}
List <string> values = new List <string>();
values.Add("");
values.Add(deptName);
values.Add("");
values.Add("");
values.Add(HospitalClass.getTransactionId());
values.Add(updateCode);
values.Add(updaterId);
values.Add("delete");
int status = DataConsumer.executeProcedure("dept_proc", values);
StatusLabel.CssClass = "success normal";
StatusLabel.Text = "Successful department deletion.<br>Department Id: " + ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptIdLabel")).Text +
"<br/>Department Name: " + deptName + ".";
SortButton_Click(new object(), new EventArgs());
}
else
{
StatusLabel.CssClass = "error normal";
StatusLabel.Text = "This department is already linked to ward(s).<br/>Disconnect/Unrelate before deleting.";
}
}
else
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "No item selected for deletion";
}
ListView1.SelectedIndex = -1;
}
catch (Exception ex)
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void DeptAddButton_Click(object sender, EventArgs e)
{
try
{
DeptAddLabel.CssClass = "error";
string checkQuery = DataProvider.DeptWardPage.verifyDeptAdd(DeptAddNameBox.Text);
DataTable dt = HospitalClass.getDataTable(checkQuery);
if (DeptAddNameBox.Text.Trim().Length > 2 && DeptAddDescBox.Text.Trim().Length > 3 && dt.Rows.Count == 0)
{
string updateCode = "DEPT_ADD";
string updaterId = "";
if (Session["SuperUser"] != null)
{
updaterId = Session["SuperUser"].ToString();
}
else
{
updaterId = Session["Admin"].ToString();
}
List <string> values = new List <string>();
values.Add(DeptAddNameBox.Text.Trim());
values.Add(DeptAddDescBox.Text);
values.Add(updateCode);
values.Add(updaterId);
values.Add("insert");
int status = DataConsumer.executeProcedure("add_del_dept", values);
DeptAddLabel.CssClass = "success";
DeptAddLabel.Text = "Operation Successful.<br/>Department added: " + DeptAddNameBox.Text.Trim();
populateLists();
}
else
{
if (dt.Rows.Count != 0)
{
DeptAddLabel.Text = "This department exists";
}
else if (DeptAddNameBox.Text.Trim().Length <= 2)
{
DeptAddLabel.Text = "Enter a valid department name";
}
else
{
DeptAddLabel.Text = "Enter a valid department description";
}
}
}
catch (Exception ex)
{
DeptAddLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void ChangeButton_Click(object sender, EventArgs e)
{
try
{
string checkPassword = DataProvider.ChangePassword.getPassword(Session["User"].ToString()); //get the former password and check
DataTable dt = HospitalClass.getDataTable(checkPassword);
if (dt.Rows[0][0].ToString() == HospitalClass.Encrypt(OldPasswordBox.Text) && OldPasswordBox.Text != NewPasswordBox.Text)
{
string updaterId = "",
updateCode = "PWD_CHG";
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else if (Session["Admin"] != null)
{
updaterId = (string)Session["Admin"];
}
else
{
updaterId = (string)Session["User"];
}
List <string> values = new List <string>();
values.Add(HospitalClass.Encrypt(NewPasswordBox.Text));
values.Add(HospitalClass.getTransactionId());
values.Add(updateCode);
values.Add(updaterId);
values.Add((string)Session["User"]);
int status = DataConsumer.executeProcedure("pwd_change", values);
UserStatusLabel.CssClass = "success paraNormal";
UserStatusLabel.Text = "Password was successfully changed";
}
else
{
UserStatusLabel.CssClass = "error normal";
if (OldPasswordBox.Text == NewPasswordBox.Text)
{
UserStatusLabel.Text = "Same password entered";
}
else
{
UserStatusLabel.Text = "Wrong password entered.<br/>Meet the system administrator for assistance";
}
}
}
catch (Exception ex)
{
UserStatusLabel.CssClass = "error paraNormal";
UserStatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void getPasswordButton_Click(object sender, EventArgs e)
{
try
{
string getPassword = DataProvider.ChangePassword.getPassword(UserIdBox.Text.Trim().ToUpper()); //get the user's password
DataTable dt = HospitalClass.getDataTable(getPassword);
if (UserIdBox.Text.Trim().Length == 6 || UserIdBox.Text.Trim().Length == 11 && dt.Rows.Count > 0) //unnecessary due to access restrictions
{
string updaterId = "",
updateCode = "PWD_GET";
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else
{
updaterId = (string)Session["Admin"];
}
List <string> values = new List <string>();
values.Add(HospitalClass.getTransactionId());
values.Add(updateCode);
values.Add(updaterId);
values.Add(UserIdBox.Text.Trim().ToUpper());
int status = DataConsumer.executeProcedure("audit_trail_proc", values);
PasswordStatusLabel.CssClass = "success paraNormal";
PasswordStatusLabel.Text = "Your password is: " + HospitalClass.Decrypt(dt.Rows[0][0].ToString()); //display password
}
else
{
PasswordStatusLabel.CssClass = "error paraNormal";
if (dt.Rows.Count == 0)
{
PasswordStatusLabel.Text = UserIdBox.Text.Trim().ToUpper() + " is not a user on this system";
}
else if (UserIdBox.Text.Length == 0)
{
PasswordStatusLabel.Text = "User Id cannot be empty";
}
else
{
PasswordStatusLabel.Text = UserIdBox.Text.Trim().ToUpper() + " is not a valid id";
}
}
}
catch (Exception ex)
{
UserStatusLabel.CssClass = "error paraNormal";
UserStatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void DeptDelButton_Click(object sender, EventArgs e)
{
try
{
if (DeptDelList.SelectedIndex != 0 && DeptDelCheckBox.Checked)
{
string updateCode = "DEPT_DEL";
string updaterId = "";
if (Session["SuperUser"] != null)
{
updaterId = Session["SuperUser"].ToString();
}
else
{
updaterId = Session["Admin"].ToString();
}
List <string> values = new List <string>();
values.Add(DeptDelList.SelectedItem.Text);
values.Add("X");
values.Add(updateCode);
values.Add(updaterId);
values.Add("delete");
int status = DataConsumer.executeProcedure("add_del_dept", values);
DeptDelLabel.CssClass = "success";
DeptDelLabel.Text = "Operation Successful.<br/>Department deleted: " + DeptDelList.SelectedItem.Text;
populateLists();
}
else
{
DeptDelLabel.CssClass = "error";
if (DeptDelList.SelectedIndex == 0)
{
DeptDelLabel.Text = "Please select a department to delete";
}
else
{
DeptDelLabel.Text = "Please tick the checkbox to enforce deletion";
}
}
}
catch (Exception ex)
{
DeptDelLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void StaffRadioButton_CheckedChanged(object sender, EventArgs e)
{
try
{
InfoDiv.Visible = true;
