protected void btnAdd_Click(object sender, EventArgs e)
{
Int32 proId = Convert.ToInt32(Session["s_projectId"]);
DateTime startDate = DateTime.Parse(lblSDate.Text);
DateTime endDate = DateTime.Parse(lblEDate.Text);
string sqlInsertSprint = "INSERT INTO tbl_Sprints ([Project_Id], [Sprint_Name], [Start],[End]) VALUES (@proid, @sprintName, @start, @end)";
SqlCommand cmdInsertSprint = new SqlCommand(sqlInsertSprint, Connections.ApplicationConnection());
cmdInsertSprint.Parameters.AddWithValue("@proid", proId);
cmdInsertSprint.Parameters.AddWithValue("@sprintName", txtSprintName.Text);
cmdInsertSprint.Parameters.AddWithValue("@start", startDate);
cmdInsertSprint.Parameters.AddWithValue("@end", endDate);
cmdInsertSprint.ExecuteNonQuery();
txtSprintName.Text = "";
lblEDate.Text = "";
lblSDate.Text = "";
Response.Redirect("Sprints.aspx");
}
//on rown command for gvProduct backlog
protected void gvProductBacklog_RowCommand(object sender, GridViewCommandEventArgs e)
{
if (e.CommandName == "Add")
{
var clickedButton = e.CommandSource as Button;
var clickedRow = clickedButton.NamingContainer as GridViewRow;
Int32 sprintId = Convert.ToInt32(Session["s_sprintId"]);
Int32 productBacklogid = Convert.ToInt32(clickedRow.Cells[0].Text);
string sqlInsertUserStory = "INSERT INTO tbl_SprintBacklog ([SprintId],[BacklogId]) VALUES (@sprintId, @backlogId)";
SqlCommand cmdInsertUserStory = new SqlCommand(sqlInsertUserStory, Connections.ApplicationConnection());
cmdInsertUserStory.Parameters.AddWithValue("@sprintId", sprintId);
cmdInsertUserStory.Parameters.AddWithValue("@backlogId", productBacklogid);
cmdInsertUserStory.ExecuteNonQuery();
gvSprintBacklog.DataBind();
gvProductBacklog.DataBind();
}
}
protected void btnUpdateHours_Click(object sender, EventArgs e)
{
int taskId = Convert.ToInt32(lblId.Text);
int hoursLeft = Convert.ToInt32(txtHoursLeft.Text);
int complete = 0;
if (hoursLeft == 0)
{
complete = 1;
}
string sqlUpdateHours = "UPDATE tbl_SprintBacklogTasks SET HoursLeft = @hoursLeft, Complete = @complete WHERE Id = @id";
SqlCommand cmdUpdateHours = new SqlCommand(sqlUpdateHours, Connections.ApplicationConnection());
cmdUpdateHours.Parameters.AddWithValue("@hoursLeft", hoursLeft);
cmdUpdateHours.Parameters.AddWithValue("@complete", complete);
cmdUpdateHours.Parameters.AddWithValue("@id", taskId);
cmdUpdateHours.ExecuteNonQuery();
txtHoursLeft.Text = "";
Response.Redirect("SprintBacklogTasks.aspx");
}
protected void btnAddTask_Click(object sender, EventArgs e)
{
if (txtTaskName.Text == "" || txtInitialHours.Text == "")
{
lblError.Visible = true;
}
else
{
string sqlInsertTask = "INSERT INTO tbl_SprintBacklogTasks (SprintBacklogId,TaskName, InitialHours, HoursLeft, Complete) VALUES (@sprintBacklogId, @taskName, @initialHours, @hoursLeft, @complete)";
SqlCommand cmdInsertTask = new SqlCommand(sqlInsertTask, Connections.ApplicationConnection());
cmdInsertTask.Parameters.AddWithValue("@sprintBacklogId", Convert.ToInt32(Session["s_sprintBacklogId"]));
cmdInsertTask.Parameters.AddWithValue("@taskName", txtTaskName.Text);
cmdInsertTask.Parameters.AddWithValue("@initialHours", Convert.ToInt32(txtInitialHours.Text));
cmdInsertTask.Parameters.AddWithValue("@hoursLeft", Convert.ToInt32(txtInitialHours.Text));
cmdInsertTask.Parameters.AddWithValue("@complete", Convert.ToInt32(0));
