/// <summary>
/// Makes new user
/// </summary>
/// <param name="id">Id</param>
/// <param name="name">Username</param>
/// <param name="pwd">Password</param>
/// <param name="isAdmin">Is admin</param>
private void SaveNewUser(int id, string name, char[] pwd, bool isAdmin)
{
try
{
string query =
"INSERT INTO `user`(`id`, `username`, `password`, `isAdmin`) VALUES (@id,@name,@pwd,@isAdmin)";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
cmd.Parameters.AddWithValue("@id", id);
cmd.Parameters.AddWithValue("@name", name);
cmd.Parameters.AddWithValue("@pwd", new string(pwd));
cmd.Parameters.AddWithValue("@isAdmin", isAdmin);
cmd.Prepare();
cmd.ExecuteScalar();
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
/// <summary>
/// Search function / Gets called when text changed
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void SearchChanged(object sender, TextChangedEventArgs e)
{
try
{
UserTable.Items.Filter = filteredData =>
{
if (SearchBox.Text.Equals(""))
{
return(true);
}
if (SearchBox.Text.ToLower().Trim().Equals("admin") && filteredData is User uA && uA.IsAdmin)
{
return(true);
}
return(filteredData is User p && p.Name.ToString() == SearchBox.Text.Trim()
| (Convert.ToString(p.Name).ToLower().Contains(SearchBox.Text.ToLower())));
};
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
/// <summary>
/// Gets the amount of usernames
/// </summary>
/// <param name="name"></param>
/// <returns>Should be 1</returns>
private int GetUsernameCount(string name)
{
try
{
string query = "SELECT COUNT(id) FROM user WHERE username LIKE @name";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
cmd.Parameters.AddWithValue("@name", name);
cmd.Prepare();
object retVal = cmd.ExecuteScalar();
CloseConnection();
return(Convert.ToInt32(retVal));
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
return(0);
}
/// <summary>
/// Gets the usernames
/// </summary>
private void GetUsers()
{
try
{
const string query = "SELECT id,username,isAdmin FROM user";
CreateConnection();
_connection.Open();
MySqlCommand commandDatabase = new MySqlCommand(query, _connection)
{
CommandTimeout = 60
};
MySqlDataReader reader = commandDatabase.ExecuteReader();
if (reader.HasRows)
{
while (reader.Read())
{
string id = reader.GetString(0);
string userName = reader.GetString(1);
string isAdmin = reader.GetString(2);
_users.Add(new User(Convert.ToInt32(id), userName, Convert.ToBoolean(Convert.ToInt32(isAdmin))));
}
}
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
/// <summary>
/// Save edited user
/// </summary>
private void SaveNewUser(bool pwdChanged)
{
try
{
string query = pwdChanged ? "UPDATE user SET username=@username,password=@_pwd,isAdmin=@isAdmin WHERE id LIKE @id" : "UPDATE user SET username=@username,isAdmin=@isAdmin WHERE id LIKE @id";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
if (pwdChanged)
{
cmd.Parameters.AddWithValue("@_pwd", BCrypt.Net.BCrypt.HashPassword(new string(_pwd), BCrypt.Net.BCrypt.GenerateSalt()));
}
cmd.Parameters.AddWithValue("@isAdmin", _isAdmin);
cmd.Parameters.AddWithValue("@id", _id);
cmd.Parameters.AddWithValue("@username", _dbName);
cmd.Prepare();
cmd.ExecuteNonQuery();
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.Log("ERROR: " + ex.Message);
Buchhaltung.SaveErrorMsg(ex);
}
}
/// <summary>
/// Get user
/// </summary>
/// <param name="username"></param>
private void GetUser(string username)
{
try
{
const string query = "SELECT id,username,isAdmin FROM user WHERE username LIKE @name";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
cmd.Parameters.AddWithValue("@name", username);
cmd.Prepare();
MySqlDataReader reader = cmd.ExecuteReader();
if (reader.HasRows)
{
while (reader.Read())
{
_id = Convert.ToInt32(reader.GetString(0));
_dbName = reader.GetString(1);
_isAdmin = Convert.ToBoolean(Convert.ToInt32(reader.GetString(2)));
}
}
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}
/// <summary>
/// Check if username already exists
/// </summary>
/// <param name="newName">New username</param>
/// <returns>true / false</returns>
private bool CheckIfUserNameExists(string newName)
{
try
{
CreateConnection();
const string query = "SELECT COUNT(username) FROM user WHERE username LIKE @name";
CreateConnection();
_connection.Open();
MySqlCommand cmd = new MySqlCommand(query, _connection);
cmd.Parameters.AddWithValue("@name", newName);
cmd.Prepare();
object retVal = cmd.ExecuteScalar();
CloseConnection();
return(retVal.ToString().Equals("0") || _oldName == newName);
}
catch (Exception ex)
{
Buchhaltung.Log(ex.Message);
Buchhaltung.SaveErrorMsg(ex);
}
return(false);
}
/// <summary>
/// Removes the user
/// </summary>
/// <param name="name">Name to remove</param>
private void RemoveUser(string name)
{
try
{
string query = "DELETE FROM user WHERE username = '******'";
CreateConnection();
MySqlCommand commandDatabase = new MySqlCommand(query, _connection)
{
CommandTimeout = 60
};
_connection.Open();
commandDatabase.ExecuteNonQuery();
CloseConnection();
}
catch (Exception ex)
{
Buchhaltung.SaveErrorMsg(ex);
Buchhaltung.Log(ex.Message);
}
}