private void populateUserList()
{
cbEmployee.Items.Clear();
SqlConnection conn = null;
SqlDataReader rdr = null;
try
{
conn = new SqlConnection(MovieListing.getConnString());
conn.Open();
SqlCommand cmd = new SqlCommand("sp_showAllUsers", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.ExecuteNonQuery();
rdr = cmd.ExecuteReader();
while (rdr.Read())
{
id = (rdr["Employee_ID"].ToString());
name = (rdr["Name"].ToString());
idName = id + name;
cbEmployee.Items.Add(idName);
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
private void addUser()
{
SqlConnection conn = null;
try
{
conn = new SqlConnection(MovieListing.getConnString());
SqlCommand cmd = new SqlCommand("sp_addUser2", conn);
cmd.CommandType = CommandType.StoredProcedure;
conn.Open();
cmd.Parameters.Add(new SqlParameter("@username", LoginName));
cmd.Parameters.Add(new SqlParameter("@password", password));
cmd.Parameters.Add(new SqlParameter("@userType", privelege));
cmd.Parameters.Add(new SqlParameter("@name", name));
cmd.ExecuteNonQuery();
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
}
public string login()
{
SqlConnection conn = null;
SqlDataReader rdr = null;
string result = null;
try
{
conn = new SqlConnection(MovieListing.getConnString());
conn.Open();
SqlCommand cmd = new SqlCommand("sp_logIn4", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter("@username", tbUserName.Text));
cmd.Parameters.Add(new SqlParameter("@password", tbPassword.Text));
var outParam = new SqlParameter("@result", SqlDbType.VarChar, -1);
var outParam2 = new SqlParameter("@result2", SqlDbType.VarChar, -1);
var outParam3 = new SqlParameter("@result3", SqlDbType.VarChar, -1);
var outParam4 = new SqlParameter("@result4", SqlDbType.VarChar, -1);
outParam.Direction = ParameterDirection.Output;
outParam2.Direction = ParameterDirection.Output;
outParam3.Direction = ParameterDirection.Output;
outParam4.Direction = ParameterDirection.Output;
cmd.Parameters.Add(outParam);
cmd.Parameters.Add(outParam2);
cmd.Parameters.Add(outParam3);
cmd.Parameters.Add(outParam4);
cmd.ExecuteNonQuery();
rdr = cmd.ExecuteReader();
if (cmd.Parameters["@result"].Value.ToString() == tbUserName.Text + " " + tbPassword.Text)
{
authenticate = true;
userName = cmd.Parameters["@result2"].Value.ToString();
userId = cmd.Parameters["@result3"].Value.ToString();
userPrivelege = cmd.Parameters["@result4"].Value.ToString();
}
else
{
MessageBox.Show("Error 001: Invalid Username Or Password");
authenticate = false;
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
return(result);
}
private void btnRemove_Click(object sender, EventArgs e)
{
idName = new string(idName.Where(x => char.IsDigit(x)).ToArray());
MessageBox.Show(idName);
SqlConnection conn = null;
try
{
conn = new SqlConnection(MovieListing.getConnString());
conn.Open();
SqlCommand cmd = new SqlCommand("sp_removeUser1", conn);
cmd.Parameters.Add(new SqlParameter("@employeeId", idName));
cmd.CommandType = CommandType.StoredProcedure;
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
populateUserList();
}
