private void updateUserBtn_Click(object sender, EventArgs e)
{
if (firstNameTxt.Text == "" ||
lastNameTxt.Text == "" ||
userNameTxt.Text == "" ||
passwordTxt.Text == ""
)
{
MessageBox.Show("Please, fill all the fields..!");
}
else if (userCategory.selectedIndex == -1)
{
MessageBox.Show("Please, select category for a user.");
}
else if (empID == null)
{
MessageBox.Show("Please, select a User for updating.!");
}
else
{
MySqlConnection con = new MySqlConnection();
con.ConnectionString = Home.DBconnection;
string updateUser = "******" + firstNameTxt.Text.ToUpper() + "', mname = '" + middleNameTxt.Text.ToUpper() +
"', lname = '" + lastNameTxt.Text.ToUpper() +
"', username = '******', password = '******', userCategory = '" + userCategory.selectedValue.ToString().ToUpper() +
"' where UID = '" + empID + "'";
MySqlCommand com = new MySqlCommand(updateUser, con);
MySqlDataReader rd;
try
{
con.Open();
//update an employee
rd = com.ExecuteReader();
rd.Close();
Login.RecordUserActivity("Changed user information for user Id " + empID);
LoadEmployee();
empID = null;
firstNameTxt.Text = "";
middleNameTxt.Text = "";
lastNameTxt.Text = "";
userNameTxt.Text = "";
passwordTxt.Text = "";
MessageBox.Show("User Updated Successful");
}
catch (MySqlException ex)
{
MessageBox.Show(ex.Message);
}
con.Close();
}
}
private void addUserBtn_Click(object sender, EventArgs e)
{
if (firstNameTxt.Text == "" ||
lastNameTxt.Text == "" ||
userNameTxt.Text == "" ||
passwordTxt.Text == "")
{
MessageBox.Show("Please, select an employee from the list");
}
else if (userCategory.selectedIndex == -1)
{
MessageBox.Show("Please, select category for a user.");
}
else
{
MySqlConnection con = new MySqlConnection();
con.ConnectionString = Home.DBconnection;
string value = "values('" + firstNameTxt.Text.ToUpper() +
"','" + middleNameTxt.Text.ToUpper() +
"','" + lastNameTxt.Text.ToUpper() +
"','" + userNameTxt.Text.ToUpper() +
"','" + Login.GetMD5Hash(passwordTxt.Text) +
"','" + DateTime.Now +
"','" + userCategory.selectedValue.ToUpper() + "')";
string registerUser = "******" + value;
MySqlCommand com = new MySqlCommand(registerUser, con);
MySqlDataReader rd;
try
{
con.Open();
//registering an employee
rd = com.ExecuteReader();
rd.Close();
Login.RecordUserActivity("Registered " + firstNameTxt.Text.ToUpper() + " " + middleNameTxt.Text.ToUpper() + " " + lastNameTxt.Text.ToUpper() + " As a new user to the system");
MessageBox.Show("User Added Successful");
clearFields();
}
catch (MySqlException ex)
{
MessageBox.Show(ex.Message);
}
con.Close();
}
}
private void verifyBtn_Click(object sender, EventArgs e)
{
MySqlConnection con = new MySqlConnection();
con.ConnectionString = Home.DBconnection;
if (password.Text == "")
{
MessageBox.Show("Please enter password.");
}
else
{
string loadUser = "******" + Login.UID + "' and password = '******'";
MySqlCommand com = new MySqlCommand(loadUser, con);
MySqlDataAdapter da;
DataTable tab = new DataTable();
try
{
con.Open();
da = new MySqlDataAdapter(com);
da.Fill(tab);
da.Dispose();
if (tab.Rows.Count > 0)
{
Login.RecordUserActivity("Login");
this.Close();
Home home = new Home();
home.ShowDialog();
}
else
{
MessageBox.Show("Wrong Password");
}
}
catch (MySqlException ex)
{
MessageBox.Show(ex.Message);
}
con.Close();
}
}
private void changePassBtn_Click(object sender, EventArgs e)
{
if (String.IsNullOrWhiteSpace(Oldpassword.Text) || String.IsNullOrWhiteSpace(Newpassword.Text))
{
MessageBox.Show("Please fill all the field.");
}
else
{
if (Oldpassword.Text != Newpassword.Text)
{
MySqlConnection con = new MySqlConnection();
con.ConnectionString = Home.DBconnection;
string verify = "select password from users where password = '******'";
string update = "Update users set password = '******' where UID = '" + Login.UID + "'";
MySqlCommand com = new MySqlCommand(verify, con);
MySqlDataAdapter da;
MySqlDataReader rd;
DataTable tab = new DataTable();
try
{
con.Open();
da = new MySqlDataAdapter(com);
da.Fill(tab);
da.Dispose();
if (tab.Rows.Count > 0)
{
if (Newpassword.Text == retypePassword.Text)
{
MySqlCommand com1 = new MySqlCommand(update, con);
rd = com1.ExecuteReader();
rd.Close();
Login.RecordUserActivity("Changed password for userID " + Login.UID + "");
MessageBox.Show("Password Changed Successful.");
this.Close();
}
else
{
MessageBox.Show("The New password did not match with the Re-type new password.");
}
}
else
{
MessageBox.Show("Wrong Old Password");
}
}
catch (MySqlException ex)
{
MessageBox.Show(ex.Message);
}
}
else
{
MessageBox.Show("Old Password can not be the same as New Password");
}
}
}