public int UpdateUser(PokedexUser oldUser, PokedexUser newUser)
{
int rows = 0;
var conn = PokedexDBConnection.GetConnection();
var cmd = new SqlCommand("sp_update_user", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@UserID", oldUser.PokedexUserID);
cmd.Parameters.AddWithValue("@NewUserName", newUser.PokedexUserName);
cmd.Parameters.AddWithValue("@NewEmail", newUser.Email);
cmd.Parameters.AddWithValue("@OldUserName", oldUser.PokedexUserName);
cmd.Parameters.AddWithValue("@OldEmail", oldUser.Email);
try
{
conn.Open();
rows = cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
throw ex;
}
finally
{
conn.Close();
}
return(rows);
}
public frmAddEditUser(PokedexUser user, IPokedexUserManager userManager, int _userID)
{
InitializeComponent();
_user = user;
UserID = _userID;
_userManager = userManager;
}
private PokedexUser getUserByEmail(string email)
{
PokedexUser dexUser = new PokedexUser();
var dexConn = PokedexDBConnection.GetConnection();
//Two of our command objects
var cmd1 = new SqlCommand("sp_select_pokedex_user_by_email");
var cmd2 = new SqlCommand("sp_select_roles_by_UserID");
// Getting connection on command objects
cmd1.Connection = dexConn;
cmd2.Connection = dexConn;
// Setting the command type for them
cmd1.CommandType = CommandType.StoredProcedure;
cmd2.CommandType = CommandType.StoredProcedure;
// parameters for connection
cmd1.Parameters.Add("@Email", SqlDbType.NVarChar, 250);
cmd1.Parameters["@Email"].Value = email;
cmd2.Parameters.Add("@UserID", SqlDbType.Int);
try
{
//open connection, Remember to CLOSE it!
dexConn.Open();
//execute
var reader1 = cmd1.ExecuteReader();
if (reader1.Read())
{
//UserID
dexUser.PokedexUserID = reader1.GetInt32(0);
dexUser.PokedexUserName = reader1.GetString(1);
dexUser.Email = email;
}
else
{
throw new ApplicationException("User not found");
}
reader1.Close();
cmd2.Parameters["@UserID"].Value = dexUser.PokedexUserID;
List <String> roles = new List <String>();
var reader2 = cmd2.ExecuteReader();
while (reader2.Read())
{
string role = reader2.GetString(0);
roles.Add(role);
}
dexUser.PokedexRoles = roles;
}
catch (Exception ex)
{
throw ex;
}
return(dexUser);
}
public PokedexUser AuthenticatePokedexUser(string email, string passwordHash)
{
// This will change to 1 if the user is authenticated already.
PokedexUser dexUserResult = null;
// We must get a connection
var dexConn = PokedexDBConnection.GetConnection();
// YOU NEED A USER SPROC
var cmd = new SqlCommand("sp_authenticate_pokedex_user");
// Part of the command object
cmd.Connection = dexConn;
// setting the command type here
cmd.CommandType = CommandType.StoredProcedure;
//Add parameters for the procedure
// CHECK VARIABLE LENGTHS
cmd.Parameters.Add("@Email", SqlDbType.NVarChar, 250);
cmd.Parameters.Add("@PasswordHash", SqlDbType.NVarChar, 100);
//Set the values for the parameters
cmd.Parameters["@Email"].Value = email;
cmd.Parameters["@PasswordHash"].Value = passwordHash;
// now that the command is set up we can execute it
try
{
//Open the connection, make sure you close it.
dexConn.Open();
// Execute
if (1 == Convert.ToInt32(cmd.ExecuteScalar()))
{
// if the command worked correctly, get a user object
dexUserResult = getUserByEmail(email);
}
else
{
// Let the user know that their credentials weren't found
throw new ApplicationException("User not found");
}
}
catch (Exception ex)
{
throw ex;
}
finally
{
//Remembered to close the connection
dexConn.Close();
}
return(dexUserResult);
}
//Opens edit user screen
private void dgUserList_MouseDoubleClick(object sender, MouseButtonEventArgs e)
{
lblStatusMessage.Content = "Went to edit User";
PokedexUser selectedUser = (PokedexUser)dgUserList.SelectedItem;
var userWindow = new frmAddEditUser(selectedUser, _userManager, UserID);
if (userWindow.ShowDialog() == true)
{
refreshUserList();
}
}
public bool EditUser(PokedexUser oldUser, PokedexUser newUser)
{
bool result = false;
try
{
result = _userAccessor.UpdateUser(oldUser, newUser) == 1;
}
catch (Exception ex)
{
throw new ApplicationException("Update failed", ex);
}
return(result);
}
public bool AddUser(PokedexUser user)
{
bool result = true;
try
{
result = _userAccessor.InsertUser(user) > 0;
}
catch (Exception ex)
{
throw new ApplicationException("User not added", ex);
}
return(result);
}
public PokedexUser AuthenticatePokedexUser(string email, string password)
{
PokedexUser dexUserResult = null;
// We need to hash the password
var passwordHash = hashUserPassword(password);
password = null;
try
{
dexUserResult = _userAccessor.AuthenticatePokedexUser(email, passwordHash);
}
catch (Exception ex)
{
throw new ApplicationException("Login Failed, Please try again!", ex);
