Exemple #1
0
 private void lblForgot_MouseLeftButtonUp(object sender, MouseButtonEventArgs e)
 {
     if (string.IsNullOrEmpty(txtUsername.Text))
     {
         MessageBox.Show("No username input");
         txtUsername.Focus();
     }
     else
     {
         var conn = DBUtils.Instance();
         conn.IsConnect();
         using (MySqlCommand cmd = new MySqlCommand("Select COUNT(1) from Accounts where username = @username", conn.Connection))
         {
             cmd.Parameters.AddWithValue("@username", txtUsername.Text);
             int count = Convert.ToInt32(cmd.ExecuteScalar());
             if (count > 0)
             {
                 Hide();
                 new ForgotPassword(txtUsername.Text).ShowDialog();
                 ShowDialog();
                 txtPassword.Password = null;
                 txtUsername.Text     = null;
             }
             else
             {
                 MessageBox.Show("User does not exist!");
             }
         }
     }
 }
        private void btnResetPassword_Click(object sender, RoutedEventArgs e)
        {
            if (string.IsNullOrEmpty(txtNewPass.Password) || string.IsNullOrEmpty(txtConfirmPass.Password))
            {
                MessageBox.Show("One or more fields are empty!");
            }
            else
            {
                if (txtNewPass.Password.Equals(txtConfirmPass.Password))
                {
                    string           sMessageBoxText = "Are all fields checked?";
                    string           sCaption        = "Confirm Change Password";
                    MessageBoxButton btnMessageBox   = MessageBoxButton.YesNoCancel;
                    MessageBoxImage  icnMessageBox   = MessageBoxImage.Warning;

                    MessageBoxResult dr = MessageBox.Show(sMessageBoxText, sCaption, btnMessageBox, icnMessageBox);

                    switch (dr)
                    {
                    case MessageBoxResult.Yes:
                        var conn = DBUtils.Instance();
                        conn.IsConnect();
                        using (MySqlCommand cmd1 = new MySqlCommand("UPDATE Accounts SET password = @password, tries = @tries WHERE username = @username", conn.Connection))
                        {
                            cmd1.Parameters.AddWithValue("@username", user);
                            cmd1.Parameters.AddWithValue("@password", txtNewPass.Password);
                            cmd1.Parameters.AddWithValue("@tries", 0);
                            cmd1.ExecuteNonQuery();
                            MessageBox.Show("Password has been changed.");
                        }
                        this.DialogResult = false;

                        break;


                    case MessageBoxResult.No: break;
                    }
                }
                else
                {
                    MessageBox.Show("New password and confirmation password do not match.");
                }
            }
        }
        public ForgotPassword(string username)
        {
            InitializeComponent();
            user = username;
            var conn = DBUtils.Instance();

            conn.IsConnect();
            using (MySqlCommand cmd = new MySqlCommand("SELECT securityQuestion, answer FROM Accounts WHERE username = @username", conn.Connection))
            {
                cmd.Parameters.AddWithValue("@username", username);
                MySqlDataReader dr = cmd.ExecuteReader();
                if (dr.Read())
                {
                    int securityQuestionIndex = dr.GetOrdinal("securityQuestion");
                    question = Convert.ToString(dr.GetValue(securityQuestionIndex));

                    int answerIndex = dr.GetOrdinal("answer");
                    answer = Convert.ToString(dr.GetValue(answerIndex));

                    securityQuestion.Content = question;
                }
            }
        }
Exemple #4
0
        private void btnLogin_Click(object sender, RoutedEventArgs e)
        {
            if (string.IsNullOrEmpty(txtUsername.Text) || string.IsNullOrEmpty(txtPassword.Password))
            {
                MessageBox.Show("One or more fields are empty!");
                return;
            }
            else
            {
                var conn = DBUtils.Instance();
                conn.IsConnect();
                Nullable <int> loginAttempts;

                using (MySqlCommand cmd = new MySqlCommand("Select tries FROM Accounts WHERE username = @username", conn.Connection))
                {
                    cmd.Parameters.AddWithValue("@username", txtUsername.Text);
                    loginAttempts = Convert.ToInt32(cmd.ExecuteScalar());
                }
                if (loginAttempts < 5)
                {
                    string un = txtUsername.Text;
                    string pw = txtPassword.Password;

                    using (MySqlCommand cmd = new MySqlCommand("Select * from Accounts where username = @username AND password = @password", conn.Connection))
                    {
                        cmd.Parameters.AddWithValue("@username", un);
                        cmd.Parameters.AddWithValue("@password", pw);
                        MySqlDataReader dr = cmd.ExecuteReader();

                        if (dr.Read())
                        {
                            string lName, fName, mName;
                            lName = dr.GetString(2);
                            fName = dr.GetString(3);
                            mName = dr.GetString(4);
                            int userLevelIndex = dr.GetOrdinal("accountLvl");
                            userLevel = dr.GetString(userLevelIndex);