DocRoleTable.Visible = false;
StfRoleTable.Visible = true;
RegLabel.Text = "Staff's Registration Page";
string stfQuery = DataProvider.RegistrationPage.StfListQuery();
DataTable dt = HospitalClass.getDataTable(stfQuery); //populate drop down list for staffs
StfRoleList.DataSource = dt;
StfRoleList.DataTextField = "DESCRIPTION";
StfRoleList.DataValueField = "ROLE_ID";
StfRoleList.DataBind();
StfRoleList.Items.Insert(0, new ListItem("Please select..."));
}
catch (Exception ex)
{
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
if (Session["SuperUser"] == null && Session["Admin"] == null)
{
Session["Info"] = "You do not have access to the requested page";
Response.Redirect("LoggedinPage.aspx");
}
if (!IsPostBack)
{
populateLists();
}
DeptDelDescLabel.Text = "Description: " + DeptDelList.SelectedItem.Value;
WardDelDescLabel.Text = "Name of ward to be deleted: " + WardDelList.SelectedItem.Value;
}
catch (Exception ex)
{
DeptAddLabel.CssClass = "error";
DeptAddLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void UploadPicButton_Click(object sender, EventArgs e)
{
try
{
if (FileUpload1.HasFile && (FileUpload1.FileName.ToLower().EndsWith(".gif") || FileUpload1.FileName.ToLower().EndsWith(".jpg") ||
FileUpload1.FileName.ToLower().EndsWith(".bmp") || FileUpload1.FileName.ToLower().EndsWith(".png")) &&
FileUpload1.PostedFile.ContentLength <= 1048576)
{
string path = @"~\Uploads\";
string savedPath = Server.MapPath(path) + FileUpload1.FileName; //better for saving into IIS
FileUpload1.SaveAs(savedPath);
////To test image dimensions
//System.Drawing.Image i = System.Drawing.Image.FromFile(savedPath);
//if (i.PhysicalDimension.Height != 200 || i.PhysicalDimension.Width != 200)
//{
// FileUpload1.Dispose();
// i.Dispose();
// File.Delete(savedPath);
// throw new Exception("Incompatible dimensions. <br>Image must be 200px by 200px!");
//}
string chkQuery = DataProvider.LoggedInPage.getPictureAvailability((string)Session["User"]);
DataTable dt = HospitalClass.getDataTable(chkQuery);
string updateCode = "";
if (dt.Rows.Count > 0)
{
chkQuery = "update"; updateCode = "IMG_UPD";
}
else
{
chkQuery = "insert"; updateCode = "IMG_UPL";
}
string updaterId = UpdaterId();
List <string> values = new List <string>();
values.Add((string)Session["User"]);
values.Add(path + FileUpload1.FileName);
values.Add(HospitalClass.getTransactionId());
values.Add(updateCode);
values.Add(updaterId);
values.Add(chkQuery);
int status = DataConsumer.executeProcedure("image_upload", values);
string insertPicData = "update tobehospital.images set img=:image where user_id='" + (string)Session["User"] + "'";
status = DataConsumer.sendPictureToDatabase(insertPicData, FileUpload1.FileBytes);
ProfilePic.ImageUrl = path + FileUpload1.FileName;
UploadPicLabel.CssClass = "success";
UploadPicLabel.Text = "Done";
}
else
{
UploadPicLabel.CssClass = "error";
if (!FileUpload1.HasFile)
{
UploadPicLabel.Text = "Choose a picture";
}
else if (FileUpload1.PostedFile.ContentLength > 1048576)
{
UploadPicLabel.Text = "Too Large";
}
else
{
UploadPicLabel.Text = "Wrong Format";
}
}
}
catch (Exception ex)
{
UploadPicLabel.CssClass = "error";
UploadPicLabel.Text = "Error" + ex.Message;
HospitalClass.Log(ex);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["User"] == null && Session["Admin"] == null && Session["SuperUser"] == null)
{
Response.Redirect("~/Login.aspx"); //not logged in
}
Session["Unsubscribe"] = "Unsubscribe"; //set session to display unsubscribe link only on profile page
WelcomeLabel.Text = "Welcome " + HospitalClass.PascalCasing((string)Session["FirstName"]);
string regStatus = "";
if (Session["RegStatus"] != null)
{
regStatus = (string)Session["RegStatus"]; //registration status of user
}
if (regStatus.ToUpper() != "VALIDATED")
{
HistLabel.CssClass = "error";
HistLabel.Text = "Incomplete Registration".ToUpper();
InfoLabel.Visible = false;
HistoryDiv.Visible = false;
ActivitiesDiv.Visible = false;
}
try
{
//get profile picture
string getPicAdr = DataProvider.LoggedInPage.getPicAddress((string)Session["User"]);
DataTable picDt = HospitalClass.getDataTable(getPicAdr);
if (picDt.Rows.Count > 0)
{
ProfilePic.ImageUrl = picDt.Rows[0][0].ToString();
}
else
{
ProfilePic.ImageUrl = @"~\Images\UploadProfilePicture.PNG";
}
//get user history information
string histInfoQuery = DataProvider.LoggedInPage.getHistoryInfo((string)Session["User"]);
DataTable histDt = HospitalClass.getDataTable(histInfoQuery);
//populate user history table
if (histDt.Rows.Count > 0)
{
for (int i = 0; i < histDt.Rows.Count; i++)
{
TableRow row = new TableRow();
for (int j = 0; j <= histDt.Columns.Count; j++)
{
TableCell cell = new TableCell();
if (j == 0)
{
cell.Text = (i + 1).ToString();
}
else
{
if (!DBNull.Value.Equals(histDt.Rows[i][j - 1]))
{
cell.Text = histDt.Rows[i][j - 1].ToString();
}
else
{
cell.Text = "";
}
}
row.Cells.Add(cell);
}
HistoryTable.Rows.Add(row);
}
}
//get general information pertaining to user
string userSubstring = "";
if (Session["User"].ToString().StartsWith("SUP") || Session["User"].ToString().StartsWith("ADM"))
{
userSubstring = ""; //gets all information
}
else
{
userSubstring = ((string)Session["User"]).Substring(0, 2); //gets related information
}
string generalInfoQuery = DataProvider.LoggedInPage.getGeneralInfo(userSubstring);
DataTable genInfoDt = HospitalClass.getDataTable(generalInfoQuery);
//populate information table
if (genInfoDt.Rows.Count > 0)
{
for (int i = 0; i < genInfoDt.Rows.Count; i++)
{
TableRow row = new TableRow();
for (int j = 0; j <= genInfoDt.Columns.Count; j++)
{
TableCell cell = new TableCell();
if (j == 0)
{
cell.Text = (i + 1).ToString();
}
else
{
if (!DBNull.Value.Equals(genInfoDt.Rows[i][j - 1]))
{
cell.Text = genInfoDt.Rows[i][j - 1].ToString();
}
else
{
cell.Text = "";
}
}
row.Cells.Add(cell);
}
InformationTable.Rows.Add(row);
}
}
}
catch (Exception ex)
{
WelcomeLabel.CssClass = "error";
WelcomeLabel.Text += " (An error has occured)";
HospitalClass.Log(ex);
}
}
protected void SubmitButton_Click(object sender, EventArgs e)
{
try
{
if (UnsubscribeCheckBox.Checked && ReasonBox.Text.Trim().Length > 3)
{
string updateCode = "",
updaterId = "";
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else
