private void goBackButton_Click(object sender, EventArgs e)
{
OICForm oic_form = new OICForm();
this.Hide();
oic_form.setCurrentUser(user);
oic_form.setUserID(userID);
oic_form.ShowDialog();
this.Close();
}
private void goBackButton_Click(object sender, EventArgs e)
{
try
{
string Conn = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
string Query = "SELECT * FROM users WHERE userID = @userID";
MySqlConnection MyConn = new MySqlConnection(Conn);
MySqlCommand cmd = new MySqlCommand(Query, MyConn);
cmd.Parameters.AddWithValue("@userID", userID);
MyConn.Open();
MySqlDataReader MyReader = cmd.ExecuteReader();
if (MyReader.Read())
{
string userRealID = MyReader.GetString("userID");
string userRealName = MyReader.GetString("userName");
string userType = MyReader.GetString("userType");
if (userRealID == userID && userType == "Admin")
{
adminForm admin_form = new adminForm();
this.Hide();
admin_form.setCurrentUser(userRealName);
admin_form.setUserID(userRealID);
admin_form.ShowDialog();
this.Close();
}
else
{
OICForm oic_form = new OICForm();
this.Hide();
oic_form.setCurrentUser(userRealName);
oic_form.setUserID(userRealID);
oic_form.ShowDialog();
this.Close();
}
}
else
{
MessageBox.Show("This ID does not exist!", "Error Message");
}
MyConn.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
private void loginButton_Click(object sender, EventArgs e)
{
String id = this.idInput.Text;
String pwd = this.pwdInput.Text;
if (this.idInput.Text == "" || this.pwdInput.Text == "")
{
MessageBox.Show("There is a blank input", "Login Error");
}
else
{
loginAttemptCount++;
if (loginAttemptCount > 3)
{
try
{
string Conn = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
string Query = "UPDATE users SET userStatus = @userStatus WHERE userID = @userID AND userType = 'OIC'";
MySqlConnection MyConn = new MySqlConnection(Conn);
MySqlCommand cmd = new MySqlCommand(Query, MyConn);
cmd.Parameters.AddWithValue("@userStatus", "Locked");
cmd.Parameters.AddWithValue("@userID", this.idInput.Text);
MyConn.Open();
MySqlDataReader MyReader = cmd.ExecuteReader();
MessageBox.Show("You failed to login three times, so this ID is locked now. \nPlease, contact the system administrator.", "Login Error");
lockedAccountForm locked_account_form = new lockedAccountForm();
this.Hide();
locked_account_form.ShowDialog();
MyConn.Close();
this.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
else
{
try
{
string Conn = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
string Query = "SELECT * FROM users WHERE userID = @userID";
MySqlConnection MyConn = new MySqlConnection(Conn);
MySqlCommand cmd = new MySqlCommand(Query, MyConn);
string hash_MD5_pwd = MD5Hash(this.pwdInput.Text);
cmd.Parameters.AddWithValue("@userID", this.idInput.Text);
MyConn.Open();
MySqlDataReader MyReader = cmd.ExecuteReader();
if (MyReader.Read())
{
string userRealID = MyReader.GetString("userID");
string userRealPwd = MyReader.GetString("userPwd");
string userRealName = MyReader.GetString("userName");
string userStatus = MyReader.GetString("userStatus");
string userType = MyReader.GetString("userType");
if (userStatus == "Locked" || userStatus == "locked")
{
MessageBox.Show("Your account is locked! Contact the system administrator, please.", "Login Error");
}
else
{
if (this.idInput.Text == userRealID && hash_MD5_pwd == userRealPwd && userType == "Admin")
{
adminForm admin_form = new adminForm();
this.Hide();
admin_form.setCurrentUser(userRealName);
admin_form.setUserID(userRealID);
admin_form.ShowDialog();
this.Close();
}
else if (this.idInput.Text == userRealID && hash_MD5_pwd == userRealPwd && userType == "OIC")
{
OICForm oic_form = new OICForm();
this.Hide();
oic_form.setCurrentUser(userRealName);
oic_form.setUserID(userRealID);
oic_form.ShowDialog();
this.Close();
}
else
{
MessageBox.Show("Your ID or password is incorrect!", "Login Error");
}
}
}
else
{
MessageBox.Show("This ID does not exist!", "Login Error");
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
}
