public Add_New_User(String editId, String userType) { InitializeComponent(); fillComboProfileType(); label1.Text = "Edit User"; buttonSaveUser.Hide(); labelUserId.Text = editId; this.editID = editId; //id, generatedID, firstName, lastName, mobileNumber, landLineNumber, permenentAddress, residentAddress, isResidentSame, birthday, profileImageUrl, createDateTime, updateDateTime, isActive, user_login_history_id, user_profile_type_id String getUserDetailsSql = "SELECT firstName, lastName, mobileNumber, landLineNumber, permenentAddress, residentAddress, isResidentSame, birthday, profileImageUrl, user_login.emailAddress as emailAddress, user_login.password as password from user_profile left join user_profile_type on user_profile.user_profile_type_id = user_profile_type.id left join user_login on user_profile.id = user_login.user_profile_id left join user_role on user_login.user_role_id = user_role.id WHERE user_profile.generatedID = @currentId"; MySqlConnection mySqlConnection = DataConnection.getDBConnection(); mySqlConnection.Open(); MySqlCommand cmd_Profile = new MySqlCommand(getUserDetailsSql, mySqlConnection); cmd_Profile.CommandText = getUserDetailsSql; cmd_Profile.Parameters.AddWithValue("currentId", editId); MySqlDataReader DataReader = cmd_Profile.ExecuteReader(); if (userType.Equals("Librarian")) { comboBoxProfileType.SelectedItem = "Librarian"; while (DataReader.Read()) { textBoxFirstName.Text = DataReader.GetString("firstName"); textBoxLastName.Text = DataReader.GetString("lastName"); textBoxMobile.Text = DataReader.GetString("mobileNumber"); textBoxLand.Text = DataReader.GetString("landLineNumber"); textBoxPAddress.Text = DataReader.GetString("permenentAddress"); textBoxRAddress.Text = DataReader.GetString("residentAddress"); if (DataReader.GetString("isResidentSame").Equals("True")) { checkBoxConfirmAddress.Checked = true; } else { checkBoxConfirmAddress.Checked = false; } textBoxEmail.Text = DataReader.GetString("emailAddress"); textBoxPassword.Text = StringCipher.Decrypt(DataReader.GetString("password"), LoginDetails.passwordKey); textBoxRePassword.Text = StringCipher.Decrypt(DataReader.GetString("password"), LoginDetails.passwordKey); dateTimePickerBirthday.Text = DataReader.GetString("birthday"); /* if (DataReader.GetString("profileImageUrl").Equals("null")) * { * pictureBoxUser.Image = null; * } * else * { * byte[] imageVal = (byte[])DataReader[8]; * MemoryStream ms = new MemoryStream(imageVal); * pictureBoxUser.Image = Image.FromStream(ms); * }*/ } } else { checkBoxAdmin.Hide(); panel1.Hide(); comboBoxProfileType.SelectedItem = "Reader"; while (DataReader.Read()) { textBoxFirstName.Text = DataReader.GetString("firstName"); textBoxLastName.Text = DataReader.GetString("lastName"); textBoxMobile.Text = DataReader.GetString("mobileNumber"); textBoxLand.Text = DataReader.GetString("landLineNumber"); textBoxPAddress.Text = DataReader.GetString("permenentAddress"); textBoxRAddress.Text = DataReader.GetString("residentAddress"); if (DataReader.GetString("isResidentSame").Equals("True")) { checkBoxConfirmAddress.Checked = true; } else { checkBoxConfirmAddress.Checked = false; } //textBoxEmail.Text = DataReader.GetString("emailAddress"); // textBoxPassword.Text = StringCipher.Decrypt(DataReader.GetString("password"), LoginDetails.passwordKey); //textBoxRePassword.Text = StringCipher.Decrypt(DataReader.GetString("password"), LoginDetails.passwordKey); dateTimePickerBirthday.Text = DataReader.GetString("birthday"); String imageVal = DataReader.GetString("profileImageUrl"); /*Console.WriteLine(DataReader[8]); * if (imageVal == null) * { * pictureBoxUser.Image = null; * } * else * { * byte[] imageValBytes = Encoding.ASCII.GetBytes(imageVal); * MemoryStream ms = new MemoryStream(imageValBytes); * pictureBoxUser.Image = Image.FromStream(ms); * }*/ } } mySqlConnection.Close(); }