{
updaterId = (string)Session["Admin"];
}
if (UserIdBox.Text.StartsWith("ST"))
{
updateCode = "UNSB_STF";
}
else
{
updateCode = "UNSB_" + HospitalClass.getTableName(UserIdBox.Text.Substring(0, 2)).Substring(0, 3).ToUpper();
}
//delete picture from iis server
string picAddressQuery = DataProvider.Unsubscribe.getPicAddress(UserIdBox.Text);
System.Data.DataTable dt = HospitalClass.getDataTable(picAddressQuery);
if (dt.Rows.Count == 1)
{
System.IO.File.Delete(Server.MapPath(dt.Rows[0][0].ToString()));
}
//delete from database and update necessary tables
List <string> values = new List <string>();
values.Add(ReasonBox.Text);
values.Add(HospitalClass.getTransactionId());
values.Add(updateCode);
values.Add(updaterId);
values.Add(UserIdBox.Text);
values.Add(HospitalClass.getTableName(UserIdBox.Text.Substring(0, 2)));
int status = DataConsumer.executeProcedure("unsb_proc", values);
//return user privileges
if (Session["SuperUser"] != null)
{
if (Session["SuperUser"].ToString() != Session["User"].ToString())
{
Session["User"] = Session["SuperUser"].ToString();
}
else
{
Session["SuperUser"] = null;
Session["Admin"] = null;
Session["User"] = null;
Response.Redirect("~/Login.aspx");
}
}
else if (Session["Admin"] != null)
{
if (Session["Admin"].ToString() != Session["User"].ToString())
{
Session["User"] = Session["Admin"].ToString();
}
else
{
Session["SuperUser"] = null;
Session["Admin"] = null;
Session["User"] = null;
Response.Redirect("~/Login.aspx");
}
}
SubmitButton.Visible = false;
StatusLabel.CssClass = "success";
StatusLabel.Text = "Successful Unsubscription.<br>User Id: " + UserIdBox.Text;
}
else
{
StatusLabel.CssClass = "error";
if (!UnsubscribeCheckBox.Checked)
{
StatusLabel.Text = "Unsubscription was not enforced";
}
else
{
StatusLabel.Text = "Please enter a valid reason";
}
}
}
catch (Exception ex)
{
StatusLabel.CssClass = "error";
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void DivModifyButton_Click(object sender, EventArgs e)
{
try
{
addDelDiv.Visible = true;
//check for changes
bool check = DivNameBox.Text.ToUpper() == ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptNameLabel")).Text.ToUpper();
check = check && DivIdBox.Text.ToUpper() == ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptIdLabel")).Text.ToUpper();
check = check && DivDescBox.Text == ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptDescLabel")).Text;
//check for existence
string checkDeptIdName = DataProvider.Departments.deptIdName(DivIdBox.Text.Trim().ToUpper(), HospitalClass.PascalCasing(DivNameBox.Text.Trim()));
DataTable dt = HospitalClass.getDataTable(checkDeptIdName);
//check fo acceptance of change
bool check2 = DivNameBox.Text.ToUpper() != ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptNameLabel")).Text.ToUpper();
check2 = check2 && DivIdBox.Text.ToUpper() != ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptIdLabel")).Text.ToUpper();
if (DivNameBox.Text.Trim().Length >= 2 && DivDescBox.Text.Length >= 3 && DivIdBox.Text.Trim().Length >= 1 && !check &&
((check2 && dt.Rows.Count == 0) || (!check2 && dt.Rows.Count == 1)))
{
string updaterId = "",
updateCode = "DEPT_UPD";
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else
{
updaterId = (string)Session["Admin"];
}
List <string> values = new List <string>();
values.Add(DivIdBox.Text.Trim().ToUpper());
values.Add(HospitalClass.PascalCasing(DivNameBox.Text.Trim()));
values.Add(((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("DeptNameLabel")).Text);
values.Add(DivDescBox.Text);
values.Add(HospitalClass.getTransactionId());
values.Add(updateCode);
values.Add(updaterId);
values.Add("update");
int status = DataConsumer.executeProcedure("dept_proc", values);
StatusLabel.CssClass = "success normal";
StatusLabel.Text = "Successful ward modification.<br/>Department ID: " + DivIdBox.Text.Trim().ToUpper() +
"<br/>Department Name:" + HospitalClass.PascalCasing(DivNameBox.Text.Trim()) + ".";
addDelDiv.Visible = false;
SortButton_Click(new object(), new EventArgs());
ListView1.SelectedIndex = -1;
}
else
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "User input error below";
DivStatusLabel.CssClass = "error normal";
if (DivNameBox.Text.Trim().Length < 2)
{
DivStatusLabel.Text = "Enter a valid department name";
}
else if (DivDescBox.Text.Length < 3)
{
DivStatusLabel.Text = "Enter a valid department description";
}
else if (DivIdBox.Text.Trim().Length < 1)
{
DivStatusLabel.Text = "Enter a department ID";
}
else if (check)
{
DivStatusLabel.Text = "No change made";
}
else
{
DivStatusLabel.Text = "Department ID/name already exists for another department";
}
}
}
catch (Exception ex)
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void DivAddButton_Click(object sender, EventArgs e)
{
try
{
addDelDiv.Visible = true;
if (DivNameBox.Text.Trim().Length >= 2 && DivDescBox.Text.Length >= 3 && DivIdBox.Text.Trim().Length >= 1)
{
//check for existence
string checkDeptIdName = DataProvider.Departments.deptIdName(DivIdBox.Text.Trim().ToUpper(), HospitalClass.PascalCasing(DivNameBox.Text.Trim()));
DataTable dt = HospitalClass.getDataTable(checkDeptIdName);
if (dt.Rows.Count == 0)
{
string updaterId = "",
updateCode = "DEPT_ADD";
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else
{
updaterId = (string)Session["Admin"];
}
List <string> values = new List <string>();
values.Add(DivIdBox.Text.Trim().ToUpper());
values.Add(HospitalClass.PascalCasing(DivNameBox.Text.Trim()));
values.Add("");
values.Add(DivDescBox.Text);
values.Add(HospitalClass.getTransactionId());
values.Add(updateCode);
values.Add(updaterId);
values.Add("insert");
int status = DataConsumer.executeProcedure("dept_proc", values);
DivStatusLabel.CssClass = "success normal";
DivStatusLabel.Text = "Successful ward addition. <br/>Department ID: " + DivIdBox.Text.Trim().ToUpper() +
"<br/>Department Name:" + HospitalClass.PascalCasing(DivNameBox.Text.Trim()) + ".";
StatusLabel.CssClass = "success paraNormal";
StatusLabel.Text = "Done";
SortButton_Click(new object(), new EventArgs());
}
else
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "User input error below";
DivStatusLabel.CssClass = "error normal";
if (dt.Rows[0][0].ToString() == DivIdBox.Text.Trim().ToUpper())
{
DivStatusLabel.Text = "Department ID already exists";
}
else
{
DivStatusLabel.Text = "Department name already exists";
}
}
}
else
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "User input error below";
DivStatusLabel.CssClass = "error normal";
if (DivIdBox.Text.Trim().Length < 1)
{
DivStatusLabel.Text = "Enter a valid department id";
}
else if (DivNameBox.Text.Length < 2)
{
DivStatusLabel.Text = "Enter a valid department name";
}
else
{
DivStatusLabel.Text = "Enter a valid department description";
}
}
ListView1.SelectedIndex = -1;
}
catch (Exception ex)
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void ValidateButton_Click(object sender, EventArgs e)
{
try
{
//check if the user id is within the necessary bounds
string lastIdQuery = DataProvider.RegAdminSup.LastIdQuery(UserIdBox.Text.Trim().Substring(0, 3));
DataTable lastDt = HospitalClass.getDataTable(lastIdQuery);
string lastPossibleId = getNewSuperuserAdminId(lastDt);
if (GenderList.SelectedIndex != 0 && MaritalList.SelectedIndex != 0 && IdTypeList.SelectedIndex != 0 && TypeList.SelectedIndex != 0 &&
GroupList.SelectedIndex != 0 && PriList.SelectedIndex != 0 && SecList.SelectedIndex != 0 && UniList.SelectedIndex != 0 &&
int.Parse(lastPossibleId.Substring(3, 3)) >= int.Parse(UserIdBox.Text.Trim().Substring(3, 3)))
{
string userId = UserIdBox.Text;
string updaterId = (string)Session["SuperUser"];
string updateCode = "";
string operation = "";
bool execute = true;
if (int.Parse(lastPossibleId.Substring(3, 3)) == int.Parse(UserIdBox.Text.Trim().Substring(3, 3)))
{
operation = "insert";
if (UserIdBox.Text.ToUpper().Trim().StartsWith("SUP"))
{
updateCode = "SUP_REG";
}
else
{
updateCode = "ADM_REG";
}
string existQuery = DataProvider.RegAdminSup.ExistQuery(EmailBox.Text.ToUpper().Trim());
DataTable emailDt = HospitalClass.getDataTable(existQuery);
if (emailDt.Rows.Count > 0)
{
execute = false;
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "This email address is already registered";
}
}
else
{
operation = "update";
if (UserIdBox.Text.ToUpper().Trim().StartsWith("SUP"))
{
updateCode = "SUP_UPD";
}
else
{
updateCode = "ADM_UPD";
}
if (UserIdBox.Text.StartsWith("SUP") && UserIdBox.Text != Session["SuperUser"].ToString())
{
execute = false;
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "You cannot update this user's information";
}
}
if (execute)
{
List <string> values = new List <string>();
values.Add(GroupList.SelectedItem.Text); //1
values.Add(TypeList.SelectedItem.Text);
values.Add(CountryOriBox.Text);
values.Add(CountryResBox.Text);
values.Add(DobBox.Text);
values.Add(EmailBox.Text.Trim()); //6
values.Add(FirstNameBox.Text.Trim());
values.Add(GenderList.SelectedItem.Text);
values.Add(HomeAdrBox.Text);
values.Add(IdNoBox.Text);
values.Add(IdTypeList.SelectedItem.Text); //11
values.Add(LastNameBox.Text);
values.Add(LocalOriBox.Text);
values.Add(LocalResBox.Text);
values.Add(MaritalList.SelectedItem.Text);
values.Add(NextAdrBox.Text); //16
values.Add(NextEmailBox.Text);
values.Add(NextNameBox.Text);
values.Add(NextRelBox.Text);
values.Add(NextPhoneBox.Text);
values.Add(OtherNameBox.Text); //21
values.Add(PhoneBox.Text);
values.Add(SchoolIdBox.Text);
values.Add(StateOriBox.Text);
values.Add(StateResBox.Text);
values.Add(OtherInfoBox.Text); //26
values.Add(PriBox.Text);
values.Add(PriList.SelectedItem.Text);
values.Add(SecBox.Text);
values.Add(SecList.SelectedItem.Text);
values.Add(UniBox.Text); //31
values.Add(UniList.SelectedItem.Text);
values.Add(OtherBox1.Text);
values.Add(OtherCert1.Text);
values.Add(OtherBox2.Text);
values.Add(OtherCert2.Text); //36
values.Add(RefNameBox1.Text);
values.Add(RefRelBox1.Text);
values.Add(RefPhoneBox1.Text);
values.Add(RefEmailBox1.Text);
values.Add(RefAdrBox1.Text); //41
values.Add(RefNameBox2.Text);
values.Add(RefRelBox2.Text);
values.Add(RefPhoneBox2.Text);
values.Add(RefEmailBox2.Text);
values.Add(RefAdrBox2.Text); //46
values.Add(updateCode);
values.Add(updaterId);
values.Add(userId.ToUpper().Trim());
values.Add(HospitalClass.Encrypt(PasswordBox.Text));
values.Add(HospitalClass.getTransactionId());
values.Add(operation); //52
int status = DataConsumer.executeProcedure("superuser_admin_val", values);
Session["FirstName"] = FirstNameBox.Text;
StatusLabel.Text = "Operation Successful.<br/>Performer: " + updaterId + ".<br/>Operation: " + operation;
StatusLabel.CssClass = "success paraNormal";
}
}
else
{
StatusLabel.CssClass = "error paraNormal";
if (int.Parse(lastPossibleId.Substring(3, 3)) < int.Parse(UserIdBox.Text.Trim().Substring(3, 3)))
{
StatusLabel.Text = "Invalid User Id. Perform a new registration";
}
else if (GenderList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your gender";
}
else if (MaritalList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your marital status";
}
else if (IdTypeList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your Identificaton type";
}
else if (TypeList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your blood type";
}
else if (GroupList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your blood group";
}
else if (PriList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your primary school certificate. (Select none if unavailable)";
}
else if (SecList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your secondary school certificate. (Select none if unavailable)";
}
else
{
StatusLabel.Text = "Please select your university certificate grade. (Select none if unavailable)";
}
}
}
catch (Exception ex)
{
StatusLabel.CssClass = "error normal";
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void ExecuteButton_Click(object sender, EventArgs e)
{
try
{
TableDiv.Visible = false; //visisbility depends on operation
if (QueryBox.Text.Trim().Length > 6)
{
StatusLabel.CssClass = "success";
string query = QueryBox.Text.Trim().Substring(0, 6).ToUpper();
string updatecode = query;
if (query == "SELECT")
{
DataTable dt = HospitalClass.getDataTable(QueryBox.Text.Trim());
TableLabel.Text = HospitalClass.drawDataTableInHtml(dt, 1036); //draw the data table on a label control as html
TableDiv.Visible = true;
StatusLabel.CssClass = "success paraNormal";
StatusLabel.Text = "Successful.";
}
else
{
int status = DataConsumer.executeQuery(QueryBox.Text.Trim());
StatusLabel.Text = "Successful.<br/>Rows affected: " + status + "Rows.";
if (System.Text.RegularExpressions.Regex.IsMatch(query, "(^(DROP)|(TRUNC)|(DELETE))"))
{
updatecode = "DELETE";
}
if (!(query == "CREATE" || query == "INSERT" || query == "UPDATE" || System.Text.RegularExpressions.Regex.IsMatch(query, "(^(DROP)|(TRUNC)|(DELETE))")))
{
updatecode = "OTHER";
}
}
TransBox.Text = HospitalClass.getTransactionId();
if (UpdCodeOverrideBox.Text.Trim().Length == 0)
{
UpdateCodeBox.Text = "A_" + updatecode;
}
else
{
UpdateCodeBox.Text = UpdCodeOverrideBox.Text;
}
UpdaterBox.Text = Session["SuperUser"].ToString();
UserIdBox.Text = Session["User"].ToString();
DateUpdBox.Text = DateTime.Now.ToShortDateString() + ", " + DateTime.Now.ToLongTimeString();
if (AuditCheckBox.Checked)
{
List <string> values = new List <string>();
values.Add(TransBox.Text);
values.Add(UpdateCodeBox.Text);
values.Add(UpdaterBox.Text);
values.Add(UserIdBox.Text);
int status = DataConsumer.executeProcedure("audit_trail_proc", values);
AuditLabel.CssClass = "success";
AuditLabel.Text = "ADDED";
}
else
{
AuditLabel.ForeColor = System.Drawing.Color.Brown;
AuditLabel.Text = "NOT ADDED";
}
}
else
{
StatusLabel.CssClass = "error";
StatusLabel.Text = "Invalid query";
}
}
catch (Exception ex)
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "Error: " + ex.Message;
if (ex.GetType().ToString() != "System.Data.OracleClient.OracleException")
{
HospitalClass.Log(ex);
}
}
}
protected void ValidateButton_Click(object sender, EventArgs e)
{
try
{
bool verify = true;
if (Session["User"].ToString().StartsWith("PAT"))
{
verify = GenderList.SelectedIndex != 0 && MaritalList.SelectedIndex != 0 && IdTypeList.SelectedIndex != 0 &&
TypeList.SelectedIndex != 0 && GroupList.SelectedIndex != 0;
}
else
{
verify = GenderList.SelectedIndex != 0 && MaritalList.SelectedIndex != 0 && IdTypeList.SelectedIndex != 0 && TypeList.SelectedIndex != 0 &&
GroupList.SelectedIndex != 0 && PriList.SelectedIndex != 0 && SecList.SelectedIndex != 0 && UniList.SelectedIndex != 0;
}
if (verify)
{
//submit values after verification
string userId = UserIdBox.Text;
string updaterId = "";
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else
{
updaterId = (string)Session["Admin"];
}
string updateCode = "";
if (Session["User"].ToString().StartsWith("PAT"))
{
updateCode = "PAT_UPD";
}
else if (Session["User"].ToString().StartsWith("DC"))
{
updateCode = "DOC_UPD";
}
else
{
updateCode = "STF_UPD";
}
List <string> values = new List <string>();
values.Add(GroupList.SelectedItem.Text); //1
values.Add(TypeList.SelectedItem.Text);
values.Add(CountryOriBox.Text);
values.Add(CountryResBox.Text);
values.Add(DobBox.Text);
values.Add(EmailBox.Text); //6
values.Add(FirstNameBox.Text);
values.Add(GenderList.SelectedItem.Text);
values.Add(HomeAdrBox.Text);
values.Add(IdNoBox.Text);
values.Add(IdTypeList.SelectedItem.Text); //11
values.Add(LastNameBox.Text);
values.Add(LocalOriBox.Text);
values.Add(LocalResBox.Text);
values.Add(MaritalList.SelectedItem.Text);
values.Add(NextAdrBox.Text); //16
values.Add(NextEmailBox.Text);
values.Add(NextNameBox.Text);
values.Add(NextRelBox.Text);
values.Add(NextPhoneBox.Text);
values.Add(OtherNameBox.Text); //21
values.Add(PhoneBox.Text);
values.Add(SchoolIdBox.Text);
values.Add(StateOriBox.Text);
values.Add(StateResBox.Text);
values.Add(OtherInfoBox.Text); //26
values.Add(PriBox.Text);
values.Add(PriList.SelectedItem.Text);
values.Add(SecBox.Text);
values.Add(SecList.SelectedItem.Text);
values.Add(UniBox.Text); //31
values.Add(UniList.SelectedItem.Text);
values.Add(OtherBox1.Text);
values.Add(OtherCert1.Text);
values.Add(OtherBox2.Text);
values.Add(OtherCert2.Text); //36
values.Add(RefNameBox1.Text);
values.Add(RefRelBox1.Text);
values.Add(RefPhoneBox1.Text);
values.Add(RefEmailBox1.Text);
values.Add(RefAdrBox1.Text); //41
values.Add(RefNameBox2.Text);
values.Add(RefRelBox2.Text);
values.Add(RefPhoneBox2.Text);
values.Add(RefEmailBox2.Text);
values.Add(RefAdrBox2.Text); //46
values.Add(updateCode);
values.Add(updaterId);
values.Add(userId);
values.Add(HospitalClass.getTransactionId()); //50
int status = DataConsumer.executeProcedure("user_val", values);
Session["FirstName"] = FirstNameBox.Text;
Session["RegStatus"] = "Validated";
StatusLabel.Text = "Update Successful.<br/>Performer: " + updaterId;
StatusLabel.CssClass = "success paraNormal";
}
else
{
StatusLabel.CssClass = "error paraNormal";
if (GenderList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your gender";
}
else if (MaritalList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your marital status";
}
else if (IdTypeList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your Identificaton type";
}
else if (TypeList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your blood type";
}
else if (GroupList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your blood group";
}
else if (PriList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your primary school certificate. (Select none if unavailable)";
}
else if (SecList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your secondary school certificate. (Select none if unavailable)";
}
else if (UniList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your university certificate grade. (Select none if unavailable)";
}
else
{
StatusLabel.Text = "Fill all relevalt information"; //will not occur
}
}
}
catch (Exception ex)
{
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
//redirect if not logged in
if (Session["Admin"] == null && Session["SuperUser"] == null && Session["User"] == null)
{
Response.Redirect("~/Login.aspx");
}
//Only SuperUser and admin has access to validate
if ((Session["SuperUser"] == null && Session["Admin"] == null) ||
(Session["User"].ToString().StartsWith("SUP") || Session["User"].ToString().StartsWith("ADM")))
{
ValidateButton.Visible = false;
ReadOnly();
StatusLabel.CssClass = "error paraNormal";
StatusLabel.ForeColor = System.Drawing.Color.Black;
if (Session["SuperUser"] == null && Session["Admin"] == null)
{
StatusLabel.Text = "Note: Meet the system administrator to make modifications";
