public void Load_Admin_Students() { #region Admin_Students a_s = new Admin_Students(Admin_ListedUsers_LoginDetails_LoggedInAs_TextBox.Text, Admin_ListedUsers_LoginDetails_UserLevel_TextBox.Text); this.Hide(); a_s.ShowDialog(); #endregion }
public void Decide_HomePage_By_UserLevel() { #region //Conditional statement determines which UI Home Page to redirect to (necessary as the DatabaseHistory page is accesscible to both //StaffMembers and Admins) if (DatabaseHistory_LoginDetails_UserLevel_TextBox.Text == "Admin") { this.Hide(); Admin_Students admp = new Admin_Students(DatabaseHistory_LoginDetails_LoggedInAs_TextBox.Text, DatabaseHistory_LoginDetails_UserLevel_TextBox.Text); admp.ShowDialog(); } else { this.Hide(); Students mp = new Students(DatabaseHistory_LoginDetails_LoggedInAs_TextBox.Text, DatabaseHistory_LoginDetails_UserLevel_TextBox.Text); mp.ShowDialog(); } #endregion }
public void Decide_HomePage_By_UserLevel() { #region //Decides which type of interface to redirect to after registration is complete based on the value of the UserLevel TextBox in the //top right-hand corner of the form (both). This is one of the main reasons why I chose to include these two attributes as intial values //for the creation of all Form instances in my project. Admin_Students admp = new Admin_Students(NewStudent_LoginDetails_LoggedInAs_TextBox.Text, NewStudent_LoginDetails_UserLevel_TextBox.Text); Students mp = new Students(NewStudent_LoginDetails_LoggedInAs_TextBox.Text, NewStudent_LoginDetails_UserLevel_TextBox.Text); this.Hide(); if (NewStudent_LoginDetails_UserLevel_TextBox.Text == "Admin") { admp.ShowDialog(); } else { mp.ShowDialog(); } #endregion }
private void Login() { #region //Enclose in a try/catch to handle any exceptions encountered upon execution. try { //Enclose in using braces to automatically close the connection to the database when data retrieval is finished, thus helping to //sanitize our code. using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); //construct a SQL Query that will query the LoginDetails table of our localDB based on the values of the Username TextBox, //PasswordTextBox and UserLevel Dropdown. string sqlQuery = "SELECT Username, UserLevel, Password FROM dbo.LoginDetails WHERE Username = @Username AND UserLevel = @UserLevel AND Password = @Password"; SqlCommand cmd = new SqlCommand(sqlQuery, conn); //Assign the values of the query parameters to the values of the Username TextBox, Password TextBox and UserLevel Dropdown input //by the user. cmd.Parameters.AddWithValue("@Username", LoginScreen_LoginDetails_Username_TextBox.Text); cmd.Parameters.AddWithValue("@UserLevel", LoginScreen_LoginDetails_UserLevel_Dropdown.Text); cmd.Parameters.AddWithValue("@Password", SHA_256(LoginScreen_LoginDetails_Password_TextBox.Text)); //method ExecuteReader() is called on our defined SqlCommand cmd, which sends the command text from sqlQuery to the SqlConnection //coon and builds a SqlDataReader object, defined here as sdr. SqlDataReader sdr = cmd.ExecuteReader(); //If sdr executes successfully against the database, this means that a record is returned from the LoginDetails table that //is a result of sqlQuery with its user-defined values (i.e a matching record). if (sdr.Read() == true) { //If a matching record is found, then the value in the UserLevel column (i.e either Admin or StaffMember) of the LoginDetails //table will