private void btnLogin_Click(object sender, EventArgs e)
{
try
{
OleDbCommand checkReset = new OleDbCommand("SELECT Reset FROM Login WHERE UserID = '" + @currentUser + "'", connLogin); //check the reset on button button click (We check this on the application start but also when the button is clicked)
bool userReset = (bool)checkReset.ExecuteScalar();
if (userReset)
{
PasswordReset pwForm = new PasswordReset(connLogin, currentUser);
pwForm.Owner = this;
pwForm.Show();
}
else
{
OleDbCommand checkPWCommand = new OleDbCommand("SELECT Password FROM login WHERE UserID='" + @currentUser + "'", connLogin); //Query to pull the password from the database
string dbPass = (string)checkPWCommand.ExecuteScalar(); //Command that pulls the password from the DB and then converts it to a string
PasswordHasher verifyPassword = new PasswordHasher(); //Create a new passwordhasher object
int verified = verifyPassword.passwordHashCompare(dbPass, txtPass.Text); //Send the database password and the user's password from the txt box to be compared and verfied through salted encryption. Convert the response to an integer.
if (verified == 1) //If the integer returned is = to 1, password is good and the main application will load.
{
Hide();
new GateKeeper().Show();
var addToday = DateTime.Now.ToString("MM/dd/yyyy"); //We're going to add todays date and time to the last login column in the following
OleDbCommand updateLastLogin = new OleDbCommand("UPDATE Accounts SET [LastLogin] = '" + @addToday + "' WHERE [UserID] = '" + @currentUser + "'", connLogin);
updateLastLogin.ExecuteScalar();
//ALWAYS CLOSE AND DISPOSE ;)
connLogin.Close();
connLogin.Dispose();
}
else
{
MessageBox.Show("Invalid username or password", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
catch (Exception ex)
{
throw new Exception("There was an error Logging in: ", ex);
}
}
private void SignIn_Load(object sender, EventArgs e)
{
try
{
connLogin = new OleDbConnection(connLoginString); //Make a connection to the database using the connection string
connLogin.Open(); //Open the new connection
}
catch (Exception ex)
{
throw new ApplicationException("Could not open database connection: ", ex);
}
txtPass.MaxLength = 12; //Set the maximum input for the password box
txtPass.PasswordChar = '*'; //Hide the user's password with *
currentUser = Environment.UserName; //Pull the user's windows login ID
try
{
OleDbCommand check_User_Name = new OleDbCommand("SELECT COUNT(*) FROM Accounts WHERE (UserID ='" + @currentUser + "')", connLogin); //Check to see if the user's ID is in the database by pulling the count
int UserExist = (int)check_User_Name.ExecuteScalar(); //Run the sql and convert the query results into an int
if (UserExist == 1) //If the query we ran is = 1, user exists, enter their name into the user text box
{
txtUser.Text = Environment.UserName;
}
else
{
MessageBox.Show("Your user does not exist within the database.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
}
catch (Exception ex)
{
throw new ApplicationException("There was an issue checking your username in the database: ", ex);
}
try
{
OleDbCommand checkReset = new OleDbCommand("SELECT Reset FROM Login WHERE UserID = '" + currentUser + "'", connLogin); //Query to check and see if the user needs a password reset
bool userReset = (bool)checkReset.ExecuteScalar();
if (userReset) //if the user does need a reset, this will load the reset form
{
PasswordReset pwForm = new PasswordReset(connLogin, currentUser);
pwForm.Owner = this;
pwForm.Show();
}
PasswordVerifier pwResetCheck = new PasswordVerifier(); //make a new password verifier object
bool verifiedPW = pwResetCheck.ExpirationReset(connLogin, currentUser, out errorMessage); //Pass the connection, current user and take back any error message
if (verifiedPW && errorMessage != null) //if the error message does not come back as null, shows the warning.
{
MessageBox.Show(errorMessage, "Warning", MessageBoxButtons.OK, MessageBoxIcon.Warning);
Show();
}
else if (!verifiedPW) //if verified password comes back false, show the error and make user reset password
{
DialogResult resultOK = MessageBox.Show(errorMessage, "Password has expired", MessageBoxButtons.OK, MessageBoxIcon.Error);
if (resultOK == DialogResult.OK)
{
PasswordReset pwForm = new PasswordReset(connLogin, currentUser); //pass login and user variables to the password form
pwForm.Owner = this; //bring the password form up front by making it the owner.
pwForm.Show();
}
}
}
catch (Exception ex)
{
throw new ApplicationException("Application encountered an error while attempting to extract the password reset information from database: ", ex);
}
}
