private void E_editInformationButton_OnClick(object sender, RoutedEventArgs e) { if (!Regex.IsMatch(e_fioTextBox.Text, "^[a-zA-Z\\s]{2,39}$")) { MessageBox.Show("Incorrect Student FIO"); return; } string setStudentFieldsProcedure = "SET_STUDENT_FIELDS"; try { SqlDataBaseConnection.ApplyUserPrivileges(); using (SqlConnection connection = new SqlConnection(connectionString)) { connection.Open(); SqlCommand setStudentFieldsCommand = new SqlCommand(setStudentFieldsProcedure, connection); setStudentFieldsCommand.CommandType = CommandType.StoredProcedure; SqlParameter studentIdParameter = new SqlParameter { ParameterName = "@StudentId", Value = _student.StudentId }; SqlParameter studentNameParameter = new SqlParameter { ParameterName = "@StudentName", Value = e_fioTextBox.Text }; SqlParameter courseParameter = new SqlParameter { ParameterName = "@Course", Value = Convert.ToInt32(e_courseComboBox.Text) }; SqlParameter groupIdParameter = new SqlParameter { ParameterName = "@GroupId", Value = Convert.ToInt32(e_groupComboBox.Text) }; SqlParameter specParameter = new SqlParameter { ParameterName = "@Specialization", Value = e_specializationComboBox.Text }; SqlParameter facultyParameter = new SqlParameter { ParameterName = "@Faculty", Value = e_facultyComboBox.Text }; SqlParameter birthdayParameter = new SqlParameter { ParameterName = "@Birthday", Value = e_birthdayCalendar.SelectedDate.Value }; setStudentFieldsCommand.Parameters.Add(studentIdParameter); setStudentFieldsCommand.Parameters.Add(studentNameParameter); setStudentFieldsCommand.Parameters.Add(courseParameter); setStudentFieldsCommand.Parameters.Add(groupIdParameter); setStudentFieldsCommand.Parameters.Add(specParameter); setStudentFieldsCommand.Parameters.Add(facultyParameter); setStudentFieldsCommand.Parameters.Add(birthdayParameter); var done = setStudentFieldsCommand.ExecuteReader(); if (done.HasRows) { while (done.Read()) { _student.Name = done.GetString(2); _student.Course = done.GetInt32(4); _student.Group = done.GetInt32(5); _student.Specialization = done.GetString(6); _student.Faculty = done.GetString(7); _student.Birthday = done.GetDateTime(8).ToString("d"); } done.Close(); } MessageBox.Show("Done"); } } catch (Exception exception) { MessageBox.Show(exception.Message); } }
private void LogInButton_OnClick(object sender, RoutedEventArgs e) { bool userExist = false; User currentUser = new User(); string getUserProcedure = "GET_USER"; if (logIn_UserName.Text == String.Empty) { MessageBox.Show("Please, enter the User name"); return; } if (logIn_Password.Password == String.Empty) { MessageBox.Show("Please, enter the Password"); return; } if (logIn_Password.Password.Length < 5) { MessageBox.Show("Allowed password length: 5 characters"); return; } try { using (SqlConnection connection = new SqlConnection(SqlDataBaseConnection.data)) { connection.Open(); SqlCommand getUserCommand = new SqlCommand(getUserProcedure, connection); getUserCommand.CommandType = CommandType.StoredProcedure; var users = getUserCommand.ExecuteReader(); if (users.HasRows) { while (users.Read()) { if (logIn_UserName.Text != users.GetString(1) || User.GetHashPassword(logIn_Password.Password) != users.GetString(2)) { continue; } userExist = true; currentUser.UserId = users.GetInt32(0); currentUser.UserName = users.GetString(1); currentUser.Password = users.GetString(2); } users.Close(); } if (userExist) { if (IsAdmin(Convert.ToInt32(currentUser.UserId), connection)) { SqlDataBaseConnection.ApplyAdminPrivileges(); SetAdminFields(Convert.ToInt32(currentUser.UserId), connection); _window = new AdminWindow(_admin.AdminName); _window.Show(); this.Close(); } else { SqlDataBaseConnection.ApplyUserPrivileges(); SetStudentFields(Convert.ToInt32(currentUser.UserId), connection); _window = new MainWindow(_student); this.Close(); } } else { MessageBox.Show("Please, check that the information you entered is correct"); } } } catch (Exception exception) { MessageBox.Show(exception.Message); } }