protected void btnSubmit_Click(object sender, EventArgs e)
    {
        if (!ddlEndDateValidateAllOrNoneSet.IsValid ||
            !ddlStartDateValidateAllOrNoneSet.IsValid)
        {
            return;
        }

        txtPwd.Attributes["value"] = txtPwd.Text;  // pwd fields is unset on send back to server, so re-set it

        if (GetUrlParamType() == UrlParamType.View)
        {
            Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "edit"));
        }
        else if (GetUrlParamType() == UrlParamType.Edit)
        {
            Staff staff = StaffDB.GetByID(Convert.ToInt32(this.lblId.Text));

            if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (StaffDB.LoginExists(txtLogin.Text, staff.StaffID))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6)
            {
                SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters");
                return;
            }

            bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]);
            bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]);


            PersonDB.Update(staff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), staff.Person.Nickname, ddlGender.SelectedValue, staff.Person.Dob, DateTime.Now);
            StaffDB.Update(staff.StaffID, staff.Person.PersonID, txtLogin.Text, txtPwd.Text, staff.StaffPosition.StaffPositionID, staff.Field.ID, staff.CostCentre.CostCentreID,
                           staff.IsContractor, staff.Tfn, staff.ProviderNumber,
                           ddlStatus.SelectedValue == "Inactive", staff.IsCommission, staff.CommissionPercent,
                           staff.IsStakeholder, staff.IsMasterAdmin, staff.IsAdmin, staff.IsPrincipal, staff.IsProvider, staff.IsExternal,
                           GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, staff.EnableDailyReminderSMS, staff.EnableDailyReminderEmail, staff.HideBookingNotes);

            if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text)
            {
                UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString());
                UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString());
            }

            Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "view"));
        }
        else if (GetUrlParamType() == UrlParamType.Add)
        {
            if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (StaffDB.LoginExists(txtLogin.Text))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (txtPwd.Text.Length < 6)
            {
                SetErrorMessage("Password must be at least 6 characters");
                return;
            }


            int  person_id    = -1;
            int  staff_id     = -1;
            bool staff_added  = false;
            int  mainDbUserID = -1;

            try
            {
                if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
                {
                    mainDbUserID = UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
                }

                Staff loggedInStaff = StaffDB.GetByID(Convert.ToInt32(Session["StaffID"]));
                person_id = PersonDB.Insert(loggedInStaff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), "", ddlGender.SelectedValue, DateTime.MinValue);
                staff_id  = StaffDB.Insert(person_id, txtLogin.Text, txtPwd.Text, StaffPositionDB.GetByDescr("Unknown").StaffPositionID, 0, 59,
                                           false, "", "",
                                           ddlStatus.SelectedValue == "Inactive", false, 0,
                                           false, false, false, false, false, true,
                                           GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, false, false, false);
                staff_added = true;

                string url = Request.RawUrl;
                url = UrlParamModifier.AddEdit(url, "type", "view");
                url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString());
                Response.Redirect(url);
            }
            catch (Exception)
            {
                if (staff_added)
                {
                    string url = Request.RawUrl;
                    url = UrlParamModifier.AddEdit(url, "type", "view");
                    url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString());
                    Response.Redirect(url);
                    return;
                }

                // roll back - backwards of creation order
                PersonDB.Delete(person_id);
                if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
                {
                    UserDatabaseMapperDB.Delete(mainDbUserID);
                }

                throw;
            }
        }
        else
        {
            HideTableAndSetErrorMessage();
        }
    }
    protected void GrdStaff_RowCommand(object sender, GridViewCommandEventArgs e)
    {
        if (e.CommandName.Equals("Insert"))
        {
            CustomValidator txtValidateDOB = (CustomValidator)GrdStaff.FooterRow.FindControl("txtValidateNewDOB");
            if (!txtValidateDOB.IsValid)
            {
                return;
            }

            DropDownList ddlTitle      = (DropDownList)GrdStaff.FooterRow.FindControl("ddlNewTitle");
            TextBox      txtFirstname  = (TextBox)GrdStaff.FooterRow.FindControl("txtNewFirstname");
            TextBox      txtMiddlename = (TextBox)GrdStaff.FooterRow.FindControl("txtNewMiddlename");
            TextBox      txtSurname    = (TextBox)GrdStaff.FooterRow.FindControl("txtNewSurname");
            DropDownList ddlGender     = (DropDownList)GrdStaff.FooterRow.FindControl("ddlNewGender");
            TextBox      txtDOB        = (TextBox)GrdStaff.FooterRow.FindControl("txtNewDOB");

            TextBox txtLogin = (TextBox)GrdStaff.FooterRow.FindControl("txtNewLogin");
            TextBox txtPwd   = (TextBox)GrdStaff.FooterRow.FindControl("txtNewPwd");


