} // Action[Click]: btnClear private void btnSubmit_Click(object sender, EventArgs e) { DialogResult dr = MessageBox.Show("Are you sure you want to register this patient?", "Confirm", MessageBoxButtons.YesNo, MessageBoxIcon.Question); if (dr.Equals(DialogResult.Yes)) { if (this.CheckEntries()) { try { string sql = "SELECT * " + "FROM tblPatient " + "WHERE boolIsActive AND ((strIDNumber = @strIDNumber) OR " + "(strPatientLastName = @strPatLastName AND " + "strPatientFirstName = @strPatFirstName AND " + "strPatientMiddleName = @strPatMiddleName));"; MySqlCommand cmd = new MySqlCommand(sql, conn); cmd.Parameters.AddWithValue("@strIDNumber", textPatID.Text.Trim()); cmd.Parameters.AddWithValue("@strPatLastName", textLastName.Text.Trim()); cmd.Parameters.AddWithValue("@strPatFirstName", textFirstName.Text.Trim()); cmd.Parameters.AddWithValue("@strPatMiddleName", textMiddleName.Text.Trim()); MySqlDataReader readerCheck = cmd.ExecuteReader(); int readCount = 0; while (readerCheck.Read()) { readCount++; } readerCheck.Close(); if (readCount >= 1) { Integrity.ShowDuplicateDialog(); } else { sql = "INSERT INTO tblGuardian(strGuardianID, strLastName, strFirstName, strMiddleName, " + "strContact, strRelation) " + "VALUES(@strGuardID, @strLastName, @strFirstName, " + "@strMiddleName, @strContactNumber, @strRelation);"; cmd = new MySqlCommand(sql, conn); if (isPrime) { cmd.Parameters.AddWithValue("@strGuardID", textPatID.Text.Trim() + "-GUARD"); } else { cmd.Parameters.AddWithValue("@strGuardID", lblPatIDVal.Text.Trim() + "-GUARD"); } cmd.Parameters.AddWithValue("@strLastName", textGuardLastName.Text.Trim()); cmd.Parameters.AddWithValue("@strFirstName", textGuardFirstName.Text.Trim()); cmd.Parameters.AddWithValue("@strMiddleName", textGuardMiddleName.Text.Trim()); cmd.Parameters.AddWithValue("@strContactNumber", "+639" + textGuardContactNumber.Text.Trim()); cmd.Parameters.AddWithValue("@strRelation", textRelation.Text.Trim()); cmd.Prepare(); cmd.ExecuteNonQuery(); /* Insert values to tblPatient */ sql = "INSERT INTO tblPatient(strPatientID, strIDNumber, strPatientLastName, strPatientFirstName, " + "strPatientMiddleName, strPatientContactNumber, dtmDateOfBirth, strGender, " + "strGuardianID, boolIsActive) " + "VALUES(@strPatientID, @strIDNumber, @strLastName, " + "@strFirstName, @strMiddleName, @strPatientContactNumber, " + "@dtmDateOfBirth, @strGender, " + "@strGuardianID, true);"; cmd = new MySqlCommand(sql, conn); if (isPrime) { cmd.Parameters.AddWithValue("@strPatientID", textPatID.Text.Trim()); cmd.Parameters.AddWithValue("@strGuardianID", textPatID.Text.Trim() + "-GUARD"); } else { cmd.Parameters.AddWithValue("@strPatientID", lblPatIDVal.Text.Trim()); cmd.Parameters.AddWithValue("@strGuardianID", lblPatIDVal.Text.Trim() + "-GUARD"); } cmd.Parameters.AddWithValue("@strIDNumber", textPatNumber.Text.Trim()); cmd.Parameters.AddWithValue("@strLastName", textLastName.Text.Trim()); cmd.Parameters.AddWithValue("@strFirstName", textFirstName.Text.Trim()); cmd.Parameters.AddWithValue("@strMiddleName", textMiddleName.Text.Trim()); cmd.Parameters.AddWithValue("@strPatientContactNumber", "+639" + textContactNumber.Text.Trim()); cmd.Parameters.AddWithValue("@dtmDateOfBirth", dtpBirthday.Value.ToString("yyyy-MM-dd")); cmd.Parameters.AddWithValue("@strGender", genderCode); cmd.Prepare(); cmd.ExecuteNonQuery(); sql = "INSERT INTO tblHomeAddress(strPatientID, strHomeAddress, strRegion, strProvince, strCity) " + "VALUES(@strPatientID, @strHomeAddress, @regionCode, @provCode, @cityCode);"; cmd = new MySqlCommand(sql, conn); if (isPrime) { cmd.Parameters.AddWithValue("@strPatientID", textPatID.Text.Trim()); } else { cmd.Parameters.AddWithValue("@strPatientID", lblPatIDVal.Text.Trim()); } cmd.Parameters.AddWithValue("@strHomeAddress", textHomeAddress.Text.Trim()); cmd.Parameters.AddWithValue("@regionCode", cboRegion.GetItemText(cboRegion.SelectedItem).Trim()); cmd.Parameters.AddWithValue("@provCode", textProvince.Text.Trim()); cmd.Parameters.AddWithValue("@cityCode", textCity.Text.Trim()); cmd.Prepare(); cmd.ExecuteNonQuery(); if (isPrime) { sql = "INSERT INTO tblRegistration " + "VALUES('" + TimeHandler.GetCurrentDateTime() + "-REG" + "', '" + userID + "', " + "'" + textPatID.Text.Trim() + "', NOW());"; } else { sql = "INSERT INTO tblRegistration " + "VALUES('" + TimeHandler.GetCurrentDateTime() + "-REG" + "', '" + userID + "', " + "'" + lblPatIDVal.Text.Trim() + "', NOW());"; } try { cmd = new MySqlCommand(sql, conn); cmd.ExecuteNonQuery(); } catch (MySqlException me) { Integrity.GetExceptionDetails(me); } catch (Exception ex) { Integrity.GetExceptionDetails(ex); } string collegeCode = ""; string courseCode = ""; string profDCode = ""; string deptCode = ""; string typeCode = ""; string typeDesc = ""; if (cboPatType.SelectedIndex == 0) { /* Get College Code */ sql = "SELECT strCollegeCode " + "FROM tblCollege " + "WHERE strCollegeDesc = @strCollegeDescription " + "LIMIT 1;"; cmd = new MySqlCommand(sql, conn); cmd.Parameters.AddWithValue("@strCollegeDescription", cboCollege.GetItemText(cboCollege.SelectedItem)); cmd.Prepare(); MySqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { collegeCode = reader.GetString("strCollegeCode"); } reader.Close(); /* Get Course Code */ sql = "SELECT strCourseCode " + "FROM tblCourse " + "WHERE strCourseDesc = @strCourseDescription " + "LIMIT 1;"; cmd = new MySqlCommand(sql, conn); cmd.Parameters.AddWithValue("@strCourseDescription", cboCourse.GetItemText(cboCourse.SelectedItem)); cmd.Prepare(); reader = cmd.ExecuteReader(); while (reader.Read()) { courseCode = reader.GetString("strCourseCode"); } reader.Close(); profDCode = "NA"; deptCode = "NA"; typeCode = "STUD"; typeDesc = "Student"; } else if (cboPatType.SelectedIndex == 1) { /* Get College Code */ sql = "SELECT strCollegeCode " + "FROM tblCollege " + "WHERE strCollegeDesc = @strCollegeDescription " + "LIMIT 1;"; cmd = new MySqlCommand(sql, conn); cmd.Parameters.AddWithValue("@strCollegeDescription", cboCollege.GetItemText(cboCollege.SelectedItem)); cmd.Prepare(); MySqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { collegeCode = reader.GetString("strCollegeCode"); } reader.Close(); /* Get Course Code */ sql = "SELECT strDeptCode " + "FROM tblDepartment " + "WHERE strDeptDesc = @strDeptDescription " + "LIMIT 1;"; cmd = new MySqlCommand(sql, conn); cmd.Parameters.AddWithValue("@strDeptDescription", cboCourse.GetItemText(cboCourse.SelectedItem)); cmd.Prepare(); reader = cmd.ExecuteReader(); while (reader.Read()) { profDCode = reader.GetString("strDeptCode"); } reader.Close(); courseCode = "NA"; deptCode = "NA"; typeCode = "PROF"; typeDesc = "Professor"; } else { sql = "SELECT strStaffDeptCode " + "FROM tblStaffDepartment " + "WHERE strDesc = @desc " + "LIMIT 1;"; cmd = new MySqlCommand(sql, conn); cmd.Parameters.AddWithValue("@desc", cboCourse.GetItemText(cboCourse.SelectedItem)); cmd.Prepare(); MySqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { deptCode = reader.GetString("strStaffDeptCode"); } reader.Close(); courseCode = "NA"; collegeCode = "NA"; profDCode = "NA"; typeCode = "STAFF"; typeDesc = "Staff"; } sql = "INSERT INTO tblPatientType(strPatientID, strTypeCode, strTypeDesc, " + "strCollegeCode, strCourseCode, strDeptCode, " + "strStaffDeptCode) " + "VALUES(@patientID, @typeCode, @typeDesc, " + "@college, @course, @profD, " + "@staffD);"; cmd = new MySqlCommand(sql, conn); if (isPrime) { cmd.Parameters.AddWithValue("@patientID", textPatID.Text.Trim()); } else { cmd.Parameters.AddWithValue("@patientID", lblPatIDVal.Text.Trim()); } cmd.Parameters.AddWithValue("@typeCode", typeCode); cmd.Parameters.AddWithValue("@typeDesc", typeDesc); cmd.Parameters.AddWithValue("@college", collegeCode); cmd.Parameters.AddWithValue("@course", courseCode); cmd.Parameters.AddWithValue("@profD", profDCode); cmd.Parameters.AddWithValue("@staffD", deptCode); cmd.Prepare(); cmd.ExecuteNonQuery(); PrintDocument printDocument = new PrintDocument(); printDocument.PrintPage += new PrintPageEventHandler(printDocument1_PrintPage); printDocument.DocumentName = "Patient ID"; printDialog.Document = printDocument; if (printDialog.ShowDialog() == DialogResult.OK) { printDocument.Print(); } MessageBox.Show("Patient Successfully Registered!", "Success!", MessageBoxButtons.OK, MessageBoxIcon.Information); btnClear_Click(null, null); UpdatePatientID(); } } catch (MySqlException me) { Integrity.GetExceptionDetails(me); } catch (Exception ex) { Integrity.GetExceptionDetails(ex); } } } } // Action[Click]: btnSubmit
} // Action[Click]: btnClear private void btnLogIn_Click(object sender, EventArgs e) { bool isValid = true; if (textUsername.Text.Trim().Equals("")) { MetroMessageBox.Show(this, "Please enter a valid username!"); isValid = false; } else if (textPassword.Text.Trim().Equals("")) { MetroMessageBox.Show(this, "Please enter a valid password!"); isValid = false; } if (isValid) { string sql = "SELECT strLastName, strFirstName, strStaffID, strPositionCode " + "FROM tblStaff " + "WHERE strUserName = @userName AND strPassword = @password AND boolIsActive;"; try { int resultCount = 0; MySqlCommand cmd = new MySqlCommand(sql, conn); /* Prepare statements */ cmd.Parameters.AddWithValue("@userName", textUsername.Text.Trim()); cmd.Parameters.AddWithValue("@password", textPassword.Text.Trim()); cmd.Prepare(); reader = cmd.ExecuteReader(); while (reader.Read()) { firstName = reader.GetString("strFirstName"); lastName = reader.GetString("strLastName"); userID = reader.GetString("strStaffID"); userPosition = reader.GetString("strPositionCode"); resultCount++; } reader.Close(); if (resultCount == 1) { sql = "SELECT strPositionDescription " + "FROM tblPositionDetails " + "WHERE strPositionCode = @posCode;"; cmd = new MySqlCommand(sql, conn); /* Prepare statements */ cmd.Parameters.AddWithValue("@posCode", userPosition); cmd.Prepare(); reader = cmd.ExecuteReader(); while (reader.Read()) { userType = reader.GetString("strPositionDescription"); } reader.Close(); if (userPosition.Equals("FRONTDESK") || userPosition.Equals("DOCT") || userPosition.Equals("ADMIN")) { string loginID = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString() + DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString() + ""; sql = "INSERT INTO tblLogIn(strLogInCode, strStaffID, dtmDateTimeLogged, strDoctStatus) "; if (userPosition.Equals("DOCT")) { sql += "VALUES(@loginID, @userID, NOW(), 'ON');"; } else { sql += "VALUES(@loginID, @userID, NOW(), 'OFF');"; } cmd = new MySqlCommand(); cmd.Connection = conn; cmd.CommandText = sql; /* Prepare statements */ cmd.Parameters.AddWithValue("@loginID", loginID); cmd.Parameters.AddWithValue("@userID", userID); cmd.Prepare(); /* Update time in and time out */ cmd.ExecuteNonQuery(); if (userPosition.Equals("FRONTDESK")) { FormStaff formStaff = new FormStaff(conn, userID, firstName, lastName, userType); formStaff.Show(); this.Close(); } else if (userPosition.Equals("DOCT")) { FormDoctor formDoctor = new FormDoctor(conn, userID, firstName, lastName, userType); formDoctor.Show(); this.Close(); } else { FormSelection formSelect = new FormSelection(conn, userID, firstName, lastName, userType); formSelect.Show(); this.Close(); } } else { Integrity.ShowInvalidTypeDialog(); } } else if (resultCount >= 2) { Integrity.ShowDuplicateDialog(); } else { MetroMessageBox.Show(this, "Invalid Username / Password!", "Access Denied", MessageBoxButtons.OK, MessageBoxIcon.Error); } } catch (MySqlException me) { Integrity.GetExceptionDetails(me); } } } // Action[Click]: btnLogIn
private void btnRegister_Click(object sender, EventArgs e) { string report = "Please enter a valid "; string userType = ""; bool isCorrect = true; if (isFirst && textDocID.Text.Trim().Equals("")) { report += "User ID!"; isCorrect = false; } else if (textStaffLast.Text.Trim().Equals("")) { report += "Last Name!"; isCorrect = false; } else if (textDocFirst.Text.Trim().Equals("")) { report += "First Name!"; isCorrect = false; } else if (textDocMiddle.Text.Trim().Equals("")) { report += "Middle Name!"; isCorrect = false; } else if (textContact.Text.Trim().Equals("") || textContact.Text.Trim().Length < 9) { report += "Contact Number!"; isCorrect = false; } else if (textUsername.Text.Trim().Equals("")) { report += "Username!"; isCorrect = false; } else if (textPassword.Text.Trim().Equals("")) { report += "Password!"; isCorrect = false; } if (isCorrect) { if (cboUserType.SelectedIndex == 0) { userType = "FRONTDESK"; } else if (cboUserType.SelectedIndex == 1) { userType = "DOCT"; } else { userType = "ADMIN"; } try { int resultCounter = 0; string sql = "SELECT * " + "FROM tblStaff " + "WHERE (strStaffID = '" + textDocID.Text.Trim() + "') OR " + "(strFirstName = '" + textDocFirst.Text.Trim() + "' AND " + "strLastName = '" + textStaffLast.Text.Trim() + "' AND " + "strMiddleName = '" + textDocMiddle.Text.Trim() + "');"; MySqlCommand cmd = new MySqlCommand(sql, conn); MySqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { resultCounter++; } reader.Close(); if (resultCounter == 0) { sql = "INSERT INTO tblStaff(strStaffID, strLastName, strFirstName, strMiddleName, " + "strGender, strContactNumber, strUsername, strPassword, strPositionCode) " + "VALUES ('" + textDocID.Text.Trim() + "', " + "'" + textStaffLast.Text.Trim() + "', " + "'" + textDocFirst.Text.Trim() + "', " + "'" + textDocMiddle.Text.Trim() + "', " + "'" + cboGender.GetItemText(cboGender.SelectedItem) + "', " + "'+639" + textContact.Text.Trim() + "', " + "'" + textUsername.Text.Trim() + "', " + "'" + textPassword.Text.Trim() + "', " + "'" + userType + "');"; cmd = new MySqlCommand(sql, conn); cmd.ExecuteNonQuery(); MessageBox.Show("Staff successfully registered!", "Success", MessageBoxButtons.OK, MessageBoxIcon.Asterisk); btnClear_Click(null, null); } else { Integrity.ShowDuplicateDialog(); } } catch (MySqlException me) { Integrity.GetExceptionDetails(me); } catch (Exception ex) { Integrity.GetExceptionDetails(ex); } } else { MessageBox.Show(report, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } }