private void btnAuthen_Click(object sender, EventArgs e) { //Create database db = new Database(); //Check button state if (btnAuthen.Text == "Enable") { //Create unique code string uniqueCode = CreateRandomCode(10); //Create the time for the code DateTime datetimeCode = DateTime.Now; //Create query for database string query = "INSERT INTO unique_codes (user_id, code, time) VALUES (@userID, @code, @time)"; //Query database and add parameters db.NonQuery(query, p => { p.Add("@userID", DbType.Int32).Value = user.Id; p.Add("@code", DbType.String).Value = uniqueCode; p.Add("@time", DbType.DateTime).Value = datetimeCode; }); //Create email services emailServices = new EmailServices(); //Send the unique code to the user's email emailServices.SendEmail(lblEmail.Text, uniqueCode); //Show multi factor authentication form using (Form_MultiFactorAuthentication multiFactorAuthentication = new Form_MultiFactorAuthentication(uniqueCode, datetimeCode, true)) { //Check for result if (multiFactorAuthentication.ShowDialog() == DialogResult.OK) { //Change controls for multi factor authentication btnAuthen.Text = "Disable"; lblAuthen.Text = "Enable"; //Check if multi factor authentication has succesfully activated if (!multiFactorAuthentication.AuthEnable) { //Create query to delete the unique code query = "DELETE FROM unique_codes WHERE code = @code and user_id = @userID"; //Query the daabase db.NonQuery(query, p => { p.Add("@code", DbType.String).Value = uniqueCode; p.Add("@userID", DbType.Int32).Value = user.Id; }); //Create query to update user's multi factor authentication query = "UPDATE users SET two_factor_authentication = false WHERE ID = @userID"; //Query the database db.NonQuery(query, p => { p.Add("@userID", DbType.Int32).Value = user.Id; }); } else { //Query database to updated the time of the unique code query = "UPDATE unique_codes SET time = @time WHERE user_id = @userID "; //Deduction 10 minutes from the time datetimeCode = datetimeCode.AddMinutes(-10); //Query the database and add parameters db.NonQuery(query, p => { p.Add("@time", DbType.DateTime).Value = datetimeCode; p.Add("@userID", DbType.Int32).Value = user.Id; }); //Query database to update the user's multi factor authentication to true query = "UPDATE users SET two_factor_authentication = true WHERE ID = @userID"; //Query the database db.NonQuery(query, p => { p.Add("@userID", DbType.Int32).Value = user.Id; }); } } } } else if (btnAuthen.Text == "Disable") // Displable multi factor authentication if enable { //Notify user to make sure that the multi factor authentication should be disable DialogResult result = MessageBox.Show("Disabling Multifactor Authentication will make your account less secure.\nContinue? ", "Multi Factor Authentication", MessageBoxButtons.YesNo, MessageBoxIcon.Information); //Check user's input if (result == DialogResult.Yes) { //Create string to update the multi factor authentication (disable) string query = "UPDATE users SET two_factor_authentication = false WHERE ID = @userID"; //Query the database. Add parameters db.NonQuery(query, p => { p.Add("@userID", DbType.Int32).Value = user.Id; }); //Notify user MessageBox.Show("Multifactor Authentication has been disabled"); btnAuthen.Text = "Enable"; lblAuthen.Text = "Disable"; } } }