private void button1_Click(object sender, EventArgs e)
{
this.Hide();
frmCart cart = new frmCart();
cart.Tag = currentUser;
cart.ShowDialog();
this.Close();
}
private void buttonAddCard_Click(object sender, EventArgs e)
{
currentUser = (User)this.Tag;
#region validation variables
bool validName = nameCheck();
bool validAddress;
bool validCity;
bool validMonth;
bool validYear;
bool validCard;
bool validCsv;
bool goodToGo;
if (validName)
{
validAddress = addressCheck();
}
else
{
return;
}
if (validAddress)
{
validCity = cityCheck();
}
else
{
return;
}
if (validCity)
{
validMonth = monthCheck();
}
else
{
return;
}
if (validMonth)
{
validYear = yearCheck();
}
else
{
return;
}
if (validYear)
{
validCard = cardCheck();
}
else
{
return;
}
if (validCard)
{
validCsv = csvCheck();
}
else
{
return;
}
if (validCsv)
{
goodToGo = zipCheck();
}
else
{
return;
}
#endregion
if (goodToGo)
{
string nameOnCard = textBoxCardName.Text;
string expDate = textBoxYear.Text + "-" + textBoxMonth.Text + "-01";
string billingAddress = textBoxAddress.Text;
string city = textBoxCity.Text;
string zip = textBoxZip.Text;
string state = comboBoxState.Text;
string country = comboBoxCountry.Text;
string cardType = comboBoxCards.Text;
byte[] plainTxtCsv = Encoding.ASCII.GetBytes(textBoxCSV.Text);
byte[] plainTxtCardNumber = Encoding.ASCII.GetBytes(textBoxCardNumber.Text);
byte[] csvSalt = addAccount.CreateSalt();
byte[] cardNumSalt = addAccount.CreateSalt();
byte[] cardHashByte;
byte[] csvHashByte;
string csvHash;
string cardNumberHash;
string lastFour = textBoxCardNumber.Text.Substring(textBoxCardNumber.Text.Length - 4);
cardHashByte = addAccount.EncryptSha256(plainTxtCardNumber, cardNumSalt);
csvHashByte = addAccount.EncryptSha256(plainTxtCsv, csvSalt);
csvHash = Convert.ToBase64String(csvHashByte);
cardNumberHash = Convert.ToBase64String(cardHashByte);
try
{
using (SqlConnection cn = new SqlConnection(_cnDB))
{
using (SqlCommand cmd = new SqlCommand("usp_AddCard", cn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@userID", SqlDbType.Int, 100).Value = currentUser.userID;
cmd.Parameters.Add("@nameOnCard", SqlDbType.VarChar, 100).Value = nameOnCard;
cmd.Parameters.Add("@expirationDate", SqlDbType.Date, 25).Value = expDate;
cmd.Parameters.Add("@billingAddress", SqlDbType.VarChar, 100).Value = billingAddress;
cmd.Parameters.Add("@city", SqlDbType.VarChar, 50).Value = city;
cmd.Parameters.Add("@zip", SqlDbType.VarChar, 7).Value = zip;
cmd.Parameters.Add("@state", SqlDbType.VarChar, 30).Value = state;
cmd.Parameters.Add("@country", SqlDbType.VarChar, 50).Value = country;
cmd.Parameters.Add("@cardType", SqlDbType.VarChar, 30).Value = cardType;
cmd.Parameters.Add("@csvHash", SqlDbType.VarChar, 256).Value = csvHash;
cmd.Parameters.Add("@csvSalt", SqlDbType.VarChar, 256).Value = Convert.ToBase64String(csvSalt);
cmd.Parameters.Add("@cardNumberSalt", SqlDbType.VarChar, 256).Value = Convert.ToBase64String(cardNumSalt);
cmd.Parameters.Add("@cardNumberHash", SqlDbType.VarChar, 256).Value = cardNumberHash;
cmd.Parameters.Add("@lastFour", SqlDbType.VarChar, 4).Value = lastFour;
cn.Open();
cmd.ExecuteNonQuery();
cn.Close();
}
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine("Exception : " + ex.Message.ToString());
}
this.Hide();
frmCart cart = new frmCart();
cart.Tag = currentUser;
cart.ShowDialog();
this.Close();
}
return;
}