private void populateUserList() { cbEmployee.Items.Clear(); SqlConnection conn = null; SqlDataReader rdr = null; try { conn = new SqlConnection(MovieListing.getConnString()); conn.Open(); SqlCommand cmd = new SqlCommand("sp_showAllUsers", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.ExecuteNonQuery(); rdr = cmd.ExecuteReader(); while (rdr.Read()) { id = (rdr["Employee_ID"].ToString()); name = (rdr["Name"].ToString()); idName = id + name; cbEmployee.Items.Add(idName); } } catch (Exception ex) { MessageBox.Show(ex.Message); } }
private void addUser() { SqlConnection conn = null; try { conn = new SqlConnection(MovieListing.getConnString()); SqlCommand cmd = new SqlCommand("sp_addUser2", conn); cmd.CommandType = CommandType.StoredProcedure; conn.Open(); cmd.Parameters.Add(new SqlParameter("@username", LoginName)); cmd.Parameters.Add(new SqlParameter("@password", password)); cmd.Parameters.Add(new SqlParameter("@userType", privelege)); cmd.Parameters.Add(new SqlParameter("@name", name)); cmd.ExecuteNonQuery(); } catch (Exception e) { MessageBox.Show(e.Message); } }
public string login() { SqlConnection conn = null; SqlDataReader rdr = null; string result = null; try { conn = new SqlConnection(MovieListing.getConnString()); conn.Open(); SqlCommand cmd = new SqlCommand("sp_logIn4", conn); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter("@username", tbUserName.Text)); cmd.Parameters.Add(new SqlParameter("@password", tbPassword.Text)); var outParam = new SqlParameter("@result", SqlDbType.VarChar, -1); var outParam2 = new SqlParameter("@result2", SqlDbType.VarChar, -1); var outParam3 = new SqlParameter("@result3", SqlDbType.VarChar, -1); var outParam4 = new SqlParameter("@result4", SqlDbType.VarChar, -1); outParam.Direction = ParameterDirection.Output; outParam2.Direction = ParameterDirection.Output; outParam3.Direction = ParameterDirection.Output; outParam4.Direction = ParameterDirection.Output; cmd.Parameters.Add(outParam); cmd.Parameters.Add(outParam2); cmd.Parameters.Add(outParam3); cmd.Parameters.Add(outParam4); cmd.ExecuteNonQuery(); rdr = cmd.ExecuteReader(); if (cmd.Parameters["@result"].Value.ToString() == tbUserName.Text + " " + tbPassword.Text) { authenticate = true; userName = cmd.Parameters["@result2"].Value.ToString(); userId = cmd.Parameters["@result3"].Value.ToString(); userPrivelege = cmd.Parameters["@result4"].Value.ToString(); } else { MessageBox.Show("Error 001: Invalid Username Or Password"); authenticate = false; } } catch (Exception ex) { MessageBox.Show(ex.Message); } return(result); }
private void btnRemove_Click(object sender, EventArgs e) { idName = new string(idName.Where(x => char.IsDigit(x)).ToArray()); MessageBox.Show(idName); SqlConnection conn = null; try { conn = new SqlConnection(MovieListing.getConnString()); conn.Open(); SqlCommand cmd = new SqlCommand("sp_removeUser1", conn); cmd.Parameters.Add(new SqlParameter("@employeeId", idName)); cmd.CommandType = CommandType.StoredProcedure; cmd.ExecuteNonQuery(); } catch (Exception ex) { MessageBox.Show(ex.Message); } populateUserList(); }