            //DropDownList ddlStaffPosition     = (DropDownList)GrdStaff.FooterRow.FindControl("ddlNewStaffPosition");
            DropDownList ddlField             = (DropDownList)GrdStaff.FooterRow.FindControl("ddlNewField");
            CheckBox     chkContractor        = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewContractor");
            TextBox      txtTFN               = (TextBox)GrdStaff.FooterRow.FindControl("txtNewTFN");
            DropDownList ddlStatus            = (DropDownList)GrdStaff.FooterRow.FindControl("ddlStatus");
            DropDownList ddlCostCentre        = (DropDownList)GrdStaff.FooterRow.FindControl("ddlNewCostCentre");
            TextBox      txtProviderNumber    = (TextBox)GrdStaff.FooterRow.FindControl("txtNewProviderNumber");
            CheckBox     chkIsCommission      = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewIsCommission");
            TextBox      txtCommissionPercent = (TextBox)GrdStaff.FooterRow.FindControl("txtNewCommissionPercent");

            CheckBox chkIsStakeholder = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewIsStakeholder");
            CheckBox chkIsAdmin       = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewIsAdmin");
            CheckBox chkIsMasterAdmin = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewIsMasterAdmin");
            CheckBox chkIsPrincipal   = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewIsPrincipal");
            CheckBox chkIsProvider    = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewIsProvider");
            CheckBox chkSMSBKs        = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewSMSBKs");
            CheckBox chkEmailBKs      = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewEmailBKs");
            CheckBox chkHideBKNotes   = (CheckBox)GrdStaff.FooterRow.FindControl("chkNewHideBKNotes");



            if (chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value)))
            {
                SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to add them. Contact Mediclinic if you would like to upgrade your account.");
                return;
            }


            if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (StaffDB.LoginExists(txtLogin.Text))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (txtPwd.Text.Length < 6)
            {
                SetErrorMessage("Password must be at least 6 characters");
                return;
            }


            DateTime dob = GetDate(txtDOB.Text.Trim());

            int person_id    = -1;
            int mainDbUserID = -1;

            try
            {
                if (!!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
                {
                    mainDbUserID = UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
                }

                if (chkIsMasterAdmin.Checked)
                {
                    chkIsAdmin.Checked = true;
                }

                Staff loggedInStaff = StaffDB.GetByID(Convert.ToInt32(Session["StaffID"]));
                person_id = PersonDB.Insert(loggedInStaff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), "", ddlGender.SelectedValue, dob);
                StaffDB.Insert(person_id, txtLogin.Text, txtPwd.Text, StaffPositionDB.GetByDescr("Unknown").StaffPositionID, Convert.ToInt32(ddlField.SelectedValue), Convert.ToInt32(ddlCostCentre.SelectedValue),
                               chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(),
                               ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text),
                               chkIsStakeholder.Checked, chkIsMasterAdmin.Checked, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, false,
                               DateTime.Today, DateTime.MinValue, "", chkSMSBKs.Checked, chkEmailBKs.Checked, chkHideBKNotes.Checked);

                FillGrid();
            }
            catch (Exception)
            {
                // roll back - backwards of creation order
                PersonDB.Delete(person_id);
                if (!!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
                {
                    UserDatabaseMapperDB.Delete(mainDbUserID);
                }
            }
        }
    }
    protected void GrdStaff_RowCommand(object sender, GridViewCommandEventArgs e)
    {
        if (e.CommandName.Equals("Insert"))
        {
            CustomValidator txtValidateDOB = (CustomValidator)GrdStaff.FooterRow.FindControl("txtValidateNewDOB");
            if (!txtValidateDOB.IsValid)
            {
                return;
            }

            DropDownList ddlTitle      = (DropDownList)GrdStaff.FooterRow.FindControl("ddlNewTitle");
            TextBox      txtFirstname  = (TextBox)GrdStaff.FooterRow.FindControl("txtNewFirstname");
            TextBox      txtMiddlename = (TextBox)GrdStaff.FooterRow.FindControl("txtNewMiddlename");
            TextBox      txtSurname    = (TextBox)GrdStaff.FooterRow.FindControl("txtNewSurname");
            DropDownList ddlGender     = (DropDownList)GrdStaff.FooterRow.FindControl("ddlNewGender");

            TextBox      txtLogin  = (TextBox)GrdStaff.FooterRow.FindControl("txtNewLogin");
            TextBox      txtPwd    = (TextBox)GrdStaff.FooterRow.FindControl("txtNewPwd");
            DropDownList ddlStatus = (DropDownList)GrdStaff.FooterRow.FindControl("ddlStatus");


            if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (StaffDB.LoginExists(txtLogin.Text))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (txtPwd.Text.Length < 6)
            {
                SetErrorMessage("Password must be at least 6 characters");
                return;
            }


