/// <summary>
/// Makes new user
/// </summary>
/// <param name="id">Id</param>
/// <param name="name">Username</param>
/// <param name="pwd">Password</param>
/// <param name="isAdmin">Is admin</param>
private void SaveNewUser(int id, string name, char[] pwd, bool isAdmin)
{
try
{
string query =
"INSERT INTO `user`(`id`, `username`, `password`, `isAdmin`) VALUES (@id,@name,@pwd,@isAdmin)";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
cmd.Parameters.AddWithValue("@id", id);
cmd.Parameters.AddWithValue("@name", name);
cmd.Parameters.AddWithValue("@pwd", new string(pwd));
cmd.Parameters.AddWithValue("@isAdmin", isAdmin);
cmd.Prepare();
cmd.ExecuteScalar();
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
/// <summary>
/// Gets the amount of usernames
/// </summary>
/// <param name="name"></param>
/// <returns>Should be 1</returns>
private int GetUsernameCount(string name)
{
try
{
string query = "SELECT COUNT(id) FROM user WHERE username LIKE @name";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
cmd.Parameters.AddWithValue("@name", name);
cmd.Prepare();
object retVal = cmd.ExecuteScalar();
CloseConnection();
return(Convert.ToInt32(retVal));
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
return(0);
}
private void Ok_Click(object sender, RoutedEventArgs e)
{
string name = NameInput.Text;
char[] pwd = PasswordInput.Password.ToCharArray(), pwdRetype = PasswordRetypeInput.Password.ToCharArray();
bool isAdmin = IsAdminCheckBox.IsChecked != null && (bool)IsAdminCheckBox.IsChecked;
//return ifs
if (CheckUsernameExists(name))
{
Buchhaltung.Log("Name '" + name + "' already exists");
return;
}
if (!new string(pwd).Equals(new string(pwdRetype)))
{
Buchhaltung.Log("Passwords do not match");
return;
}
//end of return if
SaveNewUser(_id, name, pwd, isAdmin);
Close();
}
/// <summary>
/// Save edited user
/// </summary>
private void SaveNewUser(bool pwdChanged)
{
try
{
string query = pwdChanged ? "UPDATE user SET username=@username,password=@_pwd,isAdmin=@isAdmin WHERE id LIKE @id" : "UPDATE user SET username=@username,isAdmin=@isAdmin WHERE id LIKE @id";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
if (pwdChanged)
{
cmd.Parameters.AddWithValue("@_pwd", BCrypt.Net.BCrypt.HashPassword(new string(_pwd), BCrypt.Net.BCrypt.GenerateSalt()));
}
cmd.Parameters.AddWithValue("@isAdmin", _isAdmin);
cmd.Parameters.AddWithValue("@id", _id);
cmd.Parameters.AddWithValue("@username", _dbName);
cmd.Prepare();
cmd.ExecuteNonQuery();
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.Log("ERROR: " + ex.Message);
Buchhaltung.SaveErrorMsg(ex);
}
}
/// <summary>
/// Search function / Gets called when text changed
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void SearchChanged(object sender, TextChangedEventArgs e)
{
try
{
UserTable.Items.Filter = filteredData =>
{
if (SearchBox.Text.Equals(""))
{
return(true);
}
if (SearchBox.Text.ToLower().Trim().Equals("admin") && filteredData is User uA && uA.IsAdmin)
{
return(true);
}
return(filteredData is User p && p.Name.ToString() == SearchBox.Text.Trim()
| (Convert.ToString(p.Name).ToLower().Contains(SearchBox.Text.ToLower())));
};
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
/// <summary>
/// Gets the usernames
/// </summary>
private void GetUsers()
{
try
{
const string query = "SELECT id,username,isAdmin FROM user";
CreateConnection();
_connection.Open();
MySqlCommand commandDatabase = new MySqlCommand(query, _connection)
{
CommandTimeout = 60
};
MySqlDataReader reader = commandDatabase.ExecuteReader();
