private void buttonChangePassword_Click(object sender, EventArgs e)
{
// check if new password was not left blank
if (string.IsNullOrWhiteSpace(textBoxNewPassword.Text))
{
errorProvider.SetError(textBoxNewPasswordConfirmed, "New password must not be left blank!");
}
// check if new password and new password confirmed match
else if (textBoxNewPassword.Text == textBoxNewPasswordConfirmed.Text)
{
string errorMessage = LoginValidation.CheckPasswordStrength(textBoxNewPassword.Text);
// check if password meets characteristics
if (string.IsNullOrWhiteSpace(errorMessage))
{
// check if current password is correct
if (LoginValidation.ValidateCredentials(Main.mainApplication.employeeEmail, textBoxCurrentPassword.Text).passwordValid)
{
// change password
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(DatabaseQueries.UpdateRecord(DatabaseQueries.UPDATE_EMPLOYEE_PASSWORD, LoginValidation.HashPassword(textBoxNewPassword.Text), DatabaseQueries.EMPLOYEE_WHERE_EMAIL, Main.mainApplication.employeeEmail));
// display message box to notify user
MessageBox.Show("Password changed successfully.", "Password Change Confirmation");
// and go back to previous page
Main.mainApplication.GoBackPage();
}
else
{
errorProvider.SetError(textBoxCurrentPassword, "Password incorrect!");
}
}
else
{
errorProvider.SetError(textBoxNewPassword, errorMessage);
}
}
else
{
errorProvider.SetError(textBoxNewPasswordConfirmed, "Passwords do not match!");
}
}
private void buttonResetPassword_Click(object sender, EventArgs e)
{
// change employee's password to their primary phone number
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(DatabaseQueries.UpdateRecord(DatabaseQueries.UPDATE_EMPLOYEE_PASSWORD, LoginValidation.HashPassword(DatabaseManagement.GetInstanceOfDatabaseConnection().GetSingleAttribute(DatabaseQueries.GetRecord(DatabaseQueries.EMPLOYEE_PHONE_NUMBER, DatabaseQueries.EMPLOYEE_WHERE_EMAIL, employeeEmail))), DatabaseQueries.EMPLOYEE_WHERE_EMAIL, employeeEmail));
// display confirmation message
MessageBox.Show("Password successfully reset to employee's phone number.", "Password Reset Confirmation");
}
private void buttonSave_Click(object sender, EventArgs e)
{
// store content of text boxes in an array
employeeDetails = new string[] { comboBoxTitle.SelectedItem.ToString(), textBoxFirstName.Text, textBoxMiddleNames.Text, textBoxLastName.Text, textBoxPhoneNumber.Text.ToString(), textBoxWorkNumber.Text.ToString(), textBoxEmailAddress.Text };
// store updated email address for later use
string newEmployeeEmail = employeeDetails[6];
// convert selected permission level to string for easier manipulation when updating records
string adminRights;
if (comboBoxAdminRights.SelectedIndex == 0)
{
adminRights = "1";
}
else
{
adminRights = "0";
}
// if administrator is managing other employees and has access to advanced settings, update them first, then continue updating the rest of details
if (isAdminManaging)
{
// if job title has been left empty, display an error message
if (string.IsNullOrEmpty(textBoxJobTitle.Text))
{
MessageBox.Show("Job title is a required field. Please fill in.", "Error Message", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
// update employee's job title and permission level
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(DatabaseQueries.UpdateRecord(DatabaseQueries.UPDATE_EMPLOYEE_ROLE, new string[] { textBoxJobTitle.Text, adminRights }, DatabaseQueries.EMPLOYEE_WHERE_EMAIL, employeeEmail));
}
// if title was not selected, update it to null
if (comboBoxTitle.SelectedItem.ToString() == "None")
{
employeeDetails[0] = null;
}
// loop through all employee's details except title which was already validated
for (int i = 1; i < employeeDetails.Length; i++)
{
// check if required fields were not left blank
if (string.IsNullOrEmpty(employeeDetails[i]))
{
// except middle name and work phone number that are allowed to be null
if (i == 2 || i == 5)
{
// in case the text box contains an empty space, set value manually to null
employeeDetails[i] = null;
}
else
{
// else return error message
MessageBox.Show("Fields marked with asterisk are required.", "Error Message", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
}
}
// check if the email address was changed
if (employeeEmail != newEmployeeEmail)
{
// check if email address matches required format, else return error message
if (string.IsNullOrEmpty(LoginValidation.ValidateEmail(newEmployeeEmail)))
