private bool verifyCredentials(string userID, string password) //Function to verify user information and return whether access is permitted or denied. { //Create database and user objects projectDB db = new projectDB(); user currentUser = new user(); //local variables int uid, rank = 0; string fname, lname, username, employmentStatus = null; bool verified = false; //************************************************encrypt password password = db.encrypt(password); //Try to find the user int the database. try { //See if username and password match on database string query = "SELECT employeeID FROM Employees WHERE username='******' AND userPass ='******';"; verified = db.getBool(query, true); if (verified) { //Set user information uid = Convert.ToInt32(db.getString("SELECT employeeID FROM Employees WHERE username = '******' AND userPass = '******'; ")); rank = Convert.ToInt32(db.getString("SELECT rank FROM Employees WHERE username = '******' AND userPass = '******'; ")); fname = db.getString("SELECT firstName FROM Employees WHERE username = '******' AND userPass = '******'; "); lname = db.getString("SELECT lastName FROM Employees WHERE username = '******' AND userPass = '******'; "); employmentStatus = db.getString("SELECT employeeStatus FROM Employees WHERE username = '******' AND userPass = '******'; "); username = txtEmpID.Text; currentUser.set(uid, rank, fname, lname, employmentStatus, username); //verify everything worked if (employmentStatus != "Active") { lblError.Visible = true; return(false); } //Proceed with login Main form = new Main(currentUser); form.Show(); this.Hide(); return(true); } } catch { return(false); } lblError.Visible = true; return(false); }
private void btnResetPw_Click(object sender, EventArgs e) { DialogResult result = MessageBox.Show("Are you sure you want to reset this users password?", "Confirmation", MessageBoxButtons.YesNo); if (result == DialogResult.Yes) { //get random number Random random = new Random(); int num = random.Next(1000, 1999); //Force user to create new password next time he logs in. string newpassword = "******" + num.ToString(); string encryptedPW = db.encrypt(newpassword); string query = "UPDATE Employees SET userPass ='******', isPassReset ='2' WHERE employeeID = " + selectedID + ";"; if (db.Update(query)) { MessageBox.Show("Password has been reset to a default password. The user will be prompted to change password at next login. New password is: " + newpassword); } else { MessageBox.Show("An error occurred while resetting the password. Contact technicial support."); } } }