if (reader.HasRows)
{
while (reader.Read())
{
string id = reader.GetString(0);
string userName = reader.GetString(1);
string isAdmin = reader.GetString(2);
_users.Add(new User(Convert.ToInt32(id), userName, Convert.ToBoolean(Convert.ToInt32(isAdmin))));
}
}
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
/// <summary>
/// Get user
/// </summary>
/// <param name="username"></param>
private void GetUser(string username)
{
try
{
const string query = "SELECT id,username,isAdmin FROM user WHERE username LIKE @name";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
cmd.Parameters.AddWithValue("@name", username);
cmd.Prepare();
MySqlDataReader reader = cmd.ExecuteReader();
if (reader.HasRows)
{
while (reader.Read())
{
_id = Convert.ToInt32(reader.GetString(0));
_dbName = reader.GetString(1);
_isAdmin = Convert.ToBoolean(Convert.ToInt32(reader.GetString(2)));
}
}
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
/// <summary>
/// edits user
/// </summary>
private void Edit()
{
char[] newPwd = PasswordInput.Password.ToCharArray(), newPwdRetype = PasswordRetypeInput.Password.ToCharArray();
string newName = NameInput.Text;
bool isAdmin = Convert.ToBoolean(IsAdminCheckBox.IsChecked);
if (CheckIfUserNameExists(newName))
{
if (CheckInput(newPwd, newPwdRetype))
{
_isAdmin = isAdmin;
if (newPwd.Length != 0)
{
_pwd = newPwd;
}
_dbName = newName;
SaveNewUser(newPwd.Length != 0);
Close();
}
else
{
Buchhaltung.Log("Password´s are not equal.");
}
}
else
{
Buchhaltung.Log("Username already exists");
}
}
/// <summary>
/// Check if username already exists
/// </summary>
/// <param name="newName">New username</param>
/// <returns>true / false</returns>
private bool CheckIfUserNameExists(string newName)
{
try
{
CreateConnection();
const string query = "SELECT COUNT(username) FROM user WHERE username LIKE @name";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
cmd.Parameters.AddWithValue("@name", newName);
cmd.Prepare();
object retVal = cmd.ExecuteScalar();
CloseConnection();
return(retVal.ToString().Equals("0") || _oldName == newName);
}
catch (Exception ex)
{
Buchhaltung.Log(ex.Message);
Buchhaltung.SaveErrorMsg(ex);
}
return(false);
}
/// <summary>
/// Calls edit User window
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void Edit_Click(object sender, RoutedEventArgs e)
{
if (UserTable.SelectedItem is User ut)
{
EditUser editUser = new EditUser(ut.Name);
editUser.Show();
editUser.Closed += (x, y) =>
{
Buchhaltung.Log("refresh");
UserTable.Items.Refresh();
};
}
}
/// <summary>
/// Deletes the selected user
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void Delete_Click(object sender, RoutedEventArgs e)
{
if (UserTable.SelectedItem is User ut)
{
string name = ut.Name;
//returns if selected name is you
if (name.Equals(Buchhaltung.Username))
{
Buchhaltung.Log("Du kannst dich nicht selbst löschen");
return;
}
if (MessageBox.Show("'" + name + "' löschen?", "Sicher löschen", MessageBoxButton.YesNo,
MessageBoxImage.Warning) == MessageBoxResult.Yes)
{
_users.Remove(ut);
RemoveUser(name);
UserTable.Items.Refresh();
}
}
}
/// <summary>
/// Removes the user
/// </summary>
/// <param name="name">Name to remove</param>
private void RemoveUser(string name)
{
try
{
string query = "DELETE FROM user WHERE username = '******'";
CreateConnection();
MySqlCommand commandDatabase = new MySqlCommand(query, _connection)
{
CommandTimeout = 60
};
_connection.Open();
commandDatabase.ExecuteNonQuery();
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
