Esempio n. 1
0
        private void addButton_Click(object sender, EventArgs e)
        {
            try
            {
                if (cpIdInput.Text == null || cpIdInput.Text == "" ||
                    cpPwdInput.Text == null || cpPwdInput.Text == "" ||
                    cpNameInput.Text == null || cpNameInput.Text == "" ||
                    clinicNameComboBox.SelectedIndex == -1 ||
                    contactNoInput.Text == null || contactNoInput.Text == "" ||
                    alternativeContactNoInput.Text == null || alternativeContactNoInput.Text == "" ||
                    personalQuestionComboBox.SelectedIndex == -1 ||
                    personalAnswerInput.Text == null || personalAnswerInput.Text == "")
                {
                    MessageBox.Show("There is an empty input.", "Error Message");
                }
                else if (memberSinceInput.Value.Date > DateTime.Today)
                {
                    MessageBox.Show("You cannot input a future date.", "Error Message");
                }
                else if (cpPwdInput.Text.Length < 8)
                {
                    MessageBox.Show("You have to set your password equal to or greater than 8 digits.", "Error Message");
                }
                else
                {
                    string          Conn         = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                    string          Query2       = "INSERT INTO contact_person (cpID, cpPwd, cpName, clinicName, contactNo, alternativeContactNo, memberSince, personalQuestion, personalAnswer) VALUES (@cpID, @cpPwd, @cpName, @clinicName, @contactNo, @alternativeContactNo, @memberSince, @personalQuestion, @personalAnswer)";
                    MySqlConnection MyConn       = new MySqlConnection(Conn);
                    MySqlCommand    cmd2         = new MySqlCommand(Query2, MyConn);
                    string          hash_MD5_pwd = MD5Hash(cpPwdInput.Text);
                    cmd2.Parameters.AddWithValue("@cpID", cpIdInput.Text);
                    cmd2.Parameters.AddWithValue("@cpPwd", hash_MD5_pwd);
                    cmd2.Parameters.AddWithValue("@cpName", cpNameInput.Text);
                    cmd2.Parameters.AddWithValue("@clinicName", this.clinicNameComboBox.Items[clinicNameComboBox.SelectedIndex].ToString());
                    cmd2.Parameters.AddWithValue("@contactNo", contactNoInput.Text);
                    cmd2.Parameters.AddWithValue("@alternativeContactNo", alternativeContactNoInput.Text);
                    cmd2.Parameters.AddWithValue("@memberSince", memberSinceInput.Value.Date);
                    cmd2.Parameters.AddWithValue("@personalQuestion", this.personalQuestionComboBox.Items[personalQuestionComboBox.SelectedIndex].ToString());
                    cmd2.Parameters.AddWithValue("@personalAnswer", personalAnswerInput.Text);

                    MyConn.Open();
                    MySqlDataReader MyReader = cmd2.ExecuteReader();
                    MessageBox.Show("Record Saved", "Records");
                    MyConn.Close();

                    adminForm admin_form = new adminForm();
                    this.Hide();
                    admin_form.setCurrentUser(user);
                    admin_form.ShowDialog();
                    this.Close();
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }
        }
Esempio n. 2
0
        private void goBackButton_Click(object sender, EventArgs e)
        {
            adminForm admin_form = new adminForm();

            this.Hide();
            admin_form.setCurrentUser(user);
            admin_form.setUserID(userID);
            admin_form.ShowDialog();
            this.Close();
        }
Esempio n. 3
0
        private void button1_Click(object sender, EventArgs e)
        {
            // GO BACK TO MAIN PAGE
            adminForm admin_form = new adminForm();

            this.Hide();
            admin_form.setCurrentUser(user);
            admin_form.setUserID(userID);
            admin_form.ShowDialog();
            this.Close();
        }
Esempio n. 4
0
        private void goBackButton_Click(object sender, EventArgs e)
        {
            try
            {
                string          Conn   = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                string          Query  = "SELECT * FROM users WHERE userID = @userID";
                MySqlConnection MyConn = new MySqlConnection(Conn);
                MySqlCommand    cmd    = new MySqlCommand(Query, MyConn);
                cmd.Parameters.AddWithValue("@userID", userID);
                MyConn.Open();
                MySqlDataReader MyReader = cmd.ExecuteReader();


                if (MyReader.Read())
                {
                    string userRealID   = MyReader.GetString("userID");
                    string userRealName = MyReader.GetString("userName");
                    string userType     = MyReader.GetString("userType");

                    if (userRealID == userID && userType == "Admin")
                    {
                        adminForm admin_form = new adminForm();
                        this.Hide();
                        admin_form.setCurrentUser(userRealName);
                        admin_form.setUserID(userRealID);
                        admin_form.ShowDialog();
                        this.Close();
                    }
                    else
                    {
                        OICForm oic_form = new OICForm();
                        this.Hide();
                        oic_form.setCurrentUser(userRealName);
                        oic_form.setUserID(userRealID);
                        oic_form.ShowDialog();
                        this.Close();
                    }
                }
                else
                {
                    MessageBox.Show("This ID does not exist!", "Error Message");
                }
                MyConn.Close();
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }
        }
        private void updateButton_Click(object sender, EventArgs e)
        {
            if (cpIdInput.Text == null || cpIdInput.Text == "" ||
                cpNameInput.Text == null || cpNameInput.Text == "" ||
                clinicNameComboBox.SelectedIndex == -1 ||
                contactNoInput.Text == null || contactNoInput.Text == "" ||
                alternativeContactNoInput.Text == null || alternativeContactNoInput.Text == "" ||
                personalQuestionComboBox.SelectedIndex == -1 ||
                personalAnswerInput.Text == null || personalAnswerInput.Text == "")
            {
                MessageBox.Show("No Record to Update", "Records");
            }
            else if (memberSinceInput.Value.Date > DateTime.Today)
            {
                MessageBox.Show("You cannot input a future date.", "Error Message");
            }
            else
            {
                try
                {
                    string          Conn   = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                    string          Query  = "UPDATE contact_person SET cpName = @cpName, clinicName = @clinicName, contactNo = @contactNo, alternativeContactNo = @alternativeContactNo, memberSince = @memberSince, personalQuestion = @personalQuestion, personalAnswer = @personalAnswer WHERE cpID = @cpID";
                    MySqlConnection MyConn = new MySqlConnection(Conn);
                    MySqlCommand    cmd    = new MySqlCommand(Query, MyConn);
                    cmd.Parameters.AddWithValue("@cpID", this.cpIdInput.Text);
                    cmd.Parameters.AddWithValue("@cpName", this.cpNameInput.Text);
                    cmd.Parameters.AddWithValue("@clinicName", this.clinicNameComboBox.Items[clinicNameComboBox.SelectedIndex].ToString());
                    cmd.Parameters.AddWithValue("@contactNo", this.contactNoInput.Text);
                    cmd.Parameters.AddWithValue("@alternativeContactNo", this.alternativeContactNoInput.Text);
                    cmd.Parameters.AddWithValue("@memberSince", this.memberSinceInput.Value.Date);
                    cmd.Parameters.AddWithValue("@personalQuestion", this.personalQuestionComboBox.Items[personalQuestionComboBox.SelectedIndex].ToString());
                    cmd.Parameters.AddWithValue("@personalAnswer", personalAnswerInput.Text);

                    MyConn.Open();
                    MySqlDataReader MyReader = cmd.ExecuteReader();
                    MessageBox.Show("Data Updated", "Records");
                    MyConn.Close();
                    adminForm admin_form = new adminForm();
                    this.Hide();
                    admin_form.setCurrentUser(user);
                    admin_form.ShowDialog();
                    this.Close();
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.Message);
                }
            }
        }
        private void addButton_Click(object sender, EventArgs e)
        {
            try
            {
                if (oicIdInput.Text == null || oicIdInput.Text == "" ||
                    oicPwdInput.Text == null || oicPwdInput.Text == "" ||
                    oicNameInput.Text == null || oicNameInput.Text == "" ||
                    personalQuestionComboBox.SelectedIndex == -1 ||
                    personalAnswerInput.Text == null || personalAnswerInput.Text == "")
                {
                    MessageBox.Show("There is an empty input.", "Error Message");
                }
                else if (oicPwdInput.Text.Length < 8)
                {
                    MessageBox.Show("You have to set your password equal to or greater than 8 digits.", "Error Message");
                }
                else
                {
                    string          Conn         = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                    string          Query        = "INSERT INTO users (userID, userPwd, userName, userType, userStatus, personalQuestion, personalAnswer, requestUnlock) VALUES (@userID, @userPwd, @userName, @userType, @userStatus, @personalQuestion, @personalAnswer, 0)";
                    MySqlConnection MyConn       = new MySqlConnection(Conn);
                    MySqlCommand    cmd          = new MySqlCommand(Query, MyConn);
                    string          hash_MD5_pwd = MD5Hash(oicPwdInput.Text);
                    cmd.Parameters.AddWithValue("@userID", oicIdInput.Text);
                    cmd.Parameters.AddWithValue("@userPwd", hash_MD5_pwd);
                    cmd.Parameters.AddWithValue("@userName", oicNameInput.Text);
                    cmd.Parameters.AddWithValue("@userType", "OIC");
                    cmd.Parameters.AddWithValue("@userStatus", "Available");
                    cmd.Parameters.AddWithValue("@personalQuestion", this.personalQuestionComboBox.Items[personalQuestionComboBox.SelectedIndex].ToString());
                    cmd.Parameters.AddWithValue("@personalAnswer", personalAnswerInput.Text);

                    MyConn.Open();
                    MySqlDataReader MyReader = cmd.ExecuteReader();
                    MessageBox.Show("Record Saved", "Records");
                    MyConn.Close();

                    adminForm admin_form = new adminForm();
                    this.Hide();
                    admin_form.setCurrentUser(user);
                    admin_form.ShowDialog();
                    this.Close();
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }
        }
Esempio n. 7
0
        private void deleteButton_Click(object sender, EventArgs e)
        {
            if (this.orderIDInput.Text == "" && this.clinicNameInput.Text == "")
            {
                MessageBox.Show("No Record to Delete", "Records");
            }
            else
            {
                try
                {
                    DialogResult result = MessageBox.Show("Do you really want to delete it?", "Confirmation", MessageBoxButtons.YesNoCancel, MessageBoxIcon.Question);
                    if (result == DialogResult.Yes)
                    {
                        string          Conn   = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                        string          Query  = "DELETE FROM orders WHERE orderID = @orderID";
                        MySqlConnection MyConn = new MySqlConnection(Conn);
                        MySqlCommand    cmd    = new MySqlCommand(Query, MyConn);
                        cmd.Parameters.AddWithValue("@orderID", this.orderIDInput.Text);
                        MyConn.Open();
                        MySqlDataReader MyReader = cmd.ExecuteReader();
                        MessageBox.Show("Record Deleted", "Records");

                        adminForm admin_form = new adminForm();
                        this.Hide();
                        admin_form.setCurrentUser(user);
                        admin_form.ShowDialog();
                        this.Close();
                    }
                    else if (result == DialogResult.No)
                    {
                        adminForm admin_form = new adminForm();
                        this.Hide();
                        admin_form.setCurrentUser(user);
                        admin_form.ShowDialog();
                        this.Close();
                    }
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.Message);
                }
            }
        }
        private void updateButton_Click(object sender, EventArgs e)
        {
            if (this.oicIdInput.Text == "" && this.oicNameInput.Text == "" ||
                personalQuestionComboBox.SelectedIndex == -1 ||
                personalAnswerInput.Text == null || personalAnswerInput.Text == "")
            {
                MessageBox.Show("No Record to Update", "Records");
            }
            else
            {
                try
                {
                    string          Conn   = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                    string          Query  = "UPDATE users SET userID = @userID, userName = @userName, personalQuestion = @personalQuestion, personalAnswer = @personalAnswer WHERE userID = @userID";
                    MySqlConnection MyConn = new MySqlConnection(Conn);
                    MySqlCommand    cmd    = new MySqlCommand(Query, MyConn);
                    cmd.Parameters.AddWithValue("@userID", this.oicIdInput.Text);
                    cmd.Parameters.AddWithValue("@userName", this.oicNameInput.Text);
                    cmd.Parameters.AddWithValue("@personalQuestion", this.personalQuestionComboBox.Items[personalQuestionComboBox.SelectedIndex].ToString());
                    cmd.Parameters.AddWithValue("@personalAnswer", personalAnswerInput.Text);

                    MyConn.Open();
                    MySqlDataReader MyReader = cmd.ExecuteReader();
                    MessageBox.Show("Data Updated", "Records");
                    MyConn.Close();
                    adminForm admin_form = new adminForm();
                    this.Hide();
                    admin_form.setCurrentUser(user);
                    admin_form.ShowDialog();
                    this.Close();
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.Message);
                }
            }
        }
        private void addButton_Click(object sender, EventArgs e)
        {
            try
            {
                if (clinicNameInput.Text == null || clinicNameInput.Text == "" ||
                    clinicAddressInput.Text == null || clinicAddressInput.Text == "" ||
                    clinicTelephoneInput.Text == null || clinicTelephoneInput.Text == "" ||
                    clinicOIDInputComboBox.SelectedIndex == -1 ||
                    clinicOICPwdInput.Text == null || clinicOICPwdInput.Text == "")
                {
                    MessageBox.Show("There is an empty input.", "Error Message");
                }
                else if (clinicOICPwdInput.Text.Length < 8)
                {
                    MessageBox.Show("You have to set your password equal to or greater than 8 digits.", "Error Message");
                }
                else
                {
                    string          Conn         = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                    string          Query1       = "SELECT * FROM users WHERE userName = @userName";
                    MySqlConnection MyConn       = new MySqlConnection(Conn);
                    MySqlCommand    cmd1         = new MySqlCommand(Query1, MyConn);
                    string          hash_MD5_pwd = MD5Hash(this.clinicOICPwdInput.Text);
                    cmd1.Parameters.AddWithValue("@userName", clinicOIDInputComboBox.Items[clinicOIDInputComboBox.SelectedIndex].ToString());
                    MyConn.Open();
                    MySqlDataReader MyReader1 = cmd1.ExecuteReader();


                    if (MyReader1.Read())
                    {
                        string userRealName = MyReader1.GetString("userName");
                        string userRealPwd  = MyReader1.GetString("userPwd");

                        if (clinicOIDInputComboBox.Text == userRealName && hash_MD5_pwd == userRealPwd)
                        {
                            MyReader1.Close();
                            string Query2 = "INSERT INTO clinic (clinicName, clinicAddress, clinicArea, clinicTelephone, clinicOICName, clinicOICPwd, clinicDetails) VALUES (@clinicName, @clinicAddress, @clinicArea, @clinicTelephone, @clinicOICName, @clinicOICPwd, @clinicDetails)";
                            if (this.clinicDetailsInput.Text == "")
                            {
                                Query2 = "INSERT INTO clinic (clinicName, clinicAddress, clinicArea, clinicTelephone, clinicOICName, clinicOICPwd) VALUES (@clinicName, @clinicAddress, @clinicArea, @clinicTelephone, @clinicOICName, @clinicOICPwd)";
                                MySqlCommand cmd2 = new MySqlCommand(Query2, MyConn);
                                cmd2.Parameters.AddWithValue("@clinicName", this.clinicNameInput.Text);
                                cmd2.Parameters.AddWithValue("@clinicAddress", this.clinicAddressInput.Text);
                                cmd2.Parameters.AddWithValue("@clinicArea", this.clinicAreaInput.Text);
                                cmd2.Parameters.AddWithValue("@clinicTelephone", this.clinicTelephoneInput.Text);
                                cmd2.Parameters.AddWithValue("@clinicOICName", clinicOIDInputComboBox.Items[clinicOIDInputComboBox.SelectedIndex].ToString());
                                cmd2.Parameters.AddWithValue("@clinicOICPwd", hash_MD5_pwd);

