private void изменитьToolStripMenuItem_Click(object sender, EventArgs e)
{
foreach (ListViewItem selectedItem in lv_user.SelectedItems)
{
DateTime ModifiedDate = (DateTime)selectedItem.Tag;
var formUpdate = new FormUser(FormUser.FormType.Update);
formUpdate.login = selectedItem.SubItems[0].Text;
string oldlogin = selectedItem.SubItems[0].Text;
formUpdate.password = selectedItem.SubItems[1].Text;
string oldpass = selectedItem.SubItems[1].Text;
formUpdate.date = ModifiedDate;
if (formUpdate.ShowDialog() == DialogResult.OK) //чтобы не мог переключаться между разными формами.
{
string log = formUpdate.login.Trim();
if (!unique(log) & formUpdate.login != oldlogin)
{
MessageBox.Show(@"Логин не уникальный! Измените логин!");
изменитьToolStripMenuItem_Click(sender, e);
}
else
{
if (empty(log, formUpdate.password))
{
изменитьToolStripMenuItem_Click(sender, e);
}
else
{
using (var sConn = new SqlConnection(_sConnStr))
{
sConn.Open();
if (formUpdate.password != oldpass) //поменяли пароль
{
var sCommandNew = new SqlCommand
{
Connection = sConn,
CommandText = @"UPDATE [dbo].[Пользователи]
SET [Login] = @newlogin
,[Salt] = @salt
,[Password] = @password
,[Статус] = @level
,[Date] = @date
WHERE Login = @oldLogin"
};
sCommandNew.Parameters.AddWithValue("@oldLogin", oldlogin);
sCommandNew.Parameters.AddWithValue("@newlogin", log);
string salt = GenSalt(32);
sCommandNew.Parameters.AddWithValue("@salt", salt);
string pass = hash(salt, formUpdate.password);
sCommandNew.Parameters.AddWithValue("@password", pass);
if (formUpdate.level == 0)
{
sCommandNew.Parameters.AddWithValue("@level", "Администратор");
selectedItem.SubItems[2].Text = "Администратор";
}
else
{
sCommandNew.Parameters.AddWithValue("@level", "Оператор");
selectedItem.SubItems[2].Text = "Оператор";
}
sCommandNew.Parameters.AddWithValue("@date", formUpdate.date);
sCommandNew.ExecuteNonQuery();
selectedItem.SubItems[0].Text = log;
selectedItem.SubItems[1].Text = pass;
}
else
{
var sCommandOld = new SqlCommand
{
Connection = sConn,
CommandText = @"UPDATE [dbo].[Пользователи]
SET [Login] = @newlogin
,[Статус] = @level
,[Date] = @date
WHERE Login = @oldLogin"
};
sCommandOld.Parameters.AddWithValue("@oldLogin", oldlogin);
sCommandOld.Parameters.AddWithValue("@newlogin", log);
if (formUpdate.level == 0)
{
sCommandOld.Parameters.AddWithValue("@level", "Администратор");
selectedItem.SubItems[2].Text = "Администратор";
}
else
{
sCommandOld.Parameters.AddWithValue("@level", "Оператор");
selectedItem.SubItems[2].Text = "Оператор";
}
sCommandOld.Parameters.AddWithValue("@password", oldpass);
sCommandOld.Parameters.AddWithValue("@date", formUpdate.date);
sCommandOld.ExecuteNonQuery();
selectedItem.SubItems[0].Text = log;
selectedItem.SubItems[1].Text = oldpass;
}
selectedItem.SubItems[3].Text = formUpdate.date.ToLongDateString();
}
}
}
}
}
}
private void добавитьToolStripMenuItem_Click(object sender, EventArgs e)
{
var formInsert = new FormUser(FormUser.FormType.Insert); //создаем экземпляр формы
if (formInsert.ShowDialog() == DialogResult.OK) //чтобы не мог переключаться между разными формами.
{
string log = formInsert.login.Trim();
if (!unique(log))
{
MessageBox.Show(@"Логин не уникальный! Измените логин!");
добавитьToolStripMenuItem_Click(sender, e);
}
else
{
if (empty(log, formInsert.password))
{
добавитьToolStripMenuItem_Click(sender, e);
}
else
{
using (var sConn = new SqlConnection(_sConnStr))
{
sConn.Open();
var sCommand1 = new SqlCommand
{
Connection = sConn,
CommandText = @"INSERT INTO [dbo].[Пользователи]
([Login],[Password], [Статус],[Date], [Salt])
VALUES
(@Login, @Password, @level, @Date, @salt)"
}; // в таблицу в SQL
sCommand1.Parameters.AddWithValue("@login", log);
string salt = GenSalt(32);
sCommand1.Parameters.AddWithValue("@salt", salt);
string pass = hash(salt, formInsert.password);
sCommand1.Parameters.AddWithValue("@password", pass);
sCommand1.Parameters.AddWithValue("@Date", formInsert.date);
if (formInsert.level == 0)
{
sCommand1.Parameters.AddWithValue("@level", "Администратор");
var lvi = new ListViewItem(new[]
{
log,
pass,
"Администратор",
formInsert.date.ToLongDateString(),
});
lvi.Tag = formInsert.date;
lv_user.Items.Add(lvi);
}
else
{
sCommand1.Parameters.AddWithValue("@level", "Оператор");
var lvi = new ListViewItem(new[]
{
log,
pass,
"Оператор",
formInsert.date.ToLongDateString(),
});
lvi.Tag = formInsert.date;
lv_user.Items.Add(lvi);
}
sCommand1.ExecuteNonQuery();
}
}
}
}
}