cmdInsertTask.ExecuteNonQuery();
gvSprintBacklogTasks.DataBind();
txtTaskName.Text = "";
txtInitialHours.Text = "";
}
}
protected void GridViewTeamScrum_RowCommand(object sender, GridViewCommandEventArgs e)
{
//need to check which command has been selected if we need to add extra buttons
var clickedButton = e.CommandSource as Button;
var clickedRow = clickedButton.NamingContainer as GridViewRow;
HiddenField userId = clickedRow.FindControl("HiddenFieldId") as HiddenField;
string sqlInsertScrumMaster = "INSERT INTO tbl_ProjectPersonnel (User_ID, Project_ID, User_RoleCode) VALUES (@userid,@projectid,@userrolecode)";
SqlCommand cmdInsertScrumMaster = new SqlCommand(sqlInsertScrumMaster, Connections.ApplicationConnection());
cmdInsertScrumMaster.Parameters.AddWithValue("@userid", userId.Value);
cmdInsertScrumMaster.Parameters.AddWithValue("@projectid", Session["projectId"]);
cmdInsertScrumMaster.Parameters.AddWithValue("@userrolecode", 30);
cmdInsertScrumMaster.ExecuteNonQuery();
successAlertMessagePM.Visible = true;
//get project title
String sqlProjectTitle = "SELECT Title FROM [tbl_Projects] WHERE ([Id] = @projectid)";
SqlCommand cmdProTitle = new SqlCommand(sqlProjectTitle, Connections.ApplicationConnection());
cmdProTitle.Parameters.AddWithValue("@projectid", Session["projectId"]);
string projectTitle = (string)cmdProTitle.ExecuteScalar();
//send email
string name = clickedRow.Cells[0].Text + " " + clickedRow.Cells[1].Text;
string emailHeader = "New Project Manager";
string emailSubject = "You Have Been Made The Project Manager For - " + projectTitle;
MailAddress emailAddress = new MailAddress(clickedRow.Cells[2].Text);
string emailBody = "Dear " + name + " you have been made a scrum master for the project - " + projectTitle;
Email.SendEmail(emailAddress, emailHeader, emailSubject, emailBody);
}
protected void btnInsertUserStory_Click(object sender, EventArgs e)
{
hideAllPanels();
pnlAddUserStory.Visible = true;
int projectId = Convert.ToInt32(Session["s_ProjectId"]);
string sqlInsertUserStory = "INSERT INTO tbl_ProductBacklog (ProjectId,UserStory,Value) VALUES(@projectId,@userStory,@value)";
SqlCommand cmdInsertUserStory = new SqlCommand(sqlInsertUserStory, Connections.ApplicationConnection());
cmdInsertUserStory.Parameters.AddWithValue("@projectId", projectId);
cmdInsertUserStory.Parameters.AddWithValue("@userStory", txtUserStory.Text.ToString());
cmdInsertUserStory.Parameters.AddWithValue("@value", Convert.ToInt32(txtMarketValue.Text));
cmdInsertUserStory.ExecuteNonQuery();
txtUserStory.Text = "";
txtMarketValue.Text = "";
hideAllPanels();
pnlBacklog.Visible = true;
gvProductBacklog.DataBind();
}
//updates password
protected void btnSubmitPassword_Click(object sender, EventArgs e)
{
bool validUser = false;
string enteredNumber = txtConfirmNumber.Text;
string enteredKey = txtKey.Text;
//db values
string dbNumber = "";
string dbKey = "";
//gets values from db
using (SqlConnection conn = Connections.ApplicationConnection())
{
//check against db
SqlCommand cmdCheckDetails = new SqlCommand("SELECT TOP 1 Number,EmailKey FROM tbl_changePassword WHERE Number = @number ORDER BY Id Desc", conn);
cmdCheckDetails.Parameters.AddWithValue("@number", enteredNumber);
SqlDataReader sqldrCheckDetails = cmdCheckDetails.ExecuteReader();
while (sqldrCheckDetails.Read())
{