}
else
{
StatusLabel.Text = "Note: This user cannot be validated here.<br/>Meet the super user for modification.";
}
}
else
{
ValidateButton.Visible = true;
}
if (Session["User"].ToString().StartsWith("PAT"))
{
EduRefTable.Visible = false; //remove eduucation and referee table for patients
}
if (Session["User"].ToString().StartsWith("DC") || Session["User"].ToString().StartsWith("ST"))
{
OtherInfoLabel.Text = "About yourself";
}
//populate form controls
if (!IsPostBack)
{
string infoQuery = DataProvider.UpdateRegistration.getInfo //get user information from the database
(HospitalClass.getTableName(Session["User"].ToString().Substring(0, 2)), Session["User"].ToString());
DataTable dt = HospitalClass.getDataTable(infoQuery);
UserIdBox.Text = Session["User"].ToString(); //1
FirstNameBox.Text = DBNull.Value.Equals(dt.Rows[0]["FIRST_NAME"]) ? "" : (string)dt.Rows[0]["FIRST_NAME"];
if (!DBNull.Value.Equals(dt.Rows[0]["LAST_NAME"]))
{
LastNameBox.Text = (string)dt.Rows[0]["LAST_NAME"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["OTHER_NAME"]))
{
OtherNameBox.Text = (string)dt.Rows[0]["OTHER_NAME"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["GENDER"]))
{
if ((string)dt.Rows[0]["GENDER"] == "Male")
{
GenderList.SelectedIndex = 1;
}
else if ((string)dt.Rows[0]["GENDER"] == "Female")
{
GenderList.SelectedIndex = 2;
}
else
{
GenderList.SelectedIndex = 3;
}
}
if (!DBNull.Value.Equals(dt.Rows[0]["DOB"])) //6
{
DateTime dob = (DateTime)dt.Rows[0]["DOB"];
DobBox.Text = dob.ToString("dd/MM/yyyy");
}
if (!DBNull.Value.Equals(dt.Rows[0]["MARITAL_STAT"]))
{
if ((string)dt.Rows[0]["MARITAL_STAT"] == "Single")
{
MaritalList.SelectedIndex = 1;
}
else if ((string)dt.Rows[0]["MARITAL_STAT"] == "Married")
{
MaritalList.SelectedIndex = 2;
}
else
{
MaritalList.SelectedIndex = 3;
}
}
if (!DBNull.Value.Equals(dt.Rows[0]["COUNTRY_ORI"]))
{
CountryOriBox.Text = (string)dt.Rows[0]["COUNTRY_ORI"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["STATE_ORI"]))
{
StateOriBox.Text = (string)dt.Rows[0]["STATE_ORI"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["LGA_ORI"]))
{
LocalOriBox.Text = (string)dt.Rows[0]["LGA_ORI"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["PHONE_NO"]))
{
PhoneBox.Text = (string)dt.Rows[0]["PHONE_NO"]; //11
}
if (!DBNull.Value.Equals(dt.Rows[0]["EMAIL"]))
{
EmailBox.Text = (string)dt.Rows[0]["EMAIL"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["COUNTRY_RES"]))
{
CountryResBox.Text = (string)dt.Rows[0]["COUNTRY_RES"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["STATE_RES"]))
{
StateResBox.Text = (string)dt.Rows[0]["STATE_RES"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["LGA_RES"]))
{
LocalResBox.Text = (string)dt.Rows[0]["LGA_RES"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["HOME_ADR"]))
{
HomeAdrBox.Text = (string)dt.Rows[0]["HOME_ADR"]; //16
}
if (!DBNull.Value.Equals(dt.Rows[0]["ID_TYPE"]))
{
if ((string)dt.Rows[0]["ID_TYPE"] == "National Id")
{
IdTypeList.SelectedIndex = 1;
}
else if ((string)dt.Rows[0]["ID_TYPE"] == "School Id")
{
IdTypeList.SelectedIndex = 2;
}
else if ((string)dt.Rows[0]["ID_TYPE"] == "Voters Card")
{
IdTypeList.SelectedIndex = 3;
}
else
{
IdTypeList.SelectedIndex = 4;
}
}
if (!DBNull.Value.Equals(dt.Rows[0]["ID_NO"]))
{
IdNoBox.Text = (string)dt.Rows[0]["ID_NO"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["NEXT_OF_KIN"]))
{
NextNameBox.Text = (string)dt.Rows[0]["NEXT_OF_KIN"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["NXT_OF_KIN_REL"]))
{
NextRelBox.Text = (string)dt.Rows[0]["NXT_OF_KIN_REL"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["NXT_PHONE_NO"]))
{
NextPhoneBox.Text = (string)dt.Rows[0]["NXT_PHONE_NO"]; //21
}
if (!DBNull.Value.Equals(dt.Rows[0]["NXT_EMAIL"]))
{
NextEmailBox.Text = (string)dt.Rows[0]["NXT_EMAIL"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["NXT_ADR"]))
{
NextAdrBox.Text = (string)dt.Rows[0]["NXT_ADR"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["GENOTYPE"]))
{
if ((string)dt.Rows[0]["GENOTYPE"] == "AA")
{
TypeList.SelectedIndex = 1;
}
else if ((string)dt.Rows[0]["GENOTYPE"] == "AS")
{
TypeList.SelectedIndex = 2;
}
else if ((string)dt.Rows[0]["GENOTYPE"] == "SS")
{
TypeList.SelectedIndex = 3;
}
else
{
TypeList.SelectedIndex = 4;
}
}
if (!DBNull.Value.Equals(dt.Rows[0]["BLOOD_GRP"]))
{
if ((string)dt.Rows[0]["BLOOD_GRP"] == "A")
{
GroupList.SelectedIndex = 1;
}
else if ((string)dt.Rows[0]["BLOOD_GRP"] == "B")
{
GroupList.SelectedIndex = 2;
}
else if ((string)dt.Rows[0]["BLOOD_GRP"] == "AB")
{
GroupList.SelectedIndex = 3;
}
else if ((string)dt.Rows[0]["BLOOD_GRP"] == "O")
{
GroupList.SelectedIndex = 4;
}
else
{
TypeList.SelectedIndex = 5;
}
}
if (!DBNull.Value.Equals(dt.Rows[0]["OTHER_INFO"]))
{
OtherInfoBox.Text = (string)dt.Rows[0]["OTHER_INFO"]; //26
}
if (Session["User"].ToString().StartsWith("PAT")) //for patients
{
if (!DBNull.Value.Equals(dt.Rows[0]["MATRIC_NO"]))
{
SchoolIdBox.Text = (string)dt.Rows[0]["MATRIC_NO"]; //27
}
}
else //for other users
{
if (!DBNull.Value.Equals(dt.Rows[0]["SCHL_ID_NO"]))
{
SchoolIdBox.Text = (string)dt.Rows[0]["SCHL_ID_NO"]; //27
}
if (!DBNull.Value.Equals(dt.Rows[0]["PRI_SCHL"]))
{
PriBox.Text = (string)dt.Rows[0]["PRI_SCHL"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["PRI_CERT"]))
{
if ((string)dt.Rows[0]["PRI_CERT"] == "First School Leaving Certificate (FSLT)")
{
PriList.SelectedIndex = 1;
}
else if ((string)dt.Rows[0]["PRI_CERT"] == "None")
{
PriList.SelectedIndex = 2;
}
else
{
PriList.SelectedIndex = 3;
}
}
if (!DBNull.Value.Equals(dt.Rows[0]["SEC_SCHL"]))
{
SecBox.Text = (string)dt.Rows[0]["SEC_SCHL"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["SEC_CERT"])) //31
{
if ((string)dt.Rows[0]["SEC_CERT"] == "WASSCE/WAEC")
{
SecList.SelectedIndex = 1;
}
else if ((string)dt.Rows[0]["SEC_CERT"] == "GCE")
{
SecList.SelectedIndex = 2;
}
else if ((string)dt.Rows[0]["SEC_CERT"] == "NECO")
{
SecList.SelectedIndex = 3;
}
else if ((string)dt.Rows[0]["SEC_CERT"] == "None")
{
SecList.SelectedIndex = 4;
}
else
{
SecList.SelectedIndex = 5;
}
}
if (!DBNull.Value.Equals(dt.Rows[0]["UNI"]))
{
UniBox.Text = (string)dt.Rows[0]["UNI"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["UNI_CERT"]))
{
if ((string)dt.Rows[0]["UNI_CERT"] == "Pass (Doctor)")
{
UniList.SelectedIndex = 1;
}
else if ((string)dt.Rows[0]["UNI_CERT"] == "First Class")
{
UniList.SelectedIndex = 2;
}
else if ((string)dt.Rows[0]["UNI_CERT"] == "Second class, Upper Division")
{
UniList.SelectedIndex = 3;
}
else if ((string)dt.Rows[0]["UNI_CERT"] == "Second class, Lower division")
{
UniList.SelectedIndex = 4;
}
else if ((string)dt.Rows[0]["UNI_CERT"] == "Third Class")
{
UniList.SelectedIndex = 5;
}
else if ((string)dt.Rows[0]["UNI_CERT"] == "Pass (Staff)")
{
UniList.SelectedIndex = 6;
}
else if ((string)dt.Rows[0]["UNI_CERT"] == "None")
{
UniList.SelectedIndex = 7;
}
else
{
UniList.SelectedIndex = 8;
}
}
if (!DBNull.Value.Equals(dt.Rows[0]["OTHER_INST1"]))
{
OtherBox1.Text = (string)dt.Rows[0]["OTHER_INST1"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["OTHER_CERT1"]))
{
OtherCert1.Text = (string)dt.Rows[0]["OTHER_CERT1"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["OTHER_INST2"]))
{
OtherBox2.Text = (string)dt.Rows[0]["OTHER_INST2"]; //36
}
if (!DBNull.Value.Equals(dt.Rows[0]["OTHER_CERT2"]))
{
OtherCert2.Text = (string)dt.Rows[0]["OTHER_CERT2"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_NAME1"]))
{
RefNameBox1.Text = (string)dt.Rows[0]["REF_NAME1"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_OF_KIN_REL1"]))
{
RefRelBox1.Text = (string)dt.Rows[0]["REF_OF_KIN_REL1"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_PHONE_NO1"]))
{
RefPhoneBox1.Text = (string)dt.Rows[0]["REF_PHONE_NO1"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_EMAIL1"]))
{
RefEmailBox1.Text = (string)dt.Rows[0]["REF_EMAIL1"]; //41
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_ADR1"]))
{
RefAdrBox1.Text = (string)dt.Rows[0]["REF_ADR1"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_NAME2"]))
{
RefNameBox2.Text = (string)dt.Rows[0]["REF_NAME2"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_OF_KIN_REL2"]))
{
RefRelBox2.Text = (string)dt.Rows[0]["REF_OF_KIN_REL2"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_PHONE_NO2"]))
{
RefPhoneBox2.Text = (string)dt.Rows[0]["REF_PHONE_NO2"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_EMAIL2"]))
{
RefEmailBox2.Text = (string)dt.Rows[0]["REF_EMAIL2"];
}
if (!DBNull.Value.Equals(dt.Rows[0]["REF_ADR2"]))
{
RefAdrBox2.Text = (string)dt.Rows[0]["REF_ADR2"]; //47
}
}
}
}
catch (Exception ex)
{
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void DeleteButton_Click(object sender, EventArgs e)
{
try
{
addDelDiv.Visible = false;
if (ListView1.SelectedIndex >= 0)
{
string wardName = ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("WardNameLabel")).Text;
string wardNoQuery = DataProvider.Wards.roomDeptAvail(wardName); //check for room linkage
DataTable dt = HospitalClass.getDataTable(wardNoQuery);
if (dt.Rows[0][0].ToString() == "0" && ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("WardDeptLabel")).Text == "None")
{
string updaterId = "",
updateCode = "WARD_DEL";
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else
{
updaterId = (string)Session["Admin"];
}
List <string> values = new List <string>();
values.Add("");
values.Add(wardName);
values.Add("");
values.Add("");
values.Add(HospitalClass.getTransactionId());
values.Add(updateCode);
values.Add(updaterId);
values.Add("delete");
int status = DataConsumer.executeProcedure("ward_proc", values);
StatusLabel.CssClass = "success normal";
StatusLabel.Text = "Successful ward deletion.<br>Ward ID: " + ((Label)ListView1.Items[ListView1.SelectedIndex].FindControl("WardIdLabel")).Text +
"<br/>Ward Name: " + wardName + ".";
ListView1.SelectedIndex = -1;
SortButton_Click(new object(), new EventArgs());
}
else
{
StatusLabel.CssClass = "error normal";
if (dt.Rows[0][0].ToString() != "0")
{
StatusLabel.Text = "This ward is already linked to room(s).<br/>Disconnect/Unrelate before deleting.";
}
else
{
StatusLabel.Text = "This ward is linked to a parent department.<br/>Disconnect/Unrelate before deleting";
}
}
}
else
{
StatusLabel.CssClass = "error paraNormal";
if (ListView1.SelectedIndex < 0)
{
StatusLabel.Text = "No item selected for deletion";
}
}
}
catch (Exception ex)
{
StatusLabel.CssClass = "error paraNormal";
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void SubmitButton_Click(object sender, EventArgs e)
{
try
{
StatusDiv.Visible = true;
StatusLabel.Visible = true;
bool buttonChk;
if (DocRadioButton.Checked)
{
buttonChk = DocRoleList.SelectedIndex != 0;
}
else if (StfRadioButton.Checked)
{
buttonChk = StfRoleList.SelectedIndex != 0;
}
else
{
buttonChk = true;
}
string existQuery = DataProvider.RegistrationPage.ExistQuery(EmailBox.Text.ToUpper().Trim());
DataTable dt = HospitalClass.getDataTable(existQuery);
bool checkName = HospitalClass.sqlProtect(FirstNameBox.Text);
bool checkPassword = HospitalClass.sqlProtect(PasswordBox.Text);
if (buttonChk && GenderList.SelectedIndex != 0 && dt.Rows.Count == 0 && checkName && checkPassword) //validate selection of drop down list values
{
if (DocRadioButton.Checked == true)
{
role = DocRoleList.SelectedItem.Value;
updateCode = "DOC_REG";
}
else if (StfRadioButton.Checked == true)
{
role = StfRoleList.SelectedItem.Value;
updateCode = "STF_REG";
}
else
{
role = "PAT";
updateCode = "PAT_REG";;
}
string month,
year;
if (DateTime.Now.Month < 10)
{
month = "0" + DateTime.Now.Month;
}
else
{
month = DateTime.Now.Month.ToString();
}
year = (DateTime.Now.Year.ToString()).Remove(0, 2);
string lastIdQuery = DataProvider.RegistrationPage.LastIdQuery(role.Remove(2));
DataTable lastDt = HospitalClass.getDataTable(lastIdQuery);
if (lastDt.Rows.Count == 0) //first role user registration
{
if (PatientRadioButton.Checked || !CheckBoxDiv.Visible)
{
userId = role + month + year + "0001";
}
else
{
userId = role + month + year + "001";
}
}
else //generate new id for patient, doctor or staff
{
string lastId = (string)lastDt.Rows[0][0];
string editId;
if (PatientRadioButton.Checked || !CheckBoxDiv.Visible)
{
editId = lastId.Remove(0, lastId.Length - 4);
}
else
{
editId = lastId.Remove(0, lastId.Length - 3);
}
int newIdInt = int.Parse(editId) + 1;
string newId;
if (newIdInt < 10)
{