                            using (MySqlCommand cmd2 = new MySqlCommand("UPDATE Accounts SET tries = 0", conn.Connection))
                            {
                                dr.Close();
                                dr.Dispose();
                                cmd2.ExecuteNonQuery();
                                MessageBox.Show("Login Successful");
                            }
                        }

                        else
                        {
                            using (MySqlCommand cmd2 = new MySqlCommand("Select username from Accounts where username = @username", conn.Connection))
                            {
                                cmd2.Parameters.AddWithValue("@username", un);
                                dr.Close();
                                dr.Dispose();
                                dr = cmd2.ExecuteReader();
                                int    ordinal = 0;
                                string value   = "";

                                if (dr.Read())
                                {
                                    ordinal = dr.GetOrdinal("username");
                                    value   = dr.GetString(ordinal);
                                    if (value.Equals(un))
                                    {
                                        using (MySqlCommand cmd3 = new MySqlCommand("UPDATE Accounts SET tries = tries + 1 WHERE username = @username", conn.Connection))
                                        {
                                            cmd3.Parameters.AddWithValue("@username", un);
                                            dr.Close();
                                            dr.Dispose();
                                            cmd3.ExecuteNonQuery();
                                            cmd3.Dispose();
                                        }
                                    }
                                }
                            }
                            MessageBox.Show("Username or Password is invalid");
                            return;
                        }
                    }
                    Hide();
                    new Main().ShowDialog();
                    ShowDialog();
                    txtPassword.Password = null;
                    txtUsername.Text     = null;
                }
                else
                {
                    user = txtUsername.Text;
                    string           sMessageBoxText = "Due to multiple login attempts, your account has been locked. \nPlease unlock it to continue.";
                    string           sCaption        = "Account Recovery";
                    MessageBoxButton btnMessageBox   = MessageBoxButton.YesNoCancel;
                    MessageBoxImage  icnMessageBox   = MessageBoxImage.Warning;

                    MessageBoxResult dr = MessageBox.Show(sMessageBoxText, sCaption, btnMessageBox, icnMessageBox);

                    switch (dr)
                    {
                    case MessageBoxResult.Yes:
                        Hide();
                        new ForgotPassword(txtUsername.Text).ShowDialog();
                        ShowDialog();
                        break;

                    case MessageBoxResult.No: break;
                    }
                }
            }
        }
Exemple #5
0
        private void updateListView()
        {
            var conn = DBUtils.Instance();

            conn.DatabaseName = "medinventSys";
            string sql;