                                MySqlDataReader MyReader2 = cmd2.ExecuteReader();
                            }
                            else
                            {
                                MySqlCommand cmd2 = new MySqlCommand(Query2, MyConn);
                                cmd2.Parameters.AddWithValue("@clinicName", this.clinicNameInput.Text);
                                cmd2.Parameters.AddWithValue("@clinicAddress", this.clinicAddressInput.Text);
                                cmd2.Parameters.AddWithValue("@clinicArea", this.clinicAreaInput.Text);
                                cmd2.Parameters.AddWithValue("@clinicTelephone", this.clinicTelephoneInput.Text);
                                cmd2.Parameters.AddWithValue("@clinicOICName", clinicOIDInputComboBox.Items[clinicOIDInputComboBox.SelectedIndex].ToString());
                                cmd2.Parameters.AddWithValue("@clinicOICPwd", hash_MD5_pwd);
                                cmd2.Parameters.AddWithValue("@clinicDetails", this.clinicDetailsInput);

                                MySqlDataReader MyReader2 = cmd2.ExecuteReader();
                            }
                            MessageBox.Show("Record Saved", "Records");
                            adminForm admin_form = new adminForm();
                            this.Hide();
                            admin_form.setCurrentUser(user);
                            admin_form.ShowDialog();
                            this.Close();
                        }
                        else
                        {
                            MessageBox.Show("OIC name or password is not correct!", "Error Message");
                        }
                    }
                    else
                    {
                        MessageBox.Show("There is not that OIC name existing", "Error Message");
                    }

                    MyConn.Close();
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }
        }
        private void addButton_Click(object sender, EventArgs e)
        {
            try
            {
                if (itemCategoryComboBox.SelectedIndex == -1 ||
                    itemTypeComboBox.SelectedIndex == -1 ||
                    itemPictureInput.Text == null || itemPictureInput.Text == "" ||
                    itemBrandInput.Text == null || itemBrandInput.Text == "" ||
                    itemPurposeInput.Text == null || itemPurposeInput.Text == "" ||
                    itemOrderStatusInput.Text == null || itemOrderStatusInput.Text == "" ||
                    supplierCompanyInput.Text == null || supplierCompanyInput.Text == "" ||
                    supplierNameInput.Text == null || supplierNameInput.Text == "" ||
                    supplierContactNoInput.Text == null || supplierContactNoInput.Text == "")
                {
                    MessageBox.Show("There is an empty input.", "Error Message");
                }
                else
                {
                    // File Upload
                    string fileName = System.IO.Path.GetFileName(openFileDialog1.FileName);
                    string path     = Application.StartupPath.Substring(0, (Application.StartupPath.Length - 10));
                    System.IO.File.Copy(openFileDialog1.FileName, path + "\\item_images\\" + fileName);

                    string          Conn   = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                    string          Query1 = "INSERT INTO inventory (itemName, itemPicture, itemBrand, itemPurpose, itemOrderStatus, itemQuantity, itemCostPrice, itemSellingPrice, supplierCompany, supplierName, supplierContactNo, inventoryDetails, criticalQuantity) VALUES (@itemName, @itemPicture, @itemBrand, @itemPurpose, @itemOrderStatus, @itemQuantity, @itemCostPrice, @itemSellingPrice, @supplierCompany, @supplierName, @supplierContactNo, @inventoryDetails, @criticalQuantity)";
                    MySqlConnection MyConn = new MySqlConnection(Conn);
                    MyConn.Open();

