public void insert(StaffDTO value)
{
string cmd = "SP_INS_PUBLIC_ENCRYPT_NHANVIEN";
SqlCmd = new SqlCommand(cmd, SqlCon);
SqlCmd.CommandType = CommandType.StoredProcedure;
SqlParameter StaffID = new SqlParameter("@MANV", SqlDbType.VarChar, 20, "MANV");
StaffID.IsNullable = false;
StaffID.Direction = ParameterDirection.Input;
StaffID.Value = value.StaffID;
SqlCmd.Parameters.Add(StaffID);
SqlParameter StaffName = new SqlParameter("@HOTEN", SqlDbType.NVarChar, 100, "HOTEN");
StaffName.IsNullable = false;
StaffName.Direction = ParameterDirection.Input;
StaffName.Value = value.StaffName;
SqlCmd.Parameters.Add(StaffName);
SqlParameter Email = new SqlParameter("@EMAIL", SqlDbType.VarChar, 100, "EMAIL");
Email.IsNullable = true;
Email.Direction = ParameterDirection.Input;
Email.Value = value.Email;
SqlCmd.Parameters.Add(Email);
SqlParameter Salary = new SqlParameter("@LUONG", SqlDbType.VarBinary, 8000, "LUONG");
Salary.IsNullable = true;
Salary.Direction = ParameterDirection.Input;
Salary.Value = value.Salary;
SqlCmd.Parameters.Add(Salary);
SqlParameter Username = new SqlParameter("@TENDN", SqlDbType.NVarChar, 100, "TENDN");
Username.IsNullable = false;
Username.Direction = ParameterDirection.Input;
Username.Value = value.Username;
SqlCmd.Parameters.Add(Username);
SqlParameter Password = new SqlParameter("@MK", SqlDbType.VarBinary, 8000, "MK");
Password.IsNullable = false;
Password.Direction = ParameterDirection.Input;
Password.Value = value.Password;
SqlCmd.Parameters.Add(Password);
SqlParameter PublicKey = new SqlParameter("@PUB", SqlDbType.VarChar, 20, "PUB");
PublicKey.IsNullable = false;
PublicKey.Direction = ParameterDirection.Input;
PublicKey.Value = value.PublicKey;
SqlCmd.Parameters.Add(PublicKey);
this.executeNonQuery();
}
public override object convertOneRowIntoADTO(DataTable dt, int i, int type = 0)
{
StaffDTO obj = new StaffDTO();
if (type == 0)
{
obj.StaffID = dt.Rows[i]["MANV"].ToString();
obj.StaffName = dt.Rows[i]["HOTEN"].ToString();
obj.Email = dt.Rows[i]["EMAIL"].ToString();
obj.Salary = (byte[])dt.Rows[i]["LUONG"];
}
else if (type == 1)
{
obj.StaffID = dt.Rows[i]["MANV"].ToString();
obj.Username = dt.Rows[i]["TENDN"].ToString();
obj.Password = (byte[])dt.Rows[i]["MATKHAU"];
}
return obj;
}
private void button_Commit0_Click(object sender, EventArgs e)
{
try
{
StaffDTO staffdto = new StaffDTO();
staffdto.StaffID = textBox_StaffID0.Text;
staffdto.StaffName = textBox_StaffName0.Text;
staffdto.Email = textBox_Email0.Text;
RSA_Encrypt = new RSACryptoServiceProvider();
if (publicKey != "")
RSA_Encrypt.FromXmlString(publicKey);
else if (comboKey != "")
RSA_Encrypt.FromXmlString(comboKey);
else
{
MessageBox.Show("Bạn chưa nhập key. Vui lòng nhập key trước khi thực hiện thao tác này.", "Lỗi", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
string temp = string.Format("{0}", int.Parse(textBox_Salary0.Text));
staffdto.Salary = RSA_Encrypt.Encrypt(Encoding.ASCII.GetBytes(temp), true);
staffdto.Username = textBox_Username0.Text;
SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
byte[] password = sha1.ComputeHash(Encoding.ASCII.GetBytes(textBox_Password0.Text));
staffdto.Password = password;
staffdto.PublicKey = staffdto.StaffID;
if (flag_staff == 1)
{
_staffbll.insertStaff(staffdto);
}
else if (flag_staff == 2)
{
if (staffdto.StaffID == _staffdto.StaffID)
_staffbll.updateStaff(staffdto);
else
MessageBox.Show("Bạn không có quyền thêm hoặc thay đổi thông tin nhân viên khác", "Lỗi", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
loadStaff();
flag_staff = 0;
textBox_StaffID0.Enabled = false;
textBox_StaffName0.Enabled = false;
textBox_Email0.Enabled = false;
textBox_Salary0.Enabled = false;
textBox_Username0.Enabled = false;
textBox_Password0.Enabled = false;
textBox_StaffID0.Text = "";
textBox_StaffName0.Text = "";
textBox_Email0.Text = "";
textBox_Salary0.Text = "";
textBox_Username0.Text = "";
textBox_Password0.Text = "";
}
catch (System.Exception ex)
{
MessageBox.Show(ex.Message, "Lỗi", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
public StaffDTO[] selectAll()
{
string cmd = "SELECT * FROM NHANVIEN";
SqlCmd = new SqlCommand(cmd, SqlCon);
ArrayList list = this.executeQueryArrayList(0);
int n = list.Count;
StaffDTO[] result = new StaffDTO[n];
for (int i = 0; i < n; i++)
result[i] = (StaffDTO)list[i];
return result;
}
public StaffDTO login(string id, byte[] pw)
{
StaffDTO staff = new StaffDTO();
string cmd = "SP_CHK_LOGIN_HASH_NHANVIEN";
SqlCmd = new SqlCommand(cmd, SqlCon);
SqlCmd.CommandType = CommandType.StoredProcedure;
SqlParameter username = new SqlParameter("@TENDN", SqlDbType.NVarChar, 100, "TENDN");
username.IsNullable = false;
username.Direction = ParameterDirection.Input;
username.Value = id;
SqlCmd.Parameters.Add(username);
SqlParameter password = new SqlParameter("@MATKHAU", SqlDbType.VarBinary, 8000, "MATKHAU");
password.IsNullable = false;
password.Direction = ParameterDirection.Input;
password.Value = pw;
SqlCmd.Parameters.Add(password);
ArrayList list = executeQueryArrayList(1);
int n = list.Count;
if (n == 0)
return null;
return (StaffDTO)list[0];
}
public void updateStaff(StaffDTO value)
{
staffdao.update(value);
}
public void insertStaff(StaffDTO value)
{
staffdao.insert(value);
}