newId = editId.Remove(editId.Length - 1) + newIdInt.ToString();
}
else if (newIdInt < 100)
{
newId = editId.Remove(editId.Length - 2) + newIdInt.ToString();
}
else if (newIdInt < 1000)
{
newId = editId.Remove(editId.Length - 3) + newIdInt.ToString();
}
else
{
newId = newIdInt.ToString();
}
userId = role + month + year + newId;
}
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else if (Session["Admin"] != null)
{
updaterId = (string)Session["Admin"];
}
else
{
updaterId = userId;
}
List <string> values = new List <string>();
values.Add(EmailBox.Text.Trim());
values.Add(FirstNameBox.Text.Trim());
values.Add(GenderList.SelectedItem.Text);
values.Add(LastnameBox.Text.Trim());
values.Add(OtherNameBox.Text.Trim());
values.Add(HospitalClass.Encrypt(PasswordBox.Text));
values.Add(PhoneBox.Text);
values.Add(updateCode);
values.Add(updaterId);
values.Add(userId);
values.Add(HospitalClass.getTransactionId());
int status = DataConsumer.executeProcedure("initial_reg", values);
StatusLabel.CssClass = "success big";
StatusLabel.Text = "You have been successfully registered.<br/>Your ID is: " + userId + ".<br/>";
goToLogin.Visible = true;
InfoDiv.Visible = false;
RegLabel.Visible = false;
CheckBoxDiv.Visible = false;
}
else
{
if (!checkName)
{
StatusLabel.Text = "Unsecure name entry. Please remove all ' and -- symbols";
}
else if (!checkPassword)
{
StatusLabel.Text = "Unsecure password choice. Please remove all ' and -- symbols";
}
else if (GenderList.SelectedIndex == 0)
{
StatusLabel.Text = "Please select your sex";
}
else if (dt.Rows.Count > 0)
{
StatusLabel.Text = "This email address has already been registered";
}
else
{
StatusLabel.Text = "Please choose a classification/role";
}
}
}
catch (Exception ex)
{
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
}
}
protected void SubmitButton_Click(object sender, EventArgs e)
{
try
{
bool checkId = HospitalClass.sqlProtect(UserIdBox.Text); //security for user id input against sqlInjection
bool checkPwd = HospitalClass.sqlProtect(PasswordBox.Text); //security for password input against sqlInjection
if (UserIdBox.Text.Length != 0 && checkId && checkPwd)
{
string passwordQuery = DataProvider.LoginPage.PasswordQuery(UserIdBox.Text.ToUpper().Trim());
DataTable dt = HospitalClass.getDataTable(passwordQuery);
if (dt.Rows.Count > 0)
{
string encryptPassword = HospitalClass.Encrypt(PasswordBox.Text);
int checkPassword = 0;
string userIdPass = "";
foreach (DataRow row in dt.Rows)
{
if (encryptPassword == row[0].ToString()) //check if password correlate
{
checkPassword = 1;
userIdPass = row[1].ToString(); //check first name repetition
}
userId = row[1].ToString();
if (userIdPass.Length > 0)
{
userId = userIdPass;
}
}
if (Session["SuperUser"] != null)
{
updaterId = (string)Session["SuperUser"];
}
else if (Session["Admin"] != null)
{
updaterId = (string)Session["Admin"];
}
else
{
updaterId = userId;
}
bool rights;
if (userId.StartsWith("ADM") || userId.StartsWith("SUP"))
{
rights = false;
}
else
{
rights = true;
}
//for either a basic user or a privileged user
if ((Session["SuperUser"] != null || Session["Admin"] != null || (checkPassword == 1 && rights)) || (!rights && checkPassword == 1))
{
bool auditTrailValidator = false;
string oldUser = ""; //to check the access of an administrator or a superuser
if (Session["SuperUser"] != null)
{
oldUser = Session["SuperUser"].ToString();
}
else if (Session["Admin"] != null)
{
oldUser = Session["Admin"].ToString();
}
Session["User"] = userId;
//using linq to datasets to query the datatable (to guard against two users with the same first name)
Session["FirstName"] = (from FirstName in dt.AsEnumerable()
where FirstName.Field <string>("USER_ID") == userId
select FirstName.Field <string>("FIRST_NAME")).First().ToString();
Session["RegStatus"] = (from Status in dt.AsEnumerable()
where Status.Field <string>("USER_ID") == userId
select Status.Field <string>("STATUS")).First().ToString();
//login for users
if ((Session["SuperUser"] != null || Session["Admin"] != null || checkPassword == 1) && rights)
{
if (userId.StartsWith("PAT"))
{
updateCode = "PAT_LGN";
}
else if (userId.StartsWith("DC"))
{
updateCode = "DOC_LGN";
}
else
{
updateCode = "STF_LGN";
};
Response.Redirect("~/LoggedInPage.aspx", false);
auditTrailValidator = true;
}
//login for admin and superuser
else if (!rights && checkPassword == 1)
{
if (userId.StartsWith("SUP"))
{
Session["SuperUser"] = userId;
updateCode = "SUP_LGN";
}
else
{
Session["Admin"] = userId;
updateCode = "ADM_LGN";
}
Response.Redirect("~/LoggedInPage.aspx", false);
auditTrailValidator = true;
}
//extraneous login for superuser and administrator
else
{
//to catch unauthorized access to another privileged user's account
if ((Session["SuperUser"] != null && !userId.StartsWith("SUP")) || oldUser == userId) //for privileged user relogin
{
Session["User"] = userId;
if (oldUser == userId)
{
Session["Info"] = "Welcome Back";
}
if (userId.ToUpper().StartsWith("ADM"))
{
updateCode = "ADM_LGN";
}
else
{
updateCode = "SUP_LGN";
}
Response.Redirect("~/LoggedInPage.aspx", false);
auditTrailValidator = true;
}
else
{
StatusLabel.Text = "You do not have access to this profile";
if (oldUser.StartsWith("SUP"))
{
Session["User"] = Session["SuperUser"].ToString();
}
else
{
Session["User"] = Session["Admin"].ToString();
}
auditTrailValidator = false;
}
}
if (auditTrailValidator)
{
object[] values = new object[4];
values[0] = (HospitalClass.getTransactionId());
values[1] = (updateCode);
values[2] = (updaterId);
values[3] = (userId);
int status = DataConsumer.executeProc("audit_trail_proc", values);
}
}
else
{
if (PasswordBox.Text.Length == 0)
{
StatusLabel.Text = "Please enter your password";
}
else
{
StatusLabel.Text = "Wrong user Id/password combination.<br/>Note: Password is case-sensitive.";
}
}
}
else
{
StatusLabel.Text = "You are not a user on our database. Please register.";
}
}
else
{
if (UserIdBox.Text.Length == 0)
{
StatusLabel.Text = "Please enter your user id, first name or email address";
}
else if (!checkId)
{
StatusLabel.Text = "Unsecure user Id";
}
else
{
StatusLabel.Text = "Unsecure password";
}
}
}
catch (Exception ex)
{
StatusLabel.Text = "Error: " + ex.Message;
HospitalClass.Log(ex);
//ex.Logger();
}
}