                    if (this.inventoryDetailsInput.Text == "")
                    {
                        Query1 = "INSERT INTO inventory (itemName, itemPicture, itemBrand, itemPurpose, itemOrderStatus, itemQuantity, itemCostPrice, itemSellingPrice, supplierCompany, supplierName, supplierContactNo, inventoryDetails, criticalQuantity) VALUES (@itemName, @itemPicture, @itemBrand, @itemPurpose, @itemOrderStatus, @itemQuantity, @itemCostPrice, @itemSellingPrice, @supplierCompany, @supplierName, @supplierContactNo, @inventoryDetails, @criticalQuantity)";
                        MySqlCommand cmd1 = new MySqlCommand(Query1, MyConn);
                        cmd1.Parameters.AddWithValue("@itemName", itemTypeComboBox.Items[itemTypeComboBox.SelectedIndex].ToString());
                        cmd1.Parameters.AddWithValue("@itemPicture", path + "\\item_images\\" + fileName);
                        cmd1.Parameters.AddWithValue("@itemBrand", itemBrandInput.Text);
                        cmd1.Parameters.AddWithValue("@itemPurpose", itemPurposeInput.Text);
                        cmd1.Parameters.AddWithValue("@itemOrderStatus", itemOrderStatusInput.Text);
                        cmd1.Parameters.AddWithValue("@itemQuantity", itemQuantityInput.Value);
                        cmd1.Parameters.AddWithValue("@itemCostPrice", itemCostPriceInput.Value);
                        cmd1.Parameters.AddWithValue("@itemSellingPrice", itemSellingPriceInput.Value);
                        cmd1.Parameters.AddWithValue("@supplierCompany", supplierCompanyInput.Text);
                        cmd1.Parameters.AddWithValue("@supplierName", supplierNameInput.Text);
                        cmd1.Parameters.AddWithValue("@supplierContactNo", supplierContactNoInput.Text);
                        cmd1.Parameters.AddWithValue("@inventoryDetails", " ");
                        cmd1.Parameters.AddWithValue("@criticalQuantity", criticalQuantityInput.Value);
                        MySqlDataReader MyReader1 = cmd1.ExecuteReader();

                        MessageBox.Show("Record Saved", "Records");
                        adminForm admin_form = new adminForm();
                        this.Hide();
                        admin_form.setCurrentUser(user);
                        admin_form.ShowDialog();
                        this.Close();
                    }
                    else
                    {
                        MySqlCommand cmd1 = new MySqlCommand(Query1, MyConn);
                        cmd1.Parameters.AddWithValue("@itemName", itemTypeComboBox.Items[itemTypeComboBox.SelectedIndex].ToString());
                        cmd1.Parameters.AddWithValue("@itemPicture", path + "\\item_images\\" + fileName);
                        cmd1.Parameters.AddWithValue("@itemBrand", itemBrandInput.Text);
                        cmd1.Parameters.AddWithValue("@itemPurpose", itemPurposeInput.Text);
                        cmd1.Parameters.AddWithValue("@itemOrderStatus", itemOrderStatusInput.Text);
                        cmd1.Parameters.AddWithValue("@itemQuantity", itemQuantityInput.Value);
                        cmd1.Parameters.AddWithValue("@itemCostPrice", itemCostPriceInput.Value);
                        cmd1.Parameters.AddWithValue("@itemSellingPrice", itemSellingPriceInput.Value);
                        cmd1.Parameters.AddWithValue("@supplierCompany", supplierCompanyInput.Text);
                        cmd1.Parameters.AddWithValue("@supplierName", supplierNameInput.Text);
                        cmd1.Parameters.AddWithValue("@supplierContactNo", supplierContactNoInput.Text);
                        cmd1.Parameters.AddWithValue("@inventoryDetails", inventoryDetailsInput.Text);
                        cmd1.Parameters.AddWithValue("@criticalQuantity", criticalQuantityInput.Value);
                        MySqlDataReader MyReader1 = cmd1.ExecuteReader();