dictate whether the user is redirected to either the Admin Home Page (i.e Admin_Students) or the regular Home //Page (i.e Students). MessageBox.Show($"Welcome {LoginScreen_LoginDetails_Username_TextBox.Text}!"); this.Hide(); if (LoginScreen_LoginDetails_UserLevel_Dropdown.Text == "Admin") { this.Hide(); Admin_Students admp = new Admin_Students(LoginScreen_LoginDetails_Username_TextBox.Text, LoginScreen_LoginDetails_UserLevel_Dropdown.Text); admp.ShowDialog(); } else { Students mp = new Students(LoginScreen_LoginDetails_Username_TextBox.Text, LoginScreen_LoginDetails_UserLevel_Dropdown.Text); mp.ShowDialog(); } } //If a matching record in the LoginDetails table is not found, an error message is shown, the user stays on the LoginScreen, the //user input values are cleared and the cursor is focused back to the Username TextBox. else { MessageBox.Show("Login failed. Please try again", "Login denied", MessageBoxButtons.OK, MessageBoxIcon.Error); LoginScreen_LoginDetails_Username_TextBox.Clear(); LoginScreen_LoginDetails_Password_TextBox.Clear(); LoginScreen_LoginDetails_Username_TextBox.Focus(); } } } catch (Exception ex) { MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } #endregion }
public void Delete_Admin_Student() { #region try { string sqlQuery1 = "DELETE FROM dbo.Students WHERE StudentID = @StudentID"; string sqlQuery2 = "INSERT INTO dbo.DatabaseHistory" + $" VALUES('Student Record with StudentID = {Admin_StudentDetails_StudentID_TextBox.Text} was DELETED at {DateTime.Now.ToString("MM/dd/yyyy hh:mm tt")}', @Username)"; //using statement will release conn when it is finished with it using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); //Assign the values of the SqlCommand parameters with their associated TextBox values SqlCommand cmd1 = new SqlCommand(sqlQuery1, conn); cmd1.Parameters.AddWithValue("@StudentID", Admin_StudentDetails_StudentID_TextBox.Text); SqlCommand cmd2 = new SqlCommand(sqlQuery2, conn); cmd2.Parameters.AddWithValue("@StudentID", int.Parse(Admin_StudentDetails_StudentID_TextBox.Text)); cmd2.Parameters.AddWithValue("@Username", Admin_LoginDetails_LoggedInAs_TextBox.Text); //Load a dialog box that confirms with the user that they wish to complete the specified action DialogResult dialog = MessageBox.Show("Are you sure you want to delete this Student record?:" + $"\n\nStudentID:\t{Admin_StudentDetails_StudentID_TextBox.Text}" + $"\nFirst Name:\t{Admin_StudentDetails_FirstName_TextBox.Text}" + $"\nSurname:\t{Admin_StudentDetails_Surname_TextBox.Text}" + $"\nEmail:\t\t{Admin_StudentDetails_Email_TextBox.Text}" + $"\nPhoneNo:\t{Admin_StudentDetails_PhoneNo_TextBox.Text}" + $"\nAddressLine1\t{Admin_StudentDetails_AddressLine1_TextBox.Text}" + $"\nAddressLine2:\t{Admin_StudentDetails_AddressLine2_TextBox.Text}" + $"\nCity:\t\t{Admin_StudentDetails_City_TextBox.Text}" + $"\nCounty:\t\t{Admin_StudentDetails_County_TextBox.Text}" + $"\nLevel:\t\t{Admin_StudentDetails_Level_TextBox.Text}" + $"\nCourse:\t\t{Admin_StudentDetails_Course_TextBox.Text}" + $"\nCountry:\t\t{Admin_StudentDetails_Country_TextBox.Text}", "Delete Record", MessageBoxButtons.YesNo ); if (dialog == DialogResult.Yes) { //if the user selects 'Yes', sqlQuery1 is executed by cmd1 int a = cmd1.ExecuteNonQuery(); if (a > 0) { //if cmd1 executes successfully, sqlQuery2 is executed by cmd2 MessageBox.Show("Record Deleted Successfully", "Successful Delete", MessageBoxButtons.OK); cmd2.ExecuteNonQuery(); } else { MessageBox.Show("Record Deletion Failed. Please try again", "Failed Delete", MessageBoxButtons.OK, MessageBoxIcon.Error); } } Admin_Students admp = new Admin_Students(Admin_LoginDetails_LoggedInAs_TextBox.Text, Admin_LoginDetails_UserLevel_TextBox.Text); this.Hide(); admp.ShowDialog(); } } catch (Exception ex) { MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } #endregion }