            DateTime dob = DateTime.MinValue;

            int person_id    = -1;
            int mainDbUserID = -1;

            try
            {
                if (!!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
                {
                    mainDbUserID = UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
                }

                Staff loggedInStaff = StaffDB.GetByID(Convert.ToInt32(Session["StaffID"]));
                person_id = PersonDB.Insert(loggedInStaff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), "", ddlGender.SelectedValue, dob);
                StaffDB.Insert(person_id, txtLogin.Text, txtPwd.Text, StaffPositionDB.GetByDescr("Unknown").StaffPositionID, 0, 59,
                               false, "", "",
                               ddlStatus.SelectedValue == "Inactive", false, 0,
                               false, false, false, false, false, true,
                               DateTime.Today, DateTime.MinValue, "", false, false);

                FillGrid();
            }
            catch (Exception)
            {
                // roll back - backwards of creation order
                PersonDB.Delete(person_id);
                if (!!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
                {
                    UserDatabaseMapperDB.Delete(mainDbUserID);
                }
            }
        }
    }
Exemple #4
0
    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        if (!ddlEndDateValidateAllOrNoneSet.IsValid ||
            !ddlStartDateValidateAllOrNoneSet.IsValid ||
            !ddlDOBValidateAllOrNoneSet.IsValid)
        {
            return;
        }

        txtPwd.Attributes["value"] = txtPwd.Text;  // pwd fields is unset on send back to server, so re-set it

        if (GetUrlParamType() == UrlParamType.View)
        {
            Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "edit"));
        }
        else if (GetUrlParamType() == UrlParamType.Edit)
        {
            Staff staff = StaffDB.GetByID(Convert.ToInt32(this.lblId.Text));

            if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (StaffDB.LoginExists(txtLogin.Text, staff.StaffID))
            {
                SetErrorMessage("Login name already in use by another user");
                return;
            }
            if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6)
            {
                SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters");
                return;
            }

            bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]);
            bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]);
            bool setIsStakeholder          = loggedInUserIsStakeholder ? chkIsStakeholder.Checked : staff.IsStakeholder;
            bool setIsMasterAdmin          = loggedInUserIsStakeholder || loggedInUserIsMasterAdmin ? chkIsMasterAdmin.Checked : staff.IsMasterAdmin;

            if (!staff.IsProvider && chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value)))
            {
                SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to update them or hit cancel. Contact Mediclinic if you would like to upgrade your account.");
                return;
            }


            if (chkIsProvider.Checked)
            {
                System.Data.DataTable tbl = DBBase.GetGenericDataTable_WithWhereOrderClause(null, "Field", "has_offerings=1 AND field_id <> 0", "", "field_id", "descr");

                bool         roleSetAsProvider = false;
                IDandDescr[] fields            = new IDandDescr[tbl.Rows.Count];
                for (int i = 0; i < tbl.Rows.Count; i++)
                {
                    fields[i] = new IDandDescr(Convert.ToInt32(tbl.Rows[i]["field_id"]), tbl.Rows[i]["descr"].ToString());
                    if (Convert.ToInt32(ddlField.SelectedValue) == Convert.ToInt32(tbl.Rows[i]["field_id"]))
                    {
                        roleSetAsProvider = true;
                    }
                }

                if (!roleSetAsProvider)
                {
                    if (fields.Length == 1)
                    {
                        SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "'.");
                        return;
                    }
                    else if (fields.Length == 2)
                    {
                        SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "' or '" + fields[1].Descr + "'.");
                        return;
                    }
                    else
                    {
                        string providerFields = string.Empty;
                        for (int i = 0; i < fields.Length; i++)
                        {
                            providerFields += (providerFields.Length == 0 ? "" : ", ") + (fields.Length >= 2 && i == (fields.Length - 2) ? "or " : "") + fields[i].Descr;
                        }

                        SetErrorMessage("When setting a staff member as a provider, you need to set their Role as one of the following: " + providerFields);
                        return;
                    }
                }
            }



            if (chkIsMasterAdmin.Checked)
            {
                chkIsAdmin.Checked = true;
            }