                        MessageBox.Show("Record Saved", "Records");
                        adminForm admin_form = new adminForm();
                        this.Hide();
                        admin_form.setCurrentUser(user);
                        admin_form.ShowDialog();
                        this.Close();
                    }
                    MyConn.Close();
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }
        }
        private void loginButton_Click(object sender, EventArgs e)
        {
            String id  = this.idInput.Text;
            String pwd = this.pwdInput.Text;

            if (this.idInput.Text == "" || this.pwdInput.Text == "")
            {
                MessageBox.Show("There is a blank input", "Login Error");
            }
            else
            {
                loginAttemptCount++;

                if (loginAttemptCount > 3)
                {
                    try
                    {
                        string          Conn   = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                        string          Query  = "UPDATE users SET userStatus = @userStatus WHERE userID = @userID AND userType = 'OIC'";
                        MySqlConnection MyConn = new MySqlConnection(Conn);
                        MySqlCommand    cmd    = new MySqlCommand(Query, MyConn);
                        cmd.Parameters.AddWithValue("@userStatus", "Locked");
                        cmd.Parameters.AddWithValue("@userID", this.idInput.Text);

                        MyConn.Open();
                        MySqlDataReader MyReader = cmd.ExecuteReader();
                        MessageBox.Show("You failed to login three times, so this ID is locked now. \nPlease, contact the system administrator.", "Login Error");
                        lockedAccountForm locked_account_form = new lockedAccountForm();
                        this.Hide();
                        locked_account_form.ShowDialog();
                        MyConn.Close();
                        this.Close();
                    }
                    catch (Exception ex)
                    {
                        MessageBox.Show(ex.Message);
                    }
                }
                else
                {
                    try
                    {
                        string          Conn         = "datasource=localhost;port=3306;username=root;password=;database=medisupply;sslMode=none";
                        string          Query        = "SELECT * FROM users WHERE userID = @userID";
                        MySqlConnection MyConn       = new MySqlConnection(Conn);
                        MySqlCommand    cmd          = new MySqlCommand(Query, MyConn);
                        string          hash_MD5_pwd = MD5Hash(this.pwdInput.Text);
                        cmd.Parameters.AddWithValue("@userID", this.idInput.Text);
                        MyConn.Open();
                        MySqlDataReader MyReader = cmd.ExecuteReader();


                        if (MyReader.Read())
                        {
                            string userRealID   = MyReader.GetString("userID");
                            string userRealPwd  = MyReader.GetString("userPwd");
                            string userRealName = MyReader.GetString("userName");
                            string userStatus   = MyReader.GetString("userStatus");
                            string userType     = MyReader.GetString("userType");

                            if (userStatus == "Locked" || userStatus == "locked")
                            {
                                MessageBox.Show("Your account is locked! Contact the system administrator, please.", "Login Error");
                            }
                            else
                            {
                                if (this.idInput.Text == userRealID && hash_MD5_pwd == userRealPwd && userType == "Admin")
                                {
                                    adminForm admin_form = new adminForm();
                                    this.Hide();
                                    admin_form.setCurrentUser(userRealName);
                                    admin_form.setUserID(userRealID);
                                    admin_form.ShowDialog();
                                    this.Close();
                                }
                                else if (this.idInput.Text == userRealID && hash_MD5_pwd == userRealPwd && userType == "OIC")
                                {
                                    OICForm oic_form = new OICForm();
                                    this.Hide();
                                    oic_form.setCurrentUser(userRealName);
                                    oic_form.setUserID(userRealID);
                                    oic_form.ShowDialog();
                                    this.Close();
                                }
                                else
                                {
                                    MessageBox.Show("Your ID or password is incorrect!", "Login Error");
                                }
                            }
                        }
                        else
                        {
                            MessageBox.Show("This ID does not exist!", "Login Error");
                        }
                    }
                    catch (Exception ex)
                    {
                        MessageBox.Show(ex.Message);
                    }
                }
            }
        }