private void btnSubmit_Click(object sender, RoutedEventArgs e)
{
SqlConnection sqlCon = new SqlConnection(ConfigurationManager.ConnectionStrings["con"].ToString());
try
{
//User is extracted from the database matching inserted paramaters Username and Password.
SqlCommand query = new SqlCommand("SELECT * FROM tblUser WHERE Username=@Username", sqlCon);
query.CommandType = CommandType.Text;
query.Parameters.AddWithValue("@Username", txtUsername.Text);
sqlCon.Open();
SqlDataAdapter sqlDataAdapter = new SqlDataAdapter(query);
DataTable dataTable = new DataTable();
sqlDataAdapter.Fill(dataTable);
User user = new User();
foreach (DataRow row in dataTable.Rows)
{
user = new User
{
Id = int.Parse(row[0].ToString()),
Username = row[1].ToString(),
Password = row[2].ToString()
};
}
//If username is as value below, Employe window is engaged.
if (user.Username == "Zaposleni" && user.Password == "Zaposleni" && txtPassword.Password == "Zaposleni")
{
EmployeWindow dashboard = new EmployeWindow();
dashboard.Show();
this.Close();
return;
}
//If username is as value below, User window is engaged.
else if (txtPassword.Password == "Gost" && user.Password == "Gost" && user.Username != null)
{
//Validation if user has pending order to be approved.
if (!OrderValidation.UserHasOrder(user))
{
UserWindow dashboard = new UserWindow(user);
dashboard.Show();
this.Close();
return;
}
else
{
//If user has order with pending approval, application exits to the login screen.
return;
}
}
else if (txtPassword.Password != "Gost" && user.Username != null)
{
MessageBoxResult messageBoxResult = System.Windows.MessageBox.Show("Incorrect password, please try again.", "Notification");
return;
}
else
{
user = new User(txtUsername.Text, txtPassword.Password);
//If all inputs are correct, user will be added to the database.
if (AddUserValidation.Validate(user))
{
using (var conn = new SqlConnection(ConfigurationManager.ConnectionStrings["con"].ToString()))
{
var cmd = new SqlCommand(@"insert into tblUser values (@Username, @Password); SELECT SCOPE_IDENTITY();", conn);
cmd.Parameters.AddWithValue("@Username", txtUsername.Text);
cmd.Parameters.AddWithValue("@Password", txtPassword.Password);
conn.Open();
cmd.ExecuteNonQuery();
user.Id = Convert.ToInt32(cmd.ExecuteScalar());
conn.Close();
MessageBoxResult messageBoxResult = System.Windows.MessageBox.Show("User Successfully created.", "Notification");
UserWindow dashboard = new UserWindow(user);
dashboard.Show();
this.Close();
}
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
sqlCon.Close();
}
}
private void btnSubmit_Click(object sender, RoutedEventArgs e)
{
SqlConnection sqlCon = new SqlConnection(@"Data Source=(local); Initial Catalog=Zadatak_1; Integrated Security=True;");
try
{
//User is extracted from the database matching inserted paramaters Username and Password.
SqlCommand query = new SqlCommand("SELECT * FROM tblUser WHERE Username=@Username AND Password=@Password", sqlCon);
query.CommandType = CommandType.Text;
query.Parameters.AddWithValue("@Username", txtUsername.Text);
query.Parameters.AddWithValue("@Password", txtPassword.Password);
sqlCon.Open();
SqlDataAdapter sqlDataAdapter = new SqlDataAdapter(query);
DataTable dataTable = new DataTable();
sqlDataAdapter.Fill(dataTable);
User user = new User();
foreach (DataRow row in dataTable.Rows)
{
user = new User
{
Id = int.Parse(row[0].ToString()),
Username = row[1].ToString(),
Password = row[2].ToString()
};
}
//If username is as value below, Employe window is engaged.
if (user.Username == "Zaposleni")
{
EmployeWindow dashboard = new EmployeWindow();
dashboard.Show();
this.Close();
}
//If username is as value below, User window is engaged.
else if (user.Password == "Gost")
{
//Validation if user has pending order to be approved.
if (!OrderValidation.UserHasOrder(user))
{
UserWindow dashboard = new UserWindow(user);
dashboard.Show();
this.Close();
}
else
{
//If user has order with pending approval, application exits to the login screen.
return;
}
}
else
{
MessageBox.Show("Username or password is incorrect.");
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
sqlCon.Close();
}
}
