/// <summary> /// Save edit and new Right /// </summary> /// <param name="sender"></param> /// <param name="e"></param> private void toolStripMenuItem3_Click(object sender, EventArgs e) { try { ParameterObj param1 = new ParameterObj(); param1.name = "@Name"; param1.type = SqlDbType.NVarChar; param1.value = tbname.Text; ParameterObj param2 = new ParameterObj(); param2.name = "@Mail"; param2.type = SqlDbType.NVarChar; param2.value = tbmail.Text; List <ParameterObj> paramlist = new List <ParameterObj>(); paramlist.Add(param1); paramlist.Add(param2); if (!string.IsNullOrEmpty(tbid.Text))//Edit { if (!string.IsNullOrEmpty(tbname.Text)) { string updatequery = "Update T_UserRights set UserRight=@Name," + "GlobalMail='" + cbisglobalmail.Checked + "'," + "EMail=@Mail," + "AllowPosten='" + cballowposten.Checked + "'," + "AllowTime='" + cballowtime.Checked + "'," + "AllowConfig='" + cballowconfig.Checked + "'," + "AllowAdministration='" + cballowadmin.Checked + "'" + " where UserRightID='" + tbid.Text + "'"; int result = _dbconn.Execute(updatequery, paramlist); if (result > 0) { _form.SettssinfoONE("Save Right correct..."); } this.toolStripMenuItem1_Click(sender, e); this.FillTreeView(); } else { _form.SettssinfoONE("Please set all informations..."); } } else//new right { #region newright if (!string.IsNullOrEmpty(tbname.Text)) //has name { if (tVUserRights.Nodes.Find(tbname.Text, false).GetLength(0) <= 0) //if other right { string insertquery = "Insert into T_UserRights(UserRightID,UserRight,GlobalMail,EMail,AllowPosten,AllowTime,AllowConfig,AllowAdministration)values(" + "'" + Guid.NewGuid() + "',@Name," + "'" + cbisglobalmail.Checked + "',@Mail," + "'" + cballowposten.Checked + "'," + "'" + cballowtime.Checked + "'," + "'" + cballowconfig.Checked + "'," + "'" + cballowadmin.Checked + "')"; int result = _dbconn.Execute(insertquery, paramlist); if (result > 0) { _form.SettssinfoONE("Save new Right correct..."); } this.toolStripMenuItem1_Click(sender, e); this.FillTreeView(); } else { _form.SettssinfoONE("UserRight exists..."); } } else { _form.SettssinfoONE("Please set all informations..."); } #endregion } } catch (Exception exp) { _form.SettssinfoONE("Exception: " + exp.Message); } }
private void toolStripMenuItemSave_Click(object sender, EventArgs e) { try { _saveButtonWasClicked = true; Snackboxx.Core.User user = new Snackboxx.Core.User(); user.userid = tbuserid.Text; user.username = this.InsertParameterCheck(tbusername.Text); user.loginname = this.InsertParameterCheck(tbloginname.Text); if (tb_userLimit.Text == "0.00" || tb_userLimit.Text == "") { user.betragsLimit = SnackboxxForm.DEFAULT_LIMIT; user.nextBetragsLimit = SnackboxxForm.DEFAULT_LIMIT; } else { user.betragsLimit = tb_userLimit.Text; user.nextBetragsLimit = tb_userLimit.Text; } string password = null; if (!string.IsNullOrEmpty(tbpassword.Text)) { password = _crypt.EncryptMessage(this.InsertParameterCheck(tbpassword.Text), _cryptstr); } user.Password = tbpassword.Text; user.EMail = this.InsertParameterCheck(tbemail.Text); if (cBUserRights.Items.Count > 0) { user.UserRightID = ((UserRight)cBUserRights.SelectedItem).userRightID; } ParameterObj timeObj = new ParameterObj(); timeObj.name = "@Timer"; timeObj.type = SqlDbType.DateTime; timeObj.value = DateTime.Now; if (string.IsNullOrEmpty(tbuserid.Text)) //newUser { #region newUser if (!_dbconn.DataSetExists("Select * from T_User where UserName='******'", null)) { string insert = "Insert into T_User(UserName,Password,EMail,UserRightID,LoginName,BetragsLimit,NextBetragsLimit)" + "values('" + user.username + "','" + password + "','" + user.EMail + "','" + user.UserRightID + "','" + user.loginname + "','" + user.betragsLimit + "','" + user.nextBetragsLimit + "')"; _dbconn.Execute(insert, null); string query = "Select UserID from T_User where UserName='******'"; SqlDataReader dr = _dbconn.GetResult(query, null); while (dr.Read()) { user.userid = dr.GetValue(0).ToString(); } dr.Close(); user.usercodes = new List <UserCode>(); for (int i = 0; i < lbcodes.Items.Count; ++i) { UserCode Ucode = (UserCode)lbcodes.Items[i]; user.usercodes.Add(Ucode); string insertcode = "Insert into T_UserCodes(UserID,UserCode,Preis,IsSnackCode)" + "values('" + user.userid + "','" + Ucode.userCode + "','" + Ucode.Preis + "','" + Ucode.Issnackcode + "')"; _dbconn.Execute(insertcode, null); } List <ParameterObj> paramlist = new List <ParameterObj>(); paramlist.Add(timeObj); string insertK = "Insert into T_UserTimeKonto(UserID,InHouse,UpdateTime)values('" + user.userid + "','false',@Timer)"; _dbconn.Execute(insertK, paramlist); TreeNode node = new TreeNode(); node.Text = user.username; node.Tag = user; tvuser.Nodes.Add(node); _form.SettssinfoONE("User Add... User " + user.username + " with follow ID " + user.userid + " is inserted..."); //this.WriteLog("User Add... User " + username + " with follow ID " + user.userid + " is inserted..."); } else { _form.SettssinfoONE("User exists in the Database... " + user.username); //this.WriteLog("User exists in the Database... " + username); } //this.btnclear_Click(sender, e); #endregion } else //olduser { #region olduser string queryupd = "Update T_User set UserName='******',Password='******',LoginName='" + user.loginname + "',EMail='" + user.EMail + "',UserRightID='" + user.UserRightID + "',BetragsLimit ='" + user.betragsLimit + "' where UserID='" + user.userid + "'"; _dbconn.Execute(queryupd, null); string query = "Select * from T_UserCodes where UserID='" + user.userid + "'"; List <Dictionary <string, string> > oldCodes = _dbconn.GetResultList(query, null); string kquery = "Select * from T_UserTimeKonto where UserID='" + user.userid + "'"; if (!_dbconn.DataSetExists(kquery, null)) { List <ParameterObj> paramlist = new List <ParameterObj>(); paramlist.Add(timeObj); string insertK = "Insert into T_UserTimeKonto(UserID,InHouse,UpdateTime)values('" + user.userid + "','false',@Timer)"; _dbconn.Execute(insertK, paramlist); } for (int i = 0; i < oldCodes.Count; ++i) { bool exists = false; string codeid = oldCodes[i]["CodeID"]; for (int j = 0; j < lbcodes.Items.Count; ++j) { UserCode code = (UserCode)lbcodes.Items[j]; if (codeid == code.CodeID) { exists = true; } } if (!exists) { string check = "Select * from T_User where UserID='" + user.userid + "' and rest>=0"; if (!_dbconn.DataSetExists(check, null)) { string delquery = "Delete from t_UserCodes where UserID='" + user.userid + "' and CodeID='" + codeid + "'"; _dbconn.Execute(delquery, null); } } } List <UserCode> UserCodelist = new List <UserCode>(); for (int i = 0; i < lbcodes.Items.Count; ++i) { UserCode code = (UserCode)lbcodes.Items[i]; if (string.IsNullOrEmpty(code.CodeID)) { code.UserID = tbuserid.Text; string insert = "Insert into T_UserCodes(UserID,UserCode,Preis,IsSnackCode)" + "values('" + code.UserID + "','" + code.userCode + "','" + code.Preis + "','" + code.Issnackcode + "')"; //this.WriteInfo(insert); _dbconn.Execute(insert, null); } } _form.SettssinfoONE("User Edit: User " + tbusername.Text + " was edit..."); //this.WriteLog("User Edit: User " + tbusername.Text + " was edit..."); tvuser.SelectedNode.ForeColor = Color.Black; tvuser.SelectedNode.Tag = user; #endregion } } catch (Exception exp) { MessageBox.Show(exp.Message + "\n" + exp.StackTrace); //this.WriteLog("UserSave ... Exception: " + exp.Message); } }