private void lblForgot_MouseLeftButtonUp(object sender, MouseButtonEventArgs e)
{
if (string.IsNullOrEmpty(txtUsername.Text))
{
MessageBox.Show("No username input");
txtUsername.Focus();
}
else
{
var conn = DBUtils.Instance();
conn.IsConnect();
using (MySqlCommand cmd = new MySqlCommand("Select COUNT(1) from Accounts where username = @username", conn.Connection))
{
cmd.Parameters.AddWithValue("@username", txtUsername.Text);
int count = Convert.ToInt32(cmd.ExecuteScalar());
if (count > 0)
{
Hide();
new ForgotPassword(txtUsername.Text).ShowDialog();
ShowDialog();
txtPassword.Password = null;
txtUsername.Text = null;
}
else
{
MessageBox.Show("User does not exist!");
}
}
}
}
private void btnResetPassword_Click(object sender, RoutedEventArgs e)
{
if (string.IsNullOrEmpty(txtNewPass.Password) || string.IsNullOrEmpty(txtConfirmPass.Password))
{
MessageBox.Show("One or more fields are empty!");
}
else
{
if (txtNewPass.Password.Equals(txtConfirmPass.Password))
{
string sMessageBoxText = "Are all fields checked?";
string sCaption = "Confirm Change Password";
MessageBoxButton btnMessageBox = MessageBoxButton.YesNoCancel;
MessageBoxImage icnMessageBox = MessageBoxImage.Warning;
MessageBoxResult dr = MessageBox.Show(sMessageBoxText, sCaption, btnMessageBox, icnMessageBox);
switch (dr)
{
case MessageBoxResult.Yes:
var conn = DBUtils.Instance();
conn.IsConnect();
using (MySqlCommand cmd1 = new MySqlCommand("UPDATE Accounts SET password = @password, tries = @tries WHERE username = @username", conn.Connection))
{
cmd1.Parameters.AddWithValue("@username", user);
cmd1.Parameters.AddWithValue("@password", txtNewPass.Password);
cmd1.Parameters.AddWithValue("@tries", 0);
cmd1.ExecuteNonQuery();
MessageBox.Show("Password has been changed.");
}
this.DialogResult = false;
break;
case MessageBoxResult.No: break;
}
}
else
{
MessageBox.Show("New password and confirmation password do not match.");
}
}
}
public ForgotPassword(string username)
{
InitializeComponent();
user = username;
var conn = DBUtils.Instance();
conn.IsConnect();
using (MySqlCommand cmd = new MySqlCommand("SELECT securityQuestion, answer FROM Accounts WHERE username = @username", conn.Connection))
{
cmd.Parameters.AddWithValue("@username", username);
MySqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
int securityQuestionIndex = dr.GetOrdinal("securityQuestion");
question = Convert.ToString(dr.GetValue(securityQuestionIndex));
int answerIndex = dr.GetOrdinal("answer");
answer = Convert.ToString(dr.GetValue(answerIndex));
securityQuestion.Content = question;
}
}
}
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
if (string.IsNullOrEmpty(txtUsername.Text) || string.IsNullOrEmpty(txtPassword.Password))
{
MessageBox.Show("One or more fields are empty!");
return;
}
else
{
var conn = DBUtils.Instance();
conn.IsConnect();
Nullable <int> loginAttempts;
using (MySqlCommand cmd = new MySqlCommand("Select tries FROM Accounts WHERE username = @username", conn.Connection))
{
cmd.Parameters.AddWithValue("@username", txtUsername.Text);
loginAttempts = Convert.ToInt32(cmd.ExecuteScalar());
}
if (loginAttempts < 5)
{
string un = txtUsername.Text;
string pw = txtPassword.Password;
using (MySqlCommand cmd = new MySqlCommand("Select * from Accounts where username = @username AND password = @password", conn.Connection))
{
cmd.Parameters.AddWithValue("@username", un);
cmd.Parameters.AddWithValue("@password", pw);
MySqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
string lName, fName, mName;
lName = dr.GetString(2);
fName = dr.GetString(3);
mName = dr.GetString(4);
int userLevelIndex = dr.GetOrdinal("accountLvl");
userLevel = dr.GetString(userLevelIndex);
using (MySqlCommand cmd2 = new MySqlCommand("UPDATE Accounts SET tries = 0", conn.Connection))
{
dr.Close();
dr.Dispose();
cmd2.ExecuteNonQuery();
MessageBox.Show("Login Successful");
}
}
else
{
using (MySqlCommand cmd2 = new MySqlCommand("Select username from Accounts where username = @username", conn.Connection))
{
cmd2.Parameters.AddWithValue("@username", un);
dr.Close();
dr.Dispose();
dr = cmd2.ExecuteReader();
int ordinal = 0;
string value = "";
if (dr.Read())
{
ordinal = dr.GetOrdinal("username");
value = dr.GetString(ordinal);
if (value.Equals(un))
{
using (MySqlCommand cmd3 = new MySqlCommand("UPDATE Accounts SET tries = tries + 1 WHERE username = @username", conn.Connection))
{
cmd3.Parameters.AddWithValue("@username", un);
dr.Close();
dr.Dispose();
cmd3.ExecuteNonQuery();
cmd3.Dispose();
}
}
}
}
MessageBox.Show("Username or Password is invalid");
return;
}
}
Hide();
new Main().ShowDialog();
ShowDialog();
txtPassword.Password = null;
txtUsername.Text = null;
}
else
{
user = txtUsername.Text;
string sMessageBoxText = "Due to multiple login attempts, your account has been locked. \nPlease unlock it to continue.";
string sCaption = "Account Recovery";
MessageBoxButton btnMessageBox = MessageBoxButton.YesNoCancel;
MessageBoxImage icnMessageBox = MessageBoxImage.Warning;
MessageBoxResult dr = MessageBox.Show(sMessageBoxText, sCaption, btnMessageBox, icnMessageBox);
switch (dr)
{
case MessageBoxResult.Yes:
Hide();
new ForgotPassword(txtUsername.Text).ShowDialog();
ShowDialog();
break;
case MessageBoxResult.No: break;
}
}
}
}
private void updateListView()
{
var conn = DBUtils.Instance();
conn.DatabaseName = "medinventSys";
string sql;
if (inventoryType == "ALL")
{
if (string.IsNullOrEmpty(to))
{
sql = "SELECT * from tblinventory where dateExpiry > '" + from + "'";
}
else
{
sql = "SELECT * from tblinventory where dateExpiry between '" + from + "' and '" + to + "'";
}
if (conn.IsConnect())
{
using (var cmd = new MySqlCommand(sql, conn.Connection))
{
lvExpiringInvent.Items.Clear();
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
//2
int inventTypeIndex = reader.GetOrdinal("inventType");
string inventType = Convert.ToString(reader.GetValue(inventTypeIndex));
//3
int codeIndex = reader.GetOrdinal("code");
string code = Convert.ToString(reader.GetValue(codeIndex));
//4
int descIndex = reader.GetOrdinal("descript");
string desc = Convert.ToString(reader.GetValue(descIndex));
//5
int genNameIndex = reader.GetOrdinal("genName");
string genName = Convert.ToString(reader.GetValue(genNameIndex));
//6
int qtyIndex = reader.GetOrdinal("qty");
int qty = Convert.ToInt32(reader.GetValue(qtyIndex));
//7
int unitIndex = reader.GetOrdinal("unit");
string unit = Convert.ToString(reader.GetValue(unitIndex));
//8
int ppUnitIndex = reader.GetOrdinal("priceperUnit");
double ppUnitDouble = Convert.ToDouble(reader.GetValue(ppUnitIndex));
string ppUnit = ppUnitDouble.ToString("F");
//9
int datePurchaseIndex = reader.GetOrdinal("datePurchase");
myDate = Convert.ToDateTime(reader.GetValue(datePurchaseIndex));
string datePurchase = myDate.ToString("dd MMMM yyyy");
//10