            if (inventoryType == "ALL")
            {
                if (string.IsNullOrEmpty(to))
                {
                    sql = "SELECT * from tblinventory where dateExpiry > '" + from + "'";
                }
                else
                {
                    sql = "SELECT * from tblinventory where dateExpiry between '" + from + "' and '" + to + "'";
                }
                if (conn.IsConnect())
                {
                    using (var cmd = new MySqlCommand(sql, conn.Connection))
                    {
                        lvExpiringInvent.Items.Clear();
                        using (var reader = cmd.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                //2
                                int    inventTypeIndex = reader.GetOrdinal("inventType");
                                string inventType      = Convert.ToString(reader.GetValue(inventTypeIndex));
                                //3
                                int    codeIndex = reader.GetOrdinal("code");
                                string code      = Convert.ToString(reader.GetValue(codeIndex));
                                //4
                                int    descIndex = reader.GetOrdinal("descript");
                                string desc      = Convert.ToString(reader.GetValue(descIndex));
                                //5
                                int    genNameIndex = reader.GetOrdinal("genName");
                                string genName      = Convert.ToString(reader.GetValue(genNameIndex));
                                //6
                                int qtyIndex = reader.GetOrdinal("qty");
                                int qty      = Convert.ToInt32(reader.GetValue(qtyIndex));
                                //7
                                int    unitIndex = reader.GetOrdinal("unit");
                                string unit      = Convert.ToString(reader.GetValue(unitIndex));
                                //8
                                int    ppUnitIndex  = reader.GetOrdinal("priceperUnit");
                                double ppUnitDouble = Convert.ToDouble(reader.GetValue(ppUnitIndex));
                                string ppUnit       = ppUnitDouble.ToString("F");
                                //9
                                int datePurchaseIndex = reader.GetOrdinal("datePurchase");
                                myDate = Convert.ToDateTime(reader.GetValue(datePurchaseIndex));
                                string datePurchase = myDate.ToString("dd MMMM yyyy");
                                //10
                                int    dateExpiryIndex = reader.GetOrdinal("dateExpiry");
                                string dateExpiry;
                                if (reader.GetValue(dateExpiryIndex) == DBNull.Value)
                                {
                                    dateExpiry = "--";
                                }
                                else
                                {
                                    DateTime dateExpiryDate = Convert.ToDateTime(reader.GetValue(dateExpiryIndex));
                                    dateExpiry = dateExpiryDate.ToString("dd MMMM yyyy");
                                }
                                //11
                                int    manufIndex = reader.GetOrdinal("manuf");
                                string manuf      = Convert.ToString(reader.GetValue(manufIndex));
                                //12
                                int    vendorIndex = reader.GetOrdinal("vendor");
                                string vendor      = Convert.ToString(reader.GetValue(vendorIndex));
                                //13
                                int    branchIndex = reader.GetOrdinal("branch");
                                string branch      = Convert.ToString(reader.GetValue(branchIndex));
                                expiringInvent.Add(new ListViewStockInReport
                                {
                                    i            = i,
                                    inventType   = inventType,
                                    code         = code,
                                    desc         = desc,
                                    genName      = genName,
                                    qty          = qty,
                                    unit         = unit,
                                    priceperUnit = ppUnit,
                                    datePurchase = datePurchase,
                                    dateExpiry   = dateExpiry,
                                    manuf        = manuf,
                                    vendor       = vendor,
                                    branch       = branch
                                });
                                i++;
                                itemcount++;
                            }
                        }
                    }
                    conn.Close();
                }
            }
            else
            {
                if (string.IsNullOrEmpty(to))
                {
                    sql = "SELECT * from tblinventory where dateExpiry > '" + from + "' and inventType = '" + inventoryType + "'";
                }
                else
                {
                    sql = "SELECT * from tblinventory where dateExpiry between '" + from + "' and '" + to + "' and inventType = '" + inventoryType + "'";
                }
                if (conn.IsConnect())
                {
                    using (var cmd = new MySqlCommand(sql, conn.Connection))
                    {
                        lvExpiringInvent.Items.Clear();
                        using (var reader = cmd.ExecuteReader())
                        {
                            //2
                            int    inventTypeIndex = reader.GetOrdinal("inventType");
                            string inventType      = Convert.ToString(reader.GetValue(inventTypeIndex));
                            //3
                            int    codeIndex = reader.GetOrdinal("code");
                            string code      = Convert.ToString(reader.GetValue(codeIndex));
                            //4
                            int    descIndex = reader.GetOrdinal("descript");
                            string desc      = Convert.ToString(reader.GetValue(descIndex));
                            //5
                            int    genNameIndex = reader.GetOrdinal("genName");
                            string genName      = Convert.ToString(reader.GetValue(genNameIndex));
                            //6
                            int qtyIndex = reader.GetOrdinal("qty");
                            int qty      = Convert.ToInt32(reader.GetValue(qtyIndex));
                            //7
                            int    unitIndex = reader.GetOrdinal("unit");
                            string unit      = Convert.ToString(reader.GetValue(unitIndex));
                            //8
                            int    ppUnitIndex  = reader.GetOrdinal("priceperUnit");
                            double ppUnitDouble = Convert.ToDouble(reader.GetValue(ppUnitIndex));
                            string ppUnit       = ppUnitDouble.ToString("F");
                            //9
                            int datePurchaseIndex = reader.GetOrdinal("datePurchase");
                            myDate = Convert.ToDateTime(reader.GetValue(datePurchaseIndex));
                            string datePurchase = myDate.ToString("dd MMMM yyyy");
                            //10
                            int    dateExpiryIndex = reader.GetOrdinal("dateExpiry");
                            string dateExpiry;
                            if (reader.GetValue(dateExpiryIndex) == DBNull.Value)
                            {
                                dateExpiry = "--";
                            }
                            else
                            {
                                DateTime dateExpiryDate = Convert.ToDateTime(reader.GetValue(dateExpiryIndex));
                                dateExpiry = dateExpiryDate.ToString("dd MMMM yyyy");
                            }
                            //11
                            int    manufIndex = reader.GetOrdinal("manuf");
                            string manuf      = Convert.ToString(reader.GetValue(manufIndex));
                            //12
                            int    vendorIndex = reader.GetOrdinal("vendor");
                            string vendor      = Convert.ToString(reader.GetValue(vendorIndex));
                            //13
                            int    branchIndex = reader.GetOrdinal("branch");
                            string branch      = Convert.ToString(reader.GetValue(branchIndex));
                            expiringInvent.Add(new ListViewStockInReport
                            {
                                i            = i,
                                inventType   = inventType,
                                code         = code,
                                desc         = desc,
                                genName      = genName,
                                qty          = qty,
                                unit         = unit,
                                priceperUnit = ppUnit,
                                datePurchase = datePurchase,
                                dateExpiry   = dateExpiry,
                                manuf        = manuf,
                                vendor       = vendor,
                                branch       = branch
                            });
                            i++;
                            itemcount++;
                        }
                    }
                    conn.Close();
                }
            }
        }