public void Edit_Admin_Student() { #region try { string sqlQuery1 = $"INSERT INTO dbo.DatabaseHistory" + $" VALUES ('Student Record with StudentID = {Admin_StudentDetails_StudentID_TextBox.Text} was UPDATED at {DateTime.Now.ToString("MM/dd/yyyy hh:mm tt")}', @Username)"; string sqlQuery2 = "UPDATE dbo.Students" + " SET Email = @Email," + " PhoneNo = @PhoneNo," + " AddressLine1 = @AddressLine1," + " AddressLine2 = @AddressLine2," + " City = @City," + " County = @County," + " Level = @Level," + " Country = @Country" + " WHERE StudentID = @StudentID"; using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand cmd1 = new SqlCommand(sqlQuery1, conn); cmd1.Parameters.AddWithValue("@StudentID", Admin_StudentDetails_StudentID_TextBox.Text); cmd1.Parameters.AddWithValue("@Username", Admin_LoginDetails_LoggedInAs_TextBox.Text); SqlCommand cmd2 = new SqlCommand(sqlQuery2, conn); cmd2.Parameters.AddWithValue("@StudentID", Admin_StudentDetails_StudentID_TextBox.Text); cmd2.Parameters.AddWithValue("@Email", Admin_StudentDetails_Email_TextBox.Text); cmd2.Parameters.AddWithValue("@PhoneNo", Admin_StudentDetails_PhoneNo_TextBox.Text); cmd2.Parameters.AddWithValue("@AddressLine1", Admin_StudentDetails_AddressLine1_TextBox.Text); cmd2.Parameters.AddWithValue("@AddressLine2", Admin_StudentDetails_AddressLine2_TextBox.Text); cmd2.Parameters.AddWithValue("@City", Admin_StudentDetails_City_TextBox.Text); cmd2.Parameters.AddWithValue("@County", Admin_StudentDetails_County_Dropdown.Text); cmd2.Parameters.AddWithValue("@Level", Admin_StudentDetails_Level_Dropdown.Text); cmd2.Parameters.AddWithValue("@Country", Admin_StudentDetails_Country_Dropdown.Text); DialogResult dialog = MessageBox.Show($"Are you sure you want to make the following changes to this Student record with StudentNo = {Admin_StudentDetails_StudentID_TextBox.Text}?:" + $"\n\nEmail:\n{Admin_StudentDetails_Email_TextBox.Text}\n" + $"\nPhoneNo:\n{Admin_StudentDetails_PhoneNo_TextBox.Text}\n" + $"\nAddressLine1:\n{Admin_StudentDetails_AddressLine1_TextBox.Text}\n" + $"\nAddressLine2:\n{Admin_StudentDetails_AddressLine2_TextBox.Text}\n" + $"\nCity:\n{Admin_StudentDetails_City_TextBox.Text}\n" + $"\nCounty:\n{Admin_StudentDetails_County_Dropdown.Text}\n" + $"\nLevel:\n{Admin_StudentDetails_Level_Dropdown.Text}\n" + $"\nCountry:\n{Admin_StudentDetails_Country_Dropdown.Text}\n", "Delete Record", MessageBoxButtons.YesNo ); if (dialog == DialogResult.Yes) { int a = cmd1.ExecuteNonQuery(); if (a > 0) { MessageBox.Show("Record Updated Successfully", "Successful Update", MessageBoxButtons.OK); cmd2.ExecuteNonQuery(); } else { MessageBox.Show("Record Update Failed", "Failed Update", MessageBoxButtons.OK, MessageBoxIcon.Error); } } } } catch (Exception ex) { MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } Admin_Students admp = new Admin_Students(Admin_LoginDetails_LoggedInAs_TextBox.Text, Admin_LoginDetails_UserLevel_TextBox.Text); this.Hide(); admp.ShowDialog(); #endregion }