int dateExpiryIndex = reader.GetOrdinal("dateExpiry");
string dateExpiry;
if (reader.GetValue(dateExpiryIndex) == DBNull.Value)
{
dateExpiry = "--";
}
else
{
DateTime dateExpiryDate = Convert.ToDateTime(reader.GetValue(dateExpiryIndex));
dateExpiry = dateExpiryDate.ToString("dd MMMM yyyy");
}
//11
int manufIndex = reader.GetOrdinal("manuf");
string manuf = Convert.ToString(reader.GetValue(manufIndex));
//12
int vendorIndex = reader.GetOrdinal("vendor");
string vendor = Convert.ToString(reader.GetValue(vendorIndex));
//13
int branchIndex = reader.GetOrdinal("branch");
string branch = Convert.ToString(reader.GetValue(branchIndex));
expiringInvent.Add(new ListViewStockInReport
{
i = i,
inventType = inventType,
code = code,
desc = desc,
genName = genName,
qty = qty,
unit = unit,
priceperUnit = ppUnit,
datePurchase = datePurchase,
dateExpiry = dateExpiry,
manuf = manuf,
vendor = vendor,
branch = branch
});
i++;
itemcount++;
}
}
}
conn.Close();
}
}
else
{
if (string.IsNullOrEmpty(to))
{
sql = "SELECT * from tblinventory where dateExpiry > '" + from + "' and inventType = '" + inventoryType + "'";
}
else
{
sql = "SELECT * from tblinventory where dateExpiry between '" + from + "' and '" + to + "' and inventType = '" + inventoryType + "'";
}
if (conn.IsConnect())
{
using (var cmd = new MySqlCommand(sql, conn.Connection))
{
lvExpiringInvent.Items.Clear();
using (var reader = cmd.ExecuteReader())
{
//2
int inventTypeIndex = reader.GetOrdinal("inventType");
string inventType = Convert.ToString(reader.GetValue(inventTypeIndex));
//3
int codeIndex = reader.GetOrdinal("code");
string code = Convert.ToString(reader.GetValue(codeIndex));
//4
int descIndex = reader.GetOrdinal("descript");
string desc = Convert.ToString(reader.GetValue(descIndex));
//5
int genNameIndex = reader.GetOrdinal("genName");
string genName = Convert.ToString(reader.GetValue(genNameIndex));
//6
int qtyIndex = reader.GetOrdinal("qty");
int qty = Convert.ToInt32(reader.GetValue(qtyIndex));
//7
int unitIndex = reader.GetOrdinal("unit");
string unit = Convert.ToString(reader.GetValue(unitIndex));
//8
int ppUnitIndex = reader.GetOrdinal("priceperUnit");
double ppUnitDouble = Convert.ToDouble(reader.GetValue(ppUnitIndex));
string ppUnit = ppUnitDouble.ToString("F");
//9
int datePurchaseIndex = reader.GetOrdinal("datePurchase");
myDate = Convert.ToDateTime(reader.GetValue(datePurchaseIndex));
string datePurchase = myDate.ToString("dd MMMM yyyy");
//10
int dateExpiryIndex = reader.GetOrdinal("dateExpiry");
string dateExpiry;
if (reader.GetValue(dateExpiryIndex) == DBNull.Value)
{
dateExpiry = "--";
}
else
{
DateTime dateExpiryDate = Convert.ToDateTime(reader.GetValue(dateExpiryIndex));
dateExpiry = dateExpiryDate.ToString("dd MMMM yyyy");
}
//11
int manufIndex = reader.GetOrdinal("manuf");
string manuf = Convert.ToString(reader.GetValue(manufIndex));
//12
int vendorIndex = reader.GetOrdinal("vendor");
string vendor = Convert.ToString(reader.GetValue(vendorIndex));
//13
int branchIndex = reader.GetOrdinal("branch");
string branch = Convert.ToString(reader.GetValue(branchIndex));
expiringInvent.Add(new ListViewStockInReport
{
i = i,
inventType = inventType,
code = code,
desc = desc,
genName = genName,
qty = qty,
unit = unit,
priceperUnit = ppUnit,
datePurchase = datePurchase,
dateExpiry = dateExpiry,
manuf = manuf,
vendor = vendor,
branch = branch
});
i++;
itemcount++;
}
}
conn.Close();
}
}
}