{
// check if email address is not used by someone else
if (!string.IsNullOrEmpty(DatabaseManagement.GetInstanceOfDatabaseConnection().GetSingleAttribute(DatabaseQueries.GetRecord(DatabaseQueries.EMPLOYEE_NAME, DatabaseQueries.EMPLOYEE_WHERE_EMAIL, newEmployeeEmail))))
{
MessageBox.Show("Email address already taken.", "Error Message", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
}
else
{
MessageBox.Show("Email address does not have valid format.", "Error Message", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
}
// if employee has not been selected, create a new account
if (string.IsNullOrEmpty(employeeEmail))
{
AddNewAccount(newEmployeeEmail, adminRights);
MessageBox.Show("New account created successfully!", "New Account Confirmation");
Main.mainApplication.OpenPage(new UserControlEmployees());
return;
}
// update the rest of employee's details with specified email address using attributes retrieved from text fields
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(DatabaseQueries.UpdateRecord(DatabaseQueries.UPDATE_EMPLOYEE_DETAILS, employeeDetails, DatabaseQueries.EMPLOYEE_WHERE_EMAIL, employeeEmail));
// if admin is updating own account
if (!isAdminManaging || Main.mainApplication.employeeEmail == employeeEmail)
{
// if email address was updated for current user, change the email address of logged in employee
if (Main.mainApplication.employeeEmail != employeeEmail)
{
Main.mainApplication.employeeEmail = newEmployeeEmail;
}
// update name on main form
Main.mainApplication.UpdateStatus();
// update current page
Main.mainApplication.RefreshPage();
}
// display message box
MessageBox.Show("All settings were saved successfully.", "Settings Saved");
// go back to previous page
Main.mainApplication.GoBackPage();
}
private void AddNewAccount(string newAccountEmail, string adminRights)
{
// insert employee into the table of users first
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(string.Format(DatabaseQueries.INSERT_EMPLOYEE, employeeDetails));
// insert employee into the table of employees and link it using the user id from previous query (password belongs employee's phone number)
DatabaseManagement.GetInstanceOfDatabaseConnection().UpdateRecord(string.Format(DatabaseQueries.INSERT_EMPLOYEE_ROLE, new string[] { newAccountEmail, textBoxJobTitle.Text, LoginValidation.HashPassword(textBoxPhoneNumber.Text), adminRights }));
}
private void buttonLogIn_Click(object sender, EventArgs e)
{
// store employees email for later use
string employeeEmail = comboBoxEmail.Text;
// validate email and store any error messages received
string errorMessage = LoginValidation.ValidateEmail(comboBoxEmail.Text);
// if error message returned, turn the flag on
if (!string.IsNullOrWhiteSpace(errorMessage))
{
errorProvider.SetError(comboBoxEmail, errorMessage);
return;
}
// check if password was not left blank before continuing
if (string.IsNullOrWhiteSpace(textBoxPassword.Text))
{
errorProvider.SetError(textBoxPassword, "Password must not be left blank!");
return;
}
// store results of validation as boolean values (bool emailValid, bool passwordValid)
var(emailValid, passwordValid) = LoginValidation.ValidateCredentials(employeeEmail, textBoxPassword.Text);
// if both email and password are valid, continue to main application
if (emailValid && passwordValid)
{
// add logon entry to log file
FileWriter.WriteLog("login");
// if email address already occurs in the log file, delete it
FileWriter.DeleteLine(MAIL_LOG_FILE, FileWriter.ContainsLine(MAIL_LOG_FILE, employeeEmail));
// insert email address at the beginning of the file
FileWriter.InsertAtBeginning(MAIL_LOG_FILE, employeeEmail);
// hide current form
this.Hide();
// create main form and open it
using (Main MainApplication = new Main(employeeEmail))
MainApplication.ShowDialog();
// once main application closes, add logoff entry to event file
FileWriter.WriteLog("logout");
// open login page again
this.Show();
// load default settings of the login page
LoadDefaultSettings();
}
// else if email incorrect
else if (!emailValid)
{
errorProvider.SetError(comboBoxEmail, "Email address incorrect!");
}
// else if password incorrect
else if (!passwordValid)
{
errorProvider.SetError(textBoxPassword, "Password incorrect!");
}
// in case of any inexpected errors
else
{
FileWriter.WriteLog("login validation error");
MessageBox.Show("Please report this error to your manager.", "Unexpected Error");
}
}