            PersonDB.Update(staff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), staff.Person.Nickname, ddlGender.SelectedValue, GetDOBFromForm(), DateTime.Now);
            StaffDB.Update(staff.StaffID, staff.Person.PersonID, txtLogin.Text, txtPwd.Text, staff.StaffPosition.StaffPositionID, Convert.ToInt32(ddlField.SelectedValue), staff.CostCentre.CostCentreID,
                           chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(),
                           ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text),
                           setIsStakeholder, setIsMasterAdmin, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, staff.IsExternal,
                           GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, chkSMSBKs.Checked, chkEmailBKs.Checked);

            if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text)
            {
                UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString());
                if (curDBMapper == null)
                {
                    UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
                }
                else
                {
                    UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString());
                }
            }

            Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "view"));
        }
        else if (GetUrlParamType() == UrlParamType.Add)
        {
            if (chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value)))
            {
                SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to add them. Contact Mediclinic if you would like to upgrade your account.");
                return;
            }

            if (chkIsProvider.Checked)
            {
                System.Data.DataTable tbl = DBBase.GetGenericDataTable_WithWhereOrderClause(null, "Field", "has_offerings=1 AND field_id <> 0", "", "field_id", "descr");

                bool         roleSetAsProvider = false;
                IDandDescr[] fields            = new IDandDescr[tbl.Rows.Count];
                for (int i = 0; i < tbl.Rows.Count; i++)
                {
                    fields[i] = new IDandDescr(Convert.ToInt32(tbl.Rows[i]["field_id"]), tbl.Rows[i]["descr"].ToString());
                    if (Convert.ToInt32(ddlField.SelectedValue) == Convert.ToInt32(tbl.Rows[i]["field_id"]))
                    {
                        roleSetAsProvider = true;
                    }
                }

                if (!roleSetAsProvider)
                {
                    if (fields.Length == 1)
                    {
                        SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "'.");
                        return;
                    }
                    else if (fields.Length == 2)
                    {
                        SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "' or '" + fields[1].Descr + "'.");
                        return;
                    }
                    else
                    {
                        string providerFields = string.Empty;
                        for (int i = 0; i < fields.Length; i++)
                        {
                            providerFields += (providerFields.Length == 0 ? "" : ", ") + (fields.Length >= 2 && i == (fields.Length - 2) ? "or " : "") + fields[i].Descr;
                        }

                        SetErrorMessage("When setting a staff member as a provider, you need to set their Role as one of the following: " + providerFields);
                        return;
                    }
                }
            }

            if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && UserDatabaseMapperDB.UsernameExists(txtLogin.Text))
            {
                lblErrorMessage.Text    = "Login name already in use by another user";
                lblErrorMessage.Visible = true;
                return;
            }
            if (StaffDB.LoginExists(txtLogin.Text))
            {
                lblErrorMessage.Text    = "Login name already in use by another user";
                lblErrorMessage.Visible = true;
                return;
            }
            if (txtPwd.Text.Length < 6)
            {
                SetErrorMessage("Password must be at least 6 characters");
                return;
            }


            int  person_id    = -1;
            int  staff_id     = -1;
            bool staff_added  = false;
            int  mainDbUserID = -1;

            try
            {
                if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
                {
                    mainDbUserID = UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString());
                }

                bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]);
                bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]);
                bool setIsStakeholder          = loggedInUserIsStakeholder ? chkIsStakeholder.Checked : false;
                bool setIsMasterAdmin          = loggedInUserIsStakeholder || loggedInUserIsMasterAdmin ? chkIsMasterAdmin.Checked : false;

                if (chkIsMasterAdmin.Checked)
                {
                    chkIsAdmin.Checked = true;
                }

                Staff loggedInStaff = StaffDB.GetByID(Convert.ToInt32(Session["StaffID"]));
                person_id = PersonDB.Insert(loggedInStaff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), "", ddlGender.SelectedValue, GetDOBFromForm());
                staff_id  = StaffDB.Insert(person_id, txtLogin.Text, txtPwd.Text, StaffPositionDB.GetByDescr("Unknown").StaffPositionID, Convert.ToInt32(ddlField.SelectedValue), 59,
                                           chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(),
                                           ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text),
                                           setIsStakeholder, setIsMasterAdmin, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, false,
                                           GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, chkSMSBKs.Checked, chkEmailBKs.Checked);
                staff_added = true;

                string url = Request.RawUrl;
                url = UrlParamModifier.AddEdit(url, "type", "view");
                url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString());
                Response.Redirect(url);
            }
            catch (Exception)
            {
                if (staff_added)
                {
                    string url = Request.RawUrl;
                    url = UrlParamModifier.AddEdit(url, "type", "view");
                    url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString());
                    Response.Redirect(url);
                    return;
                }

                // roll back - backwards of creation order
                PersonDB.Delete(person_id);
                if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]))
                {
                    UserDatabaseMapperDB.Delete(mainDbUserID);
                }

                throw;
            }
        }
        else
        {
            HideTableAndSetErrorMessage();
        }
    }