public ViewStatus(User user1)
{
InitializeComponent();
user = user1;
DataTable dt = user1.viewStatus(user,user.UserId);
dataGridView1.DataSource = dt;
}
//use get and setter properties to access from the outside of the class!!!
/// <summary>
/// using the db,
/// </summary>
public User login(string userName, string password)
{
//cheking if the userName is in the Db, and filling the User object
User user = new User();
Database.sqlCon.Open();
SqlCommand command = new SqlCommand("SELECT * FROM users WHERE userName='******' AND password='******'",Database.sqlCon);
//the userNaem is unique
SqlDataReader dataReader = command.ExecuteReader();
if (dataReader.HasRows)
{
while (dataReader.Read())
{
//getting user object
user.UserId = dataReader.GetInt32(0);
user.FirstName = dataReader.GetString(1);
user.LastName = dataReader.GetString(2);
user.PhoneNumber = dataReader.GetString(3);
user.UserName = dataReader.GetString(4);
user.Password = dataReader.GetString(5);
user.Status = dataReader.GetInt32(6);
}
}
else
{
MessageBox.Show("ERROR: Wrong userName or Password");
user = null;
}
Database.sqlCon.Close();
return user;
}
public NewCommand(ClientController clientController,User user)
{
InitializeComponent();
this.clientController = clientController;
this.user = user;
init();
}
static void Main()
{
//this objects are always there doesen't matter if there is a client or an admin
//Database database = new Database();
Database.connect();
User user=new User();
AuthentficationController authController=new AuthentficationController();
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
Application.Run(new Login(user, authController));
}
private void btn_accept_Click(object sender, EventArgs e)
{
User userm = new User();
userm.FirstName = txtb_first_name.Text;
userm.LastName = txtb_last_name.Text;
userm.PhoneNumber = txtb_telephone.Text;
userm.UserName = txtb_username.Text;
userm.Status = 0;
userm.Password = txt_new_password.Text;
if (txtb_old_password.Text == user.Password.Trim())
{
if (txt_new_password.Text == txtb_confirm_password.Text)
{
user.updateUserInDb(userm, user.UserId);
MessageBox.Show("Update succesfull");
}
else
MessageBox.Show("The passwords don't match");
}
else
MessageBox.Show("The old password is incorect (15 characters)");
}
private void btnLogin_Click(object sender, EventArgs e)
{
//Login into the application
user = authController.login(txtUserName.Text, txtPassword.Text);
if (user != null)
{
if (user.Status == 0)
{
ClientController clientController = new ClientController();
Main main=new Main(clientController,user);
main.Show(this);
main.FormClosed += new FormClosedEventHandler(adminMain_FormClosed);
this.Hide();
}
else
{
AdminController adminController = new AdminController();
AdminMain adminMain = new AdminMain(adminController);
adminMain.Show(this);
adminMain.FormClosed += new FormClosedEventHandler(adminMain_FormClosed);
this.Hide();
}
}
}
public Login(User user, AuthentficationController authController)
{
InitializeComponent();
this.user = user;
this.authController = authController;
}
public void updateUserInDb(User user, int userId)
{
// updating a user
Database.sqlCon.Open();
SqlCommand cmd = new SqlCommand("UPDATE users SET firstName=@firstName, lastName=@lastName, phoneNumber=@phoneNumber ,userName=@userName, password=@password WHERE userId=@userId", Database.sqlCon);
try
{
cmd.Parameters.Add("@firstName", SqlDbType.NChar).Value = user.FirstName;
cmd.Parameters.Add("@lastName", SqlDbType.NChar).Value = user.LastName;
cmd.Parameters.Add("@phoneNumber", SqlDbType.NChar).Value = user.PhoneNumber;
cmd.Parameters.Add("@userName", SqlDbType.NChar).Value = user.UserName;
cmd.Parameters.Add("@password", SqlDbType.NChar).Value = user.Password;
cmd.Parameters.Add("@userId", SqlDbType.Int).Value = userId;
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
Database.sqlCon.Close();
}
public DataTable viewStatus(User user,int userId)
{
Database.sqlCon.Open();
DataTable dt = new DataTable();
SqlDataAdapter sda = new SqlDataAdapter("SELECT commandId,startTime,commandPrice,commandStatus,users.userName FROM commands JOIN users ON commands.customerId=users.userId WHERE commands.customerId=users.userId", Database.sqlCon);
SqlCommand sqc = new SqlCommand("SELECT commandId,startTime,commandPrice,commandStatus,users.userName FROM commands JOIN users ON commands.customerId=users.userId WHERE customerId=@userId", Database.sqlCon);
try
{
sqc.Parameters.Add("@userId", SqlDbType.Int).Value = userId;
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
sda.SelectCommand = sqc;
sda.Fill(dt);
Database.sqlCon.Close();
return dt;
}
public EditProfile(User user)
{
InitializeComponent();
this.user = user;
}
public Main(ClientController clientController, User user)
{
InitializeComponent();
this.clientController = clientController;
this.user = user;
}
