private void ViewRec_Load(object sender, EventArgs e)
{
db.openConnection(); // open connection
string sQuery = "SELECT indexno,firstname,lastname,address,gender,dob,email,faculty,mobile,image FROM student WHERE indexno ='" + selected + "'";
MySqlCommand cmd = new MySqlCommand(sQuery, db.getConnection());
MySqlDataAdapter adapter = new MySqlDataAdapter(cmd);
DataTable table = new DataTable();
adapter.Fill(table);
txtindex.Text = table.Rows[0][0].ToString();
txtfname.Text = table.Rows[0][1].ToString();
txtlname.Text = table.Rows[0][2].ToString();
txtaddress.Text = table.Rows[0][3].ToString();
if (table.Rows[0][4].ToString() == "M")
{
radiomale.Checked = true;
}
else
{
radiofemale.Checked = true;
}
txtdob.Text = table.Rows[0][5].ToString();
txtemail.Text = table.Rows[0][6].ToString();
txtfaculty.Text = table.Rows[0][7].ToString();
txtmobile.Text = table.Rows[0][8].ToString();
/*
*
*
* Invalid Argument exception Due to Empty image filled- EXCEPTION HANDLED
*
*/
try
{
byte[] data = new byte[0];
data = (byte[])(table.Rows[0][9]);
MemoryStream mem = new MemoryStream(data);
picImg.Image = Image.FromStream(mem);
}
catch (Exception)
{
string message = "No Image file found on Database!";
string title = "Image File Not Found";
MessageBoxButtons buttons = MessageBoxButtons.OK;
DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Information);
}
db.openConnection(); // close connection
}
Records openRecs = (Records)Application.OpenForms["Records"]; // obj for open record form manipulation
// --- Form Onload ---
private void AddEdit_Load(object sender, EventArgs e)
{
db.openConnection(); // open connection
MySqlCommand cmd = new MySqlCommand("SELECT facultyname FROM faculty;", db.getConnection());
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
cmbfaculty.Items.Add(reader.GetString("facultyname"));
}
}
db.openConnection(); // close connection
}
/*
* --- SignIn Handling ---
*/
private void btnSignin_Click(object sender, EventArgs e)
{
string enteredPass = txtLoginPassword.Text;
DbHandler db = new DbHandler();
MySqlDataAdapter adapter = new MySqlDataAdapter();
DataTable table = new DataTable();
MySqlCommand cmd = new MySqlCommand("SELECT password, salt FROM student WHERE indexno=@index;", db.getConnection());
db.openConnection(); // open connection
cmd.Parameters.Add("@index", MySqlDbType.VarChar).Value = txtLoginusername.Text;
adapter.SelectCommand = cmd;
adapter.Fill(table);
if (table.Rows.Count > 0)
{
string pass = table.Rows[0][0].ToString();
string salt = table.Rows[0][1].ToString();
string newPass = hashSalt.generateHash(enteredPass, hashSalt.saltToByte(salt));
if (hashSalt.authenticateUser(enteredPass, pass, salt))
{
// MessageBox.Show("correct ='" + pass + "'\nEntered pass ='******'");
// --- form Records obj
Records gotoRecords = new Records();
gotoRecords.Show(); // goto Records
this.Hide();
}
else
{
string message = "User name & Password did not Match!?";
string title = "Attention!";
MessageBoxButtons buttons = MessageBoxButtons.OK;
DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Warning);
}
}
else
{
string message = "User name NotFound!?";
string title = "Attention!";
MessageBoxButtons buttons = MessageBoxButtons.OK;
DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Warning);
}
//this.Close();
db.openConnection(); // close connection
}
// --- Search query ---
public void searchData(string searchString)
{
db.openConnection(); // open connection
string sQuery = "SELECT indexno,firstname,lastname,address,gender,dob,email,faculty,mobile FROM student WHERE CONCAT(" + getConstraints().ToString() + " ) LIKE '%" + searchString + "%'";
MySqlCommand cmd = new MySqlCommand(sQuery, db.getConnection());
MySqlDataAdapter adapter = new MySqlDataAdapter(cmd);
DataTable table = new DataTable();
adapter.Fill(table);
gridviewtable.DataSource = table;
//gridviewtable.Columns.Remove("View");
db.openConnection(); // open connection
}
HashSalt hashSalt = new HashSalt(100); // 100 iterations
private void Login_Load(object sender, EventArgs e)
{
DbHandler db = new DbHandler();
MySqlCommand cmd = new MySqlCommand("SELECT facultyname FROM faculty;", db.getConnection());
db.openConnection(); // open connection
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
cmbfaculty.Items.Add(reader.GetString("facultyname"));
}
}
}
/*
* --- ^ SignIn Handling ^ ---
