// --- Search query --- public void searchData(string searchString) { db.openConnection(); // open connection string sQuery = "SELECT indexno,firstname,lastname,address,gender,dob,email,faculty,mobile FROM student WHERE CONCAT(" + getConstraints().ToString() + " ) LIKE '%" + searchString + "%'"; MySqlCommand cmd = new MySqlCommand(sQuery, db.getConnection()); MySqlDataAdapter adapter = new MySqlDataAdapter(cmd); DataTable table = new DataTable(); adapter.Fill(table); gridviewtable.DataSource = table; //gridviewtable.Columns.Remove("View"); db.openConnection(); // open connection }
private void ViewRec_Load(object sender, EventArgs e) { db.openConnection(); // open connection string sQuery = "SELECT indexno,firstname,lastname,address,gender,dob,email,faculty,mobile,image FROM student WHERE indexno ='" + selected + "'"; MySqlCommand cmd = new MySqlCommand(sQuery, db.getConnection()); MySqlDataAdapter adapter = new MySqlDataAdapter(cmd); DataTable table = new DataTable(); adapter.Fill(table); txtindex.Text = table.Rows[0][0].ToString(); txtfname.Text = table.Rows[0][1].ToString(); txtlname.Text = table.Rows[0][2].ToString(); txtaddress.Text = table.Rows[0][3].ToString(); if (table.Rows[0][4].ToString() == "M") { radiomale.Checked = true; } else { radiofemale.Checked = true; } txtdob.Text = table.Rows[0][5].ToString(); txtemail.Text = table.Rows[0][6].ToString(); txtfaculty.Text = table.Rows[0][7].ToString(); txtmobile.Text = table.Rows[0][8].ToString(); /* * * * Invalid Argument exception Due to Empty image filled- EXCEPTION HANDLED * */ try { byte[] data = new byte[0]; data = (byte[])(table.Rows[0][9]); MemoryStream mem = new MemoryStream(data); picImg.Image = Image.FromStream(mem); } catch (Exception) { string message = "No Image file found on Database!"; string title = "Image File Not Found"; MessageBoxButtons buttons = MessageBoxButtons.OK; DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Information); } db.openConnection(); // close connection }
Records openRecs = (Records)Application.OpenForms["Records"]; // obj for open record form manipulation // --- Form Onload --- private void AddEdit_Load(object sender, EventArgs e) { db.openConnection(); // open connection MySqlCommand cmd = new MySqlCommand("SELECT facultyname FROM faculty;", db.getConnection()); using (var reader = cmd.ExecuteReader()) { while (reader.Read()) { cmbfaculty.Items.Add(reader.GetString("facultyname")); } } db.openConnection(); // close connection }
HashSalt hashSalt = new HashSalt(100); // 100 iterations private void Login_Load(object sender, EventArgs e) { DbHandler db = new DbHandler(); MySqlCommand cmd = new MySqlCommand("SELECT facultyname FROM faculty;", db.getConnection()); db.openConnection(); // open connection using (var reader = cmd.ExecuteReader()) { while (reader.Read()) { cmbfaculty.Items.Add(reader.GetString("facultyname")); } } }
/* * --- SignIn Handling --- */ private void btnSignin_Click(object sender, EventArgs e) { string enteredPass = txtLoginPassword.Text; DbHandler db = new DbHandler(); MySqlDataAdapter adapter = new MySqlDataAdapter(); DataTable table = new DataTable(); MySqlCommand cmd = new MySqlCommand("SELECT password, salt FROM student WHERE indexno=@index;", db.getConnection()); db.openConnection(); // open connection cmd.Parameters.Add("@index", MySqlDbType.VarChar).Value = txtLoginusername.Text; adapter.SelectCommand = cmd; adapter.Fill(table); if (table.Rows.Count > 0) { string pass = table.Rows[0][0].ToString(); string salt = table.Rows[0][1].ToString(); string newPass = hashSalt.generateHash(enteredPass, hashSalt.saltToByte(salt)); if (hashSalt.authenticateUser(enteredPass, pass, salt)) { // MessageBox.Show("correct ='" + pass + "'\nEntered pass ='******'"); // --- form Records obj Records gotoRecords = new Records(); gotoRecords.Show(); // goto Records this.Hide(); } else { string message = "User name & Password did not Match!?"; string title = "Attention!"; MessageBoxButtons buttons = MessageBoxButtons.OK; DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Warning); } } else { string message = "User name NotFound!?"; string title = "Attention!"; MessageBoxButtons buttons = MessageBoxButtons.OK; DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Warning); } //this.Close(); db.openConnection(); // close connection }