dbNumber = sqldrCheckDetails["Number"].ToString();
dbKey = sqldrCheckDetails["EmailKey"].ToString();
if (enteredNumber.Equals(dbNumber) && enteredKey.Equals(dbKey))
{
validUser = true;
}
else
{
lblErrorText.Text = "The Number / Key Combination You Have Entered Is Incorrect";
}
}
sqldrCheckDetails.Close();
//update password is if bool valid user is true
if (validUser == true)
{
//check passwords match
if (txtPassword.Text.Equals(txtConfirmPassword.Text))
{
string numberToUpdate = enteredNumber;
string encPassword = Encrypt.Encryption(txtPassword.Text);
//update table
SqlCommand cmdUpdatePassword = new SqlCommand("UPDATE tbl_user SET Password = @password WHERE Number = @number", conn);
cmdUpdatePassword.Parameters.AddWithValue("@password", encPassword);
cmdUpdatePassword.Parameters.AddWithValue("@number", numberToUpdate);
cmdUpdatePassword.ExecuteNonQuery();
txtConfirmNumber.Text = "";
txtKey.Text = "";
//delete records from tbl_change password
SqlCommand cmdDeleteKeys = new SqlCommand("DELETE FROM tbl_changePassword WHERE Number = @number", conn);
cmdDeleteKeys.Parameters.AddWithValue("@number", numberToUpdate);
cmdDeleteKeys.ExecuteNonQuery();
lblErrorText.CssClass = "text-success";
lblErrorText.Text = "Your Password Has Successfully Been Changed You Can Now <a href='Login.aspx'>Login</a>";
}
else
{
lblErrorText.Text = "Passwords Entered Do Not Match";
}
}
conn.Close();
//end connection
}
}
//row command takes the value of the row the button was clicked on
protected void gvPersonnel_RowCommand(object sender, GridViewCommandEventArgs e)
{
if (e.CommandName == "Add")
{
var clickedButton = e.CommandSource as Button;
var clickedRow = clickedButton.NamingContainer as GridViewRow;
int projectId = Convert.ToInt32(Session["s_lastCreatedProjectId"]);
int userId = Convert.ToInt32(clickedRow.Cells[0].Text);
int initialRoleCode = 50;
Debug.WriteLine("PROJECT ID: " + projectId + " USER ID: " + userId);
//insert into db
string sqlInsertProjectPersonnel = "INSERT INTO tbl_ProjectPersonnel (Project_Id,User_Id,User_RoleCode) VALUES (@projectId, @userId, @roleCode)";
SqlCommand cmdInsertPersonnel = new SqlCommand(sqlInsertProjectPersonnel, Connections.ApplicationConnection());
cmdInsertPersonnel.Parameters.AddWithValue("@projectId", projectId);
cmdInsertPersonnel.Parameters.AddWithValue("@userId", userId);
cmdInsertPersonnel.Parameters.AddWithValue("@roleCode", initialRoleCode);
cmdInsertPersonnel.ExecuteNonQuery();
//send email
string projectTitle = Session["s_projectTitle"].ToString();
string name = clickedRow.Cells[2].Text + " " + clickedRow.Cells[3].Text;
string emailHeader = "Added To Project";
string emailSubject = "You Have Been Added To The Project - " + projectTitle;
MailAddress emailAddress = new MailAddress(clickedRow.Cells[1].Text);
string emailBody = "Dear " + name + " you have been added as personnel for the project - " + projectTitle;
Debug.WriteLine("EMAIL ADDRESS : " + emailAddress);
Email.SendEmail(emailAddress, emailHeader, emailSubject, emailBody);
hideAllPanels();
pnlProjectPersonnel.Visible = true;
msgAddedUserSuccess.Visible = true;
}
}
protected void btnSubmitComponent_Click(object sender, EventArgs e)
{
using (SqlConnection conn = Connections.ApplicationConnection())
{
if (ddlComponentType.SelectedItem.Text != "-- Select Component Type --")
{
//if overall