private void button1_Click(object sender, EventArgs e) { //+++++++++ get input values from login form +++++++++// String email = textBoxEmail.Text; String password = textBoxPassword.Text; //+++++++++ null & empty check for input values +++++++++// if ((email == null || email.Equals("")) && (password == null || password.Equals(""))) { MessageBox.Show("Email or Password Can't be Empty", "Authentication Error!", MessageBoxButtons.OK, MessageBoxIcon.Warning); } else { String loginQuery = "SELECT * FROM user_login WHERE emailAddress = @email"; String getUserRole = "SELECT * FROM user_role WHERE id = @userRoleId"; String insertLoginHistory = "INSERT INTO user_login_history (loginDateTime, logoutDateTime, user_login_id) VALUES (@loginDateTime, null, @user_login_id)"; String getLoginHistoryID = "SELECT * FROM user_login_history WHERE loginDateTime = @currentDate"; DateTime dateTime = DateTime.Now; dateTime.ToString("yyyyMMddHHmmss"); MySqlConnection mySqlConnection = DataConnection.getDBConnection(); mySqlConnection.Open(); MySqlCommand command = new MySqlCommand(loginQuery, mySqlConnection); command.CommandText = loginQuery; command.Parameters.AddWithValue("@email", email); MySqlDataReader mySqlDataReader = command.ExecuteReader(); if (mySqlDataReader.HasRows) { while (mySqlDataReader.Read()) { String encPassword = mySqlDataReader.GetString("password"); String decPassword = StringCipher.Decrypt(encPassword, LoginDetails.passwordKey); if (password.Equals(decPassword)) { String userRoleId = mySqlDataReader.GetString("user_role_id"); String userLoginId = mySqlDataReader.GetString("id"); LoginDetails.userLoginId = userLoginId; MySqlCommand commandGetUserRole = new MySqlCommand(getUserRole, mySqlConnection); commandGetUserRole.CommandText = getUserRole; commandGetUserRole.Parameters.AddWithValue("@userRoleId", userRoleId); MySqlCommand commandInsertLoginHistory = new MySqlCommand(insertLoginHistory, mySqlConnection); commandInsertLoginHistory.CommandText = insertLoginHistory; commandInsertLoginHistory.Parameters.AddWithValue("@loginDateTime", dateTime); commandInsertLoginHistory.Parameters.AddWithValue("@user_login_id", userLoginId); mySqlDataReader.Close(); commandInsertLoginHistory.ExecuteNonQuery(); MySqlCommand commandGetLoginHistoryId = new MySqlCommand(getLoginHistoryID, mySqlConnection); commandGetLoginHistoryId.CommandText = getLoginHistoryID; commandGetLoginHistoryId.Parameters.AddWithValue("@currentDate", dateTime); MySqlDataReader loginHistoryReader = commandGetLoginHistoryId.ExecuteReader(); loginHistoryReader.Read(); LoginDetails.userLoginHistoryID = loginHistoryReader.GetString("id"); loginHistoryReader.Close(); MySqlDataReader mySqlDataReader2 = commandGetUserRole.ExecuteReader(); if (mySqlDataReader2.HasRows) { mySqlDataReader2.Read(); LoginDetails.userRole = mySqlDataReader2.GetString("name"); if (LoginDetails.userRole.Equals("Administrative Librarian")) { Home home = new Home(); home.Show(); } else { Home home = new Home("librarian"); home.Show(); } this.Hide(); break; } else { MessageBox.Show("User type does not exists", "Authentication Error!", MessageBoxButtons.OK, MessageBoxIcon.Warning); break; } } else { MessageBox.Show("Incorrect Password", "Authentication Error!", MessageBoxButtons.OK, MessageBoxIcon.Error); textBoxPassword.Text = ""; } } } else { MessageBox.Show("Account does not exists", "Authentication Error!", MessageBoxButtons.OK, MessageBoxIcon.Warning); textBoxEmail.Text = ""; } mySqlConnection.Close(); } }