*/
/*
* --- SignUp Handling ---
*/
private void btnSignup_Click(object sender, EventArgs e)
{
// --- confirmation with message box ---
string message = "Do you want to Save the changes?";
string title = "Please Confirm!";
MessageBoxButtons buttons = MessageBoxButtons.YesNo;
DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Warning);
if (result == DialogResult.Yes)
{
if (txtpassword.Text == txtconfirmpassword.Text)
{
DbHandler db = new DbHandler();
MySqlCommand cmd = new MySqlCommand("INSERT INTO `student`(`indexno`,`firstname`,`lastname`,`address`,`gender`,`dob`,`email`,`faculty`,`mobile`,`password`,`salt`,`image`)VALUES(@index, @firstname, @lastname, @address, @gender, @dob, @email, @faculty, @mobile, @password, @salt, @image);", db.getConnection());
// --- image ---
MemoryStream ms = new MemoryStream();
pictureBox1.Image.Save(ms, pictureBox1.Image.RawFormat);
byte[] img = ms.ToArray();
// -------------
var salt = hashSalt.generateSalt(); // generates random salt type string
var byteSalt = hashSalt.saltToByte(salt); // gets byte[] from salt string
cmd.Parameters.Add("@index", MySqlDbType.VarChar).Value = txtindex.Text;
cmd.Parameters.Add("@firstname", MySqlDbType.VarChar).Value = txtfname.Text;
cmd.Parameters.Add("@lastname", MySqlDbType.VarChar).Value = txtlname.Text;
cmd.Parameters.Add("@address", MySqlDbType.VarChar).Value = txtaddress.Text;
cmd.Parameters.Add("@gender", MySqlDbType.VarChar).Value = getGender();
cmd.Parameters.Add("@dob", MySqlDbType.Date).Value = dateDob.Value.Date;
cmd.Parameters.Add("@email", MySqlDbType.VarChar).Value = txtemail.Text;
cmd.Parameters.Add("@faculty", MySqlDbType.VarChar).Value = cmbfaculty.GetItemText(cmbfaculty.SelectedItem);
cmd.Parameters.Add("@mobile", MySqlDbType.VarChar).Value = txtmobile.Text;
cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = hashSalt.generateHash(txtpassword.Text, byteSalt); // get (password+salt) hashed from db
cmd.Parameters.Add("@salt", MySqlDbType.VarChar).Value = salt;
cmd.Parameters.Add("@image", MySqlDbType.Blob).Value = img;
db.openConnection(); // open connection
// execute query
if (cmd.ExecuteNonQuery() == 1)
{
MessageBox.Show("Record added!", "Success!", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show("Failed!, please retry", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
db.openConnection(); // close connection
}
else
{
// --- password confirmation failed msg ---
DialogResult r = MessageBox.Show("Password Confirmation failed?", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Warning);
txtpassword.Focus();
}
}
else
{
// Do something
}
}
private void RecEdit_Load(object sender, EventArgs e)
{
db.openConnection(); // open connection
// --- populate faculty cmb ---
MySqlCommand cmdCmb = new MySqlCommand("SELECT facultyname FROM faculty;", db.getConnection());
using (var reader = cmdCmb.ExecuteReader())
{
while (reader.Read())
{
cmbfaculty.Items.Add(reader.GetString("facultyname"));
}
}
string sQuery = "SELECT indexno,firstname,lastname,address,gender,dob,email,faculty,mobile,image FROM student WHERE indexno ='" + selected + "'";
MySqlCommand cmd = new MySqlCommand(sQuery, db.getConnection());
MySqlDataAdapter adapter = new MySqlDataAdapter(cmd);
DataTable table = new DataTable();
adapter.Fill(table);
MessageBox.Show(sQuery);
txtindex.Text = table.Rows[0][0].ToString();
txtfname.Text = table.Rows[0][1].ToString();
txtlname.Text = table.Rows[0][2].ToString();
txtaddress.Text = table.Rows[0][3].ToString();
if (table.Rows[0][4].ToString() == "M")
{
radiomale.Checked = true;
}
else
{
radiofemale.Checked = true;
}
dateDob.Value = Convert.ToDateTime(table.Rows[0][5]);
txtemail.Text = table.Rows[0][6].ToString();
cmbfaculty.SelectedIndex = cmbfaculty.FindStringExact(table.Rows[0][7].ToString());
txtmobile.Text = table.Rows[0][8].ToString();
/*
*
*
* Invalid Argument exception Due to Empty image filled- EXCEPTION HANDLED
*
*/
try
{
byte[] data = new byte[0];
data = (byte[])(table.Rows[0][9]);
MemoryStream mem = new MemoryStream(data);
picImg.Image = Image.FromStream(mem);
}
catch (Exception)
{
string message = "No Image file found on Database!";
string title = "Image File Not Found";
MessageBoxButtons buttons = MessageBoxButtons.OK;
DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Information);
}
db.openConnection(); // close connection
}