if (ddlComponentType.SelectedItem.Text == "Overall")
{
SqlCommand cmdInsertOverall = new SqlCommand("INSERT INTO tbl_moduleComponents (ModuleId, ComponentTypeCode, CourseId) Values(@moduleId, @componentTypeCode, @courseId)", conn);
cmdInsertOverall.Parameters.AddWithValue("@moduleId", Convert.ToInt32(Session["s_moduleId"]));
cmdInsertOverall.Parameters.AddWithValue("@componentTypeCode", Convert.ToInt32(ddlComponentType.SelectedValue));
cmdInsertOverall.Parameters.AddWithValue("@courseId", Convert.ToInt32(Session["s_courseId"]));
try
{
cmdInsertOverall.ExecuteNonQuery();
}
catch (Exception ex)
{
throw ex;
}
finally
{
conn.Close();
ddlComponentType.ClearSelection();
gvBreakdown.DataBind();
HideAllPanels();
pnlBreakDown.Visible = true;
}
}
//rest of types
else
{
Int32 percentage = Convert.ToInt32(txtPercentage.Text);
if (percentage > 100)
{
lblError.Text = "Please Enter A Percentage Less Than 100%";
}
else
{
SqlCommand cmdInsertComponent = new SqlCommand("INSERT INTO tbl_moduleComponents (ModuleId, ComponentTypeCode, CourseId, Percentage) Values(@moduleId, @componentTypeCode, @courseId, @percentage)", conn);
cmdInsertComponent.Parameters.AddWithValue("@moduleId", Convert.ToInt32(Session["s_moduleId"]));
cmdInsertComponent.Parameters.AddWithValue("@componentTypeCode", Convert.ToInt32(ddlComponentType.SelectedValue));
cmdInsertComponent.Parameters.AddWithValue("@courseId", Convert.ToInt32(Session["s_courseId"]));
cmdInsertComponent.Parameters.AddWithValue("@percentage", Convert.ToInt32(percentage));
try
{
cmdInsertComponent.ExecuteNonQuery();
}
catch (Exception ex)
{
throw ex;
}
finally
{
conn.Close();
ddlComponentType.ClearSelection();
txtPercentage.Text = "";
gvBreakdown.DataBind();
HideAllPanels();
pnlBreakDown.Visible = true;
}
}
}
}
else
{
lblError.Text = "Please Select A Valid Component Type";
}
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
Int32 loginNumber = Convert.ToInt32(txtLoginNumber.Text);
string loginPlainPassword = Convert.ToString(txtLoginPassword.Text);
//passes loginPlainPassword to Encryption to allow it to be compoared to the db value
string loginEncryptedPassword = Encrypt.Encryption(loginPlainPassword);
//store student number in session
Session["s_loggedNumber"] = Convert.ToString(loginNumber);
string sqlSelectCompareDetails = "SELECT Number, Password FROM tbl_user WHERE (Number = '" + loginNumber + "') AND (Password = '******')";
SqlCommand cmdCompareDetails = new SqlCommand(sqlSelectCompareDetails, Connections.ApplicationConnection());
SqlDataReader sqldr = cmdCompareDetails.ExecuteReader();
if (sqldr.HasRows)
{
//gets the id of the user being logged in and stores it in Session["s_loggedUserId"]
String sqlGetUserId = "SELECT Id FROM tbl_user WHERE (Number = '" + loginNumber + "')";
using (var cnn = Connections.ApplicationConnection())
{
using (var cmdGetId = new SqlCommand(sqlGetUserId, cnn))
{
Session["s_loggedUserId"] = Convert.ToInt32(cmdGetId.ExecuteScalar());
cnn.Close();
}
}
//gets the role of the user being logged in and stores it in Session["s_loggedUserId"]
String sqlGetUserRole = "SELECT Role FROM tbl_user WHERE Number = @number";
using (var cnn = Connections.ApplicationConnection())
{
using (var cmdGetRole = new SqlCommand(sqlGetUserRole, cnn))
{
cmdGetRole.Parameters.AddWithValue("@number", loginNumber);