}
return(dexUserResult);
}
public List <PokedexUser> SelectUsersByActive(bool active = true)
{
List <PokedexUser> users = new List <PokedexUser>();
var conn = PokedexDBConnection.GetConnection();
var cmd = new SqlCommand("sp_select_users_by_active");
cmd.Connection = conn;
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@Active", SqlDbType.Bit);
cmd.Parameters["@Active"].Value = active;
try
{
conn.Open();
var reader = cmd.ExecuteReader();
if (reader.HasRows)
{
while (reader.Read())
{
var user = new PokedexUser();
user.PokedexUserID = reader.GetInt32(0);
user.PokedexUserName = reader.GetString(1);
user.Email = reader.GetString(2);
user.Active = reader.GetBoolean(3);
users.Add(user);
}
}
reader.Close();
}
catch (Exception ex)
{
throw ex;
}
finally
{
conn.Close();
}
return(users);
}
public int InsertUser(PokedexUser user)
{
int UserID = 0;
var dexConn = PokedexDBConnection.GetConnection();
var cmd = new SqlCommand("sp_insert_user", dexConn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@UserName", user.PokedexUserName);
cmd.Parameters.AddWithValue("@Email", user.Email);
try
{
dexConn.Open();
UserID = Convert.ToInt32(cmd.ExecuteScalar());
}
catch (Exception ex)
{
throw ex;
}
finally
{
dexConn.Close();
}
return(UserID);
}
public frmUpdateUserPassword(PokedexUser pokedexUser, IPokedexUserManager pokedexUserManager)
{
InitializeComponent();
_pokedexUser = pokedexUser;
_pokedexUserManager = pokedexUserManager;
}
//Saves changes
private void btnSave_Click(object sender, RoutedEventArgs e)
{
// error checks
if (txtUserName.Text == "")
{
MessageBox.Show("You must enter a first name.");
txtUserName.Focus();
return;
}
if (!(txtEmail.Text.ToString().Length > 6 &&
txtEmail.Text.ToString().Contains("@") &&
txtEmail.Text.ToString().Contains(".")))
{
MessageBox.Show("You must enter a valid email address.");
txtEmail.Focus();
return;
}
PokedexUser newUser = new PokedexUser()
{
PokedexUserName = txtUserName.Text.ToString(),
Email = txtEmail.Text.ToString(),
Active = (bool)chkActive.IsChecked
};
if (_addMode)
{
try
{
if (_userManager.AddUser(newUser))
{
this.DialogResult = false;
this.Close();
}
try
{
lstAssigned.ItemsSource = _userManager.RetrieveUserRoles(_user.PokedexUserID);
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message + "\n\n"
+ ex.InnerException.Message);
}
}
else
{
try
{
if (_userManager.EditUser(_user, newUser))
{
// success
this.DialogResult = true;
this.Close();
}
else
{
throw new ApplicationException("Data not Saved.",
new ApplicationException("User may no longer exist."));;
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message + "\n\n"
+ ex.InnerException.Message);
}
}
}
//Initiates login
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
var userEmail = txtUserName.Text;
var userPassword = pwdPassword.Password;
if (btnLogin.Content.ToString() == "Logout")
{
_pokedexUser = null;
//Make it open the new page
// reset the login
btnLogin.Content = "Login";
txtUserName.Text = "";
pwdPassword.Password = "";
txtUserName.IsEnabled = true;
pwdPassword.IsEnabled = true;
txtUserName.Visibility = Visibility.Visible;
pwdPassword.Visibility = Visibility.Visible;
lblUserName.Visibility = Visibility.Visible;
lblPassword.Visibility = Visibility.Visible;
return;
}
if (userEmail.Length < 7 || userPassword.Length < 7)
{
//Display a message, always say user name or password bad
//so bad users aren't sure what is wrong
MessageBox.Show("Invalid Username or Password.", "Login Failed.", MessageBoxButton.OK, MessageBoxImage.Error);
txtUserName.Text = "";
pwdPassword.Password = "";
txtUserName.Focus();
return;
}
// try to login
try
{
_pokedexUser = _pokedexUserManager.AuthenticatePokedexUser(userEmail, userPassword);
string pokedexRoles = "";
for (int i = 0; i < _pokedexUser.PokedexRoles.Count; i++)
{
pokedexRoles += _pokedexUser.PokedexRoles[i];
if (i < _pokedexUser.PokedexRoles.Count - 1)
{
pokedexRoles += ", ";
}
}
_pokedexUserID = _pokedexUserManager.GetUserID(userEmail);
string message = "Welcome, " + _pokedexUser.PokedexUserName;
//lblStatusMessage.Content = message;
if (pwdPassword.Password == "newuser")
{
var updatePassword = new frmUpdateUserPassword(_pokedexUser, _pokedexUserManager);
if (updatePassword.ShowDialog() == false)
{
this.Visibility = Visibility.Hidden;
var pokedexHome = new PokedexHome(_pokedexUserID, pokedexRoles);
}
}
else
{
this.Visibility = Visibility.Hidden;
var pokedexHome = new PokedexHome(_pokedexUserID, pokedexRoles);
}
}
catch (Exception ex)
{
MessageBox.Show("Bad Username or Password.",
"Login Failed" + "\n\n" + ex.InnerException.Message,
MessageBoxButton.OK, MessageBoxImage.Error);
}
}