private void btnDoctor_Click(object sender, EventArgs e)
{
FormDoctor formDoctor = new FormDoctor(conn, userID, firstName, lastName, userType);
formDoctor.Show();
this.Close();
}
} // Action[Click]: btnClear
private void btnLogIn_Click(object sender, EventArgs e)
{
bool isValid = true;
if (textUsername.Text.Trim().Equals(""))
{
MetroMessageBox.Show(this, "Please enter a valid username!");
isValid = false;
}
else if (textPassword.Text.Trim().Equals(""))
{
MetroMessageBox.Show(this, "Please enter a valid password!");
isValid = false;
}
if (isValid)
{
string sql = "SELECT strLastName, strFirstName, strStaffID, strPositionCode " +
"FROM tblStaff " +
"WHERE strUserName = @userName AND strPassword = @password AND boolIsActive;";
try
{
int resultCount = 0;
MySqlCommand cmd = new MySqlCommand(sql, conn);
/* Prepare statements */
cmd.Parameters.AddWithValue("@userName", textUsername.Text.Trim());
cmd.Parameters.AddWithValue("@password", textPassword.Text.Trim());
cmd.Prepare();
reader = cmd.ExecuteReader();
while (reader.Read())
{
firstName = reader.GetString("strFirstName");
lastName = reader.GetString("strLastName");
userID = reader.GetString("strStaffID");
userPosition = reader.GetString("strPositionCode");
resultCount++;
}
reader.Close();
if (resultCount == 1)
{
sql = "SELECT strPositionDescription " +
"FROM tblPositionDetails " +
"WHERE strPositionCode = @posCode;";
cmd = new MySqlCommand(sql, conn);
/* Prepare statements */
cmd.Parameters.AddWithValue("@posCode", userPosition);
cmd.Prepare();
reader = cmd.ExecuteReader();
while (reader.Read())
{
userType = reader.GetString("strPositionDescription");
}
reader.Close();
if (userPosition.Equals("FRONTDESK") || userPosition.Equals("DOCT") || userPosition.Equals("ADMIN"))
{
string loginID = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString() + DateTime.Now.Hour.ToString() +
DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString() + "";
sql = "INSERT INTO tblLogIn(strLogInCode, strStaffID, dtmDateTimeLogged, strDoctStatus) ";
if (userPosition.Equals("DOCT"))
{
sql += "VALUES(@loginID, @userID, NOW(), 'ON');";
}
else
{
sql += "VALUES(@loginID, @userID, NOW(), 'OFF');";
}
cmd = new MySqlCommand();
cmd.Connection = conn;
cmd.CommandText = sql;
/* Prepare statements */
cmd.Parameters.AddWithValue("@loginID", loginID);
cmd.Parameters.AddWithValue("@userID", userID);
cmd.Prepare();
/* Update time in and time out */
cmd.ExecuteNonQuery();
if (userPosition.Equals("FRONTDESK"))
{
FormStaff formStaff = new FormStaff(conn, userID, firstName, lastName, userType);
formStaff.Show();
this.Close();
}
else if (userPosition.Equals("DOCT"))
{
FormDoctor formDoctor = new FormDoctor(conn, userID, firstName, lastName, userType);
formDoctor.Show();
this.Close();
}
else
{
FormSelection formSelect = new FormSelection(conn, userID, firstName, lastName, userType);
formSelect.Show();
this.Close();
}
}
else
{
Integrity.ShowInvalidTypeDialog();
}
}
else if (resultCount >= 2)
{
Integrity.ShowDuplicateDialog();
}
else
{
MetroMessageBox.Show(this,
"Invalid Username / Password!",
"Access Denied",
MessageBoxButtons.OK,
MessageBoxIcon.Error);
}
}
catch (MySqlException me)
{
Integrity.GetExceptionDetails(me);
}
}
} // Action[Click]: btnLogIn