Session["s_loggedUserRole"] = Convert.ToInt32(cmdGetRole.ExecuteScalar());
cnn.Close();
}
}
//directs to page based on role code
if (Convert.ToInt32(Session["s_loggedUserRole"].ToString()) == 10)
{
//student
Response.Redirect("Student/StudentHome.aspx");
}
else if (Convert.ToInt32(Session["s_loggedUserRole"].ToString()) == 20)
{
//academic
Response.Redirect("Academic/AcademicHome.aspx");
}
else if (Convert.ToInt32(Session["s_loggedUserRole"].ToString()) == 30)
{
//admin
Response.Redirect("Admin/AdminHome.aspx");
}
else if (Convert.ToInt32(Session["s_loggedUserRole"].ToString()) == 40)
{
//academic program manager
Response.Redirect("Academic/AcademicHome.aspx");
}
else if (Convert.ToInt32(Session["s_loggedUserRole"].ToString()) == 50)
{
//senior university manager
Response.Redirect("SeniorUniversityManager/SUMHome.aspx");
}
else if (Convert.ToInt32(Session["s_loggedUserRole"].ToString()) == 60)
{
//super user
Response.Redirect("SuperUser/SuperUserHome.aspx");
}
}
//doesnt exist
else
{
lblLoginErrorText.Text = "The Number Or Password Combination You Have Entered Is Incorrect !";
}
}
//login button calls encryption() on typed password and checks email and password against the database entry, then redriects to default.aspx
protected void btnLogin_Click(object sender, EventArgs e)
{
string loginEmailUsername = Convert.ToString(txtLoginEmailUsername.Text);
string loginPlainPassword = Convert.ToString(txtLoginPassword.Text);
//passes loginPlainPassword to Encryption to allow it to be compoared to the db value
string loginEncryptedPassword = Encryption(loginPlainPassword);
string sqlSelectCompareDetails = "SELECT Email, Password FROM tbl_User WHERE (Email = '" + loginEmailUsername + "') AND (Password = '******')";
SqlCommand cmdCompareDetails = new SqlCommand(sqlSelectCompareDetails, Connections.ApplicationConnection());
SqlDataReader sqldr = cmdCompareDetails.ExecuteReader();
if (sqldr.Read())
{
//gets the id of the user being logged in and stores it in Session["s_loggedUserId"] so that it can be checked in the master page
String sqlGetUserId = "SELECT Id FROM tbl_User WHERE (Email = '" + loginEmailUsername + "')";
using (var cnn = Connections.ApplicationConnection())
{
using (var cmdGetId = new SqlCommand(sqlGetUserId, cnn))
{
Session["s_loggedUserId"] = Convert.ToInt32(cmdGetId.ExecuteScalar());
Debug.WriteLine("USER ID : " + Session["s_loggedUserId"]);
}
}
//if details are correct, redirect to Home page
Response.Redirect("Home.aspx");
}
else
{
lblLoginErrorText.Text = "The Email / Username Or Password You Have Entered Is Incorrect !";
}
}
//register btn on click method calls encryption method on enterred password, verifys password and posts to tbl_User
protected void btnRegister_Click(object sender, EventArgs e)
{
string registerForename = Convert.ToString(txtRegisterForename.Text);
string registerSurname = Convert.ToString(txtRegisterSurname.Text);
string registerEmailUsername = Convert.ToString(txtRegisterEmailUsername.Text);
string registerPlainPassword = Convert.ToString(txtRegisterPassword.Text);
//encrypt the plain password
string encryptedPassword = Encryption(registerPlainPassword);
Debug.WriteLine("Plain Text Password : "******" Encrypted Password : "******"SELECT * FROM tbl_User WHERE (Email = '" + registerEmailUsername + "')";
SqlCommand cmd = new SqlCommand(sqlUsernameSearch, Connections.ApplicationConnection());
