// u can remove this region (contains many bugs with its methods)
#region immediate editing using dataBinding;
/*
* SqlDataAdapter da;
* DataTable dt;
*
* // return a datatable of all categories
* public DataTable getAllCategories()
* {
* da = dal.immediateEditTbl("select * from categories");
* dt = new DataTable();
* da.Fill(dt);
* return dal.selectData("select * from categories");
* }
*
*
*
* // I just need the name to validate existence not to insert the name, bcz I don't insert names,..
* // I just update the table with the dataAdapter
* public int addNewCategory(string catName, DataTable dt)
* {
* if (catName == "")
* return -1; // code means that the cat exists, check on this code in the view
* else if (catExists(catName))
* return -2; // code means that the category name already exists
* else
* return dal.immediateEditTbl(dt,da);
* }
*
*
* public int deleteUpdateCategory(DataTable dt)
* {
* return dal.immediateEditTbl(dt, da);
* }
*/
#endregion immediate editing using dataBinding
public bool catExists(string catName)
{
DataTable dt = dal.selectData("select * from categories where cat_name = '" + catName + "'");
if (dt.Rows.Count > 0)
{
return(true);
}
return(false);
}
public bool supplierNameExists(string supplierName)
{
// see if the username exists (search the username)
string querySearch = "select supp_name from suppliers where suppliers.supp_name = '" + supplierName + "'";
if (dal.selectData(querySearch).Rows.Count > 0)
{
return(true);
}
return(false);
}
public bool userNameExists(string username)
{
// see if the username exists (search the username)
string querySearch = "select * from users where users.username = '******'";
if (dal.selectData(querySearch).Rows.Count > 0)
{
return(true);
}
return(false);
}
// TODO: this should return a boolean value not a dataTable (fix it) .. fixed (DONE), EMAD
public int login(string username, string password)
{
if (!dal.testDBConnection())
{
return(2);
}
string hashedPassword = GetHashString(password);
SqlParameter[] param = new SqlParameter[2];
// first param (username)
param[0] = new SqlParameter("@username", SqlDbType.VarChar, 30);
param[0].Value = username;
// first param (password), length = 40 (sha1 hash)
param[1] = new SqlParameter("@pwd", SqlDbType.VarChar, 40);
param[1].Value = hashedPassword;
DataTable dt = dal.selectData("sp_login", param);
if (dt.Rows.Count > 0)
{
int loggedUserID = Convert.ToInt32(dt.Rows[0][0].ToString());
string loggedUser_username = dt.Rows[0][1].ToString();
string loggedUser_fullName = dt.Rows[0][3].ToString();
string loggedUser_phoneNum = dt.Rows[0][4].ToString();
setRuntimeInfo(loggedUserID, loggedUser_username, loggedUser_fullName);
controlMenus(); // TODO: enable the menus based on the permissions
return(1);
}
return(0);
}
/*
* // no longer need it, replaced with more general function execProc()
* public DataTable getCategories()
* {
* DAL.DataAcessLayer dal = new DAL.DataAcessLayer();
* DataTable dt = new DataTable();
* return dal.selectData("get_categories", null);
* }
*/
/*
* // no longer need it, replaced with more general function execProc()
* public DataTable getSuppliers()
* {
* DAL.DataAcessLayer dal = new DAL.DataAcessLayer();
* DataTable dt = new DataTable();
* return dal.selectData("get_suppliers", null);
* }
*/
#region mng/add products
/// <summary>
/// get all stored products in the database
/// </summary>
/// <returns type="datatable">list of products from a stored procedure</returns>
public DataTable getAllProducts()
{
return(dal.selectData("get_all_products", null));
}
/// <summary>
/// number of units in stock, unique units not total units
/// </summary>
/// <returns type="string">number of products currently in stock</returns>
public string getNumOfUnitsInStock()
{
return(dal.selectData("select count(unit_id) from units where stock_quantity > 0").Rows[0][0].ToString());
}