/* * --- ^ SignIn Handling ^ --- */ /* * --- SignUp Handling --- */ private void btnSignup_Click(object sender, EventArgs e) { // --- confirmation with message box --- string message = "Do you want to Save the changes?"; string title = "Please Confirm!"; MessageBoxButtons buttons = MessageBoxButtons.YesNo; DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Warning); if (result == DialogResult.Yes) { if (txtpassword.Text == txtconfirmpassword.Text) { DbHandler db = new DbHandler(); MySqlCommand cmd = new MySqlCommand("INSERT INTO `student`(`indexno`,`firstname`,`lastname`,`address`,`gender`,`dob`,`email`,`faculty`,`mobile`,`password`,`salt`,`image`)VALUES(@index, @firstname, @lastname, @address, @gender, @dob, @email, @faculty, @mobile, @password, @salt, @image);", db.getConnection()); // --- image --- MemoryStream ms = new MemoryStream(); pictureBox1.Image.Save(ms, pictureBox1.Image.RawFormat); byte[] img = ms.ToArray(); // ------------- var salt = hashSalt.generateSalt(); // generates random salt type string var byteSalt = hashSalt.saltToByte(salt); // gets byte[] from salt string cmd.Parameters.Add("@index", MySqlDbType.VarChar).Value = txtindex.Text; cmd.Parameters.Add("@firstname", MySqlDbType.VarChar).Value = txtfname.Text; cmd.Parameters.Add("@lastname", MySqlDbType.VarChar).Value = txtlname.Text; cmd.Parameters.Add("@address", MySqlDbType.VarChar).Value = txtaddress.Text; cmd.Parameters.Add("@gender", MySqlDbType.VarChar).Value = getGender(); cmd.Parameters.Add("@dob", MySqlDbType.Date).Value = dateDob.Value.Date; cmd.Parameters.Add("@email", MySqlDbType.VarChar).Value = txtemail.Text; cmd.Parameters.Add("@faculty", MySqlDbType.VarChar).Value = cmbfaculty.GetItemText(cmbfaculty.SelectedItem); cmd.Parameters.Add("@mobile", MySqlDbType.VarChar).Value = txtmobile.Text; cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = hashSalt.generateHash(txtpassword.Text, byteSalt); // get (password+salt) hashed from db cmd.Parameters.Add("@salt", MySqlDbType.VarChar).Value = salt; cmd.Parameters.Add("@image", MySqlDbType.Blob).Value = img; db.openConnection(); // open connection // execute query if (cmd.ExecuteNonQuery() == 1) { MessageBox.Show("Record added!", "Success!", MessageBoxButtons.OK, MessageBoxIcon.Information); } else { MessageBox.Show("Failed!, please retry", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Error); } db.openConnection(); // close connection } else { // --- password confirmation failed msg --- DialogResult r = MessageBox.Show("Password Confirmation failed?", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Warning); txtpassword.Focus(); } } else { // Do something } }
private void RecEdit_Load(object sender, EventArgs e) { db.openConnection(); // open connection // --- populate faculty cmb --- MySqlCommand cmdCmb = new MySqlCommand("SELECT facultyname FROM faculty;", db.getConnection()); using (var reader = cmdCmb.ExecuteReader()) { while (reader.Read()) { cmbfaculty.Items.Add(reader.GetString("facultyname")); } } string sQuery = "SELECT indexno,firstname,lastname,address,gender,dob,email,faculty,mobile,image FROM student WHERE indexno ='" + selected + "'"; MySqlCommand cmd = new MySqlCommand(sQuery, db.getConnection()); MySqlDataAdapter adapter = new MySqlDataAdapter(cmd); DataTable table = new DataTable(); adapter.Fill(table); MessageBox.Show(sQuery); txtindex.Text = table.Rows[0][0].ToString(); txtfname.Text = table.Rows[0][1].ToString(); txtlname.Text = table.Rows[0][2].ToString(); txtaddress.Text = table.Rows[0][3].ToString(); if (table.Rows[0][4].ToString() == "M") { radiomale.Checked = true; } else { radiofemale.Checked = true; } dateDob.Value = Convert.ToDateTime(table.Rows[0][5]); txtemail.Text = table.Rows[0][6].ToString(); cmbfaculty.SelectedIndex = cmbfaculty.FindStringExact(table.Rows[0][7].ToString()); txtmobile.Text = table.Rows[0][8].ToString(); /* * * * Invalid Argument exception Due to Empty image filled- EXCEPTION HANDLED * */ try { byte[] data = new byte[0]; data = (byte[])(table.Rows[0][9]); MemoryStream mem = new MemoryStream(data); picImg.Image = Image.FromStream(mem); } catch (Exception) { string message = "No Image file found on Database!"; string title = "Image File Not Found"; MessageBoxButtons buttons = MessageBoxButtons.OK; DialogResult result = MessageBox.Show(message, title, buttons, MessageBoxIcon.Information); } db.openConnection(); // close connection }