SqlDataReader sqldr = cmd.ExecuteReader();
if (sqldr.Read())
{
String passed = (string)sqldr["Password"];
lblRegisterErrorText.Text = "Email / Username Is Already in Use";
}
else
{
// if the Username not found create the new user account
try
{
//verifys password
if (txtRegisterPassword.Text.Equals(txtRegisterVerifyPassword.Text))
{
string UpPath = Server.MapPath("~/files");
Random r = new Random();
int rInt = r.Next(0, 10000);
if (!Directory.Exists(UpPath))
{
Directory.CreateDirectory(UpPath);
}
else
{
int imgSize = fuProfilePic.PostedFile.ContentLength;
string imgName = fuProfilePic.FileName;
string imgPath = "~/files/" + rInt + imgName;
if (fuProfilePic.PostedFile.ContentLength > 1500000)
{
Page.ClientScript.RegisterClientScriptBlock(typeof(Page), "Alert", "alert('File is too big.')", true);
}
else
{
//then save it to the Folder
fuProfilePic.SaveAs(Server.MapPath(imgPath));
}
}
// inserts record into tbl_user
string sqlInsertUser = "******";
SqlCommand cmdInsertUser = new SqlCommand(sqlInsertUser, Connections.ApplicationConnection());
cmdInsertUser.Parameters.AddWithValue("@forename", registerForename);
cmdInsertUser.Parameters.AddWithValue("@surname", registerSurname);
cmdInsertUser.Parameters.AddWithValue("@email", registerEmailUsername);
cmdInsertUser.Parameters.AddWithValue("@password", encryptedPassword);
cmdInsertUser.Parameters.AddWithValue("@profilePic", rInt + fuProfilePic.FileName);
cmdInsertUser.ExecuteNonQuery();
pnlSuccessAlert.Visible = true;
//grabs id of registered user for user role method and stores in a session
String sqlGetUserId = "SELECT Id FROM tbl_User WHERE (Email = '" + registerEmailUsername + "')";
using (var cnn = Connections.ApplicationConnection())
{
using (var cmdGetId = new SqlCommand(sqlGetUserId, cnn))
{
Session["s_registeredUserId"] = Convert.ToInt32(cmdGetId.ExecuteScalar());
Debug.WriteLine("USER ID : " + Session["s_registeredUserId"]);
}
}
txtRegisterForename.Text = "";
txtRegisterSurname.Text = "";
txtRegisterEmailUsername.Text = "";
txtRegisterPassword.Text = "";
txtRegisterVerifyPassword.Text = "";
lblRegisterErrorText.Text = "";
//hide panels and then opens the register user details one
hidePanels();
pnlRegister.Visible = true;
pnlRegisterUserRoles.Visible = true;
}
else
{
lblRegisterErrorText.Text = "Passwords Do Not Match";
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.ToString());
}
}
}
}
protected void btnAddAcceptanceTest_Click(object sender, EventArgs e)
{
Int32 backlogId = Convert.ToInt32(Session["s_BacklogId"]);
Int32 projectid = Convert.ToInt32(Session["s_projectId"]);
String Test = txtTest.Text;
Int32 complete = Convert.ToInt32(0);
String sqlInsertAcceptanceTest = "INSERT INTO tbl_AcceptanceTest(ProjectId,BacklogId,Test,Passes) VALUES (@projectId, @backlogId, @test, @passes)";
SqlCommand cmdInsertAcceptanceTest = new SqlCommand(sqlInsertAcceptanceTest, Connections.ApplicationConnection());
cmdInsertAcceptanceTest.Parameters.AddWithValue("@projectId", projectid);
cmdInsertAcceptanceTest.Parameters.AddWithValue("@backlogId", backlogId);
cmdInsertAcceptanceTest.Parameters.AddWithValue("@test", Test);
cmdInsertAcceptanceTest.Parameters.AddWithValue("@passes", complete);
cmdInsertAcceptanceTest.ExecuteNonQuery();
txtTest.Text = "";
gvAcceptanceTests.DataBind();
}