private void mnuAdmin_Click(object sender, EventArgs e)
{
try
{
// close the database connection
try
{
m_dbConnection.Close();
}
catch
{ }
m_dbConnection = null;
// this is a first time setup, so show the admin screen
var adminForm = new frmAdmin();
adminForm.AdminUserID = ConfigurationManager.AppSettings["AdminUserID"].ToString();
adminForm.ShowDialog(this);
// reset the form
defaultUIElements();
txtUserID.Text = "";
txtUserID.Tag = txtUserID.Text;
txtPassword.Text = "";
}
catch (Exception ex)
{
log.Error("Error", ex);
MessageBox.Show(ex.Message, "Error - " + System.Reflection.MethodBase.GetCurrentMethod().Name);
}
}
private void btnLogin_Click(object sender, EventArgs e)
{
log.Debug("IN");
try
{
// Login
string userIdentity = txtUserID.Text;
string userPassword = txtPassword.Text;
// Make a connection to the database if it hasnt already
// this wont fail, even if it doesnt exist. it will create the db file
connectToDatabase();
// wrap up the login call in an exception handler in case the identity table doesnt exist
// and we know we need to create it
bool foundLogin = false;
string dbUserID = "";
string dbUserPassword = "";
int dbAdminFlag = 0;
try
{
string sqlLogin = "******" + userIdentity + "' order by createUnixTimeStamp desc";
SQLiteCommand command1 = new SQLiteCommand(sqlLogin, m_dbConnection);
SQLiteDataReader reader1 = command1.ExecuteReader();
while (reader1.Read() && !foundLogin)
{
dbUserID = reader1["userIdentity"].ToString();
dbUserPassword = reader1["userPassword"].ToString();
// set the local password to the real password if we are skipping, so they will match
if (skipPassword)
{
userPassword = dbUserPassword;
}
dbAdminFlag = int.Parse(reader1["isAdmin"].ToString());
foundLogin = true;
}
reader1.Close();
}
catch (Exception ex)
{
// show the admin screen
if (userIdentity == ConfigurationManager.AppSettings["AdminUserID"].ToString() && userPassword == ConfigurationManager.AppSettings["AdminDefaultUserPassword"].ToString())
{
// close the database connection
try
{
m_dbConnection.Close();
}
catch
{ }
m_dbConnection = null;
// this is a first time setup, so show the admin screen
var adminForm = new frmAdmin();
// assign db variables so we dont have them duplicated
adminForm.AdminUserID = userIdentity;
adminForm.AdminUserPassword = userPassword;
adminForm.ShowDialog(this);
// reset the form
defaultUIElements();
txtUserID.Text = "";
txtUserID.Tag = txtUserID.Text;
txtPassword.Text = "";
}
else
{
// this is unexpected, probably need to show a message
log.Error("Error", ex);
MessageBox.Show(ex.Message, "Error - " + System.Reflection.MethodBase.GetCurrentMethod().Name);
}
return;
}
//validate credentials and set isadmin flag - case sensitive
if (!foundLogin || (userIdentity != dbUserID || userPassword != dbUserPassword))
{
// invalid login, kick them out
MessageBox.Show("Invalid Login", "Info");
return;
}
mnuAdmin.Visible = (dbAdminFlag == 1);
btnLogOut.Visible = true;
btnLogin.Visible = false;
if (dbAdminFlag == 1)
{
// this is a first time setup, so show the admin screen
var adminForm = new frmAdmin();
//assign db variables so we dont have them duplicated
adminForm.AdminUserID = userIdentity;
adminForm.AdminUserPassword = userPassword;
adminForm.ShowDialog(this);
}
else
{
doSmartPunch(userIdentity);
}
// reset the form
logOut();
}
catch (Exception ex)
{
log.Error("Error", ex);
MessageBox.Show(ex.Message, "Error - " + System.Reflection.MethodBase.GetCurrentMethod().Name);
}
}