Example #1
0
        private void SignInButton_Click(object sender, EventArgs e)
        {
            Connect       connect     = Connect.GetInstance();
            SqlCommand    passCommand = new SqlCommand();
            SqlDataReader reader;
            string        hash = "";
            string        salt = "";
            string        mail = "";

            string passSqlQuery = "select email, password, salt from Users where email = @mail";

            connect.OpenConnection();

            passCommand.CommandText = passSqlQuery;
            passCommand.Connection  = connect.GetConnection();
            passCommand.Parameters.Add("@mail", SqlDbType.VarChar).Value = EmailTextBox.Text;
            reader = passCommand.ExecuteReader();
            while (reader.Read())
            {
                mail = Convert.ToString(reader["email"]);
                hash = Convert.ToString(reader["password"]);
                salt = Convert.ToString(reader["salt"]);
            }
            reader.Close();

            if (mail == EmailTextBox.Text && SaltedHash.Verify(salt, hash, PasswordTextBox.Text))
            {
                OrdinaryUser user     = new OrdinaryUser(this);
                MainMenu     mainMenu = new MainMenu();
                Menu         menu     = new Menu(mainMenu, user);
                mainMenu.SetMenu(menu);
                this.Hide();
                MessageBox.Show("Welcome to the MoneyManager2020!", "Success");
                mainMenu.Show();
                connect.CloseConnection();
            }

            else
            {
                connect.CloseConnection();
                if (EmailTextBox.Text.Trim().Equals(""))
                {
                    MessageBox.Show("Enter your email", "Email field is empty", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                }
                else if (PasswordTextBox.Text.Trim().Equals(""))
                {
                    MessageBox.Show("Enter your password", "Password field is empty", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                }
                else
                {
                    MessageBox.Show("Wrong email or password", "Invalid data", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                }
            }
        }
Example #2
0
        private void AdminSignInButton_Click(object sender, EventArgs e)
        {
            Connect        connect  = Connect.GetInstance();
            DataTable      table    = new DataTable();
            SqlDataAdapter adapter  = new SqlDataAdapter();
            SqlCommand     command  = new SqlCommand();
            string         sqlQuery = "select * from Admins where email = @mail and password = @pass;";

            command.CommandText = sqlQuery;
            command.Connection  = connect.GetConnection();
            command.Parameters.Add("@mail", SqlDbType.VarChar).Value = EmailTextBox.Text;
            command.Parameters.Add("@pass", SqlDbType.VarChar).Value = PasswordTextBox.Text;

            adapter.SelectCommand = command;
            adapter.Fill(table);

            if (table.Rows.Count > 0)
            {
                Admin         admin    = new Admin(this);
                AdminMenuForm menuForm = new AdminMenuForm();
                AdminMenu     menu     = new AdminMenu(menuForm, admin);
                menuForm.SetMenu(menu);
                this.Hide();
                MessageBox.Show("Welcome to the MoneyManager2020 admin mode!", "Success");
                menuForm.Show();
                connect.CloseConnection();
            }

            else
            {
                if (EmailTextBox.Text.Trim().Equals(""))
                {
                    MessageBox.Show("Enter your email", "Email field is empty", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                }
                else if (PasswordTextBox.Text.Trim().Equals(""))
                {
                    MessageBox.Show("Enter your password", "Password field is empty", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                }
                else
                {
                    MessageBox.Show("Wrong email or password", "Invalid data", MessageBoxButtons.OK, MessageBoxIcon.Warning);
                }
            }
        }
Example #3
0
        private void SignUpButton_Click(object sender, EventArgs e)
        {
            Connect        connect      = Connect.GetInstance();
            DataTable      table        = new DataTable();
            SqlDataAdapter adapter      = new SqlDataAdapter();
            SqlCommand     command      = new SqlCommand();
            SqlCommand     checkCommand = new SqlCommand();
            SqlDataReader  reader;
            bool           isUserExist = false;
            string         sqlQuery    = "select * from Users where email = \'@log\' and password = \'@pass\';";
            string         checkQuery  = "select * from Users;";
            string         pattern     = @"^(?("")(""[^""]+?""@)|(([0-9a-z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=[0-9a-z])@))" +
                                         @"(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-z][-\w]*[0-9a-z]*\.)+[a-z0-9]{2,17}))$";

            connect.OpenConnection();
            checkCommand.CommandText = checkQuery;
            checkCommand.Connection  = connect.GetConnection();
            reader = checkCommand.ExecuteReader();
            while (reader.Read())
            {
                if (EmailTextBox.Text == reader["email"].ToString())
                {
                    isUserExist = true;
                    reader.Close();
                    break;
                }
            }
            reader.Close();

            command.CommandText = sqlQuery;
            command.Connection  = connect.GetConnection();

            if (Regex.IsMatch(EmailTextBox.Text, pattern, RegexOptions.IgnoreCase))
            {
                if (PasswordTextBox.Text.Length > 4)
                {
                    SaltedHash hashPass = new SaltedHash(PasswordTextBox.Text);

                    command.Parameters.Add("@mail", SqlDbType.VarChar).Value = EmailTextBox.Text;
                    command.Parameters.Add("@pass", SqlDbType.VarChar).Value = hashPass.Hash;
                    command.Parameters.Add("@salt", SqlDbType.VarChar).Value = hashPass.Salt;


                    adapter.SelectCommand = command;
                    adapter.Fill(table);

                    if (!isUserExist)
                    {
                        string     sqlQuery1 = "insert into Users(email, password, salt) values(@mail, @pass, @salt);";
                        SqlCommand command1  = new SqlCommand();
                        command.Connection  = connect.GetConnection();
                        command.CommandText = sqlQuery1;
                        command.ExecuteNonQuery();
                        connect.CloseConnection();

                        OrdinaryUser user     = new OrdinaryUser(this);
                        MainMenu     mainMenu = new MainMenu();
                        Menu         menu     = new Menu(mainMenu, user);
                        mainMenu.SetMenu(menu);
                        MessageBox.Show("Your account was signed up", "Success", MessageBoxButtons.OK, MessageBoxIcon.Information);
                        this.Hide();
                        MessageBox.Show("Welcome to the MoneyManager2020!", "Success");
                        mainMenu.Show();
                    }
                    else
                    {
                        MessageBox.Show("User with this email is already exist!", "Used email", MessageBoxButtons.OK, MessageBoxIcon.Error);
                    }
                }
                else
                {
                    MessageBox.Show("Password must be longer than 5 symbols!", "Invalid password", MessageBoxButtons.OK, MessageBoxIcon.Error);
                }
            }
            else
            {
                MessageBox.Show("Invalid email adress!", "Invalid email", MessageBoxButtons.OK, MessageBoxIcon.Error);
            }
        }