private void loginOnSystem()
{
// for connection string
project.Properties.Settings s = new project.Properties.Settings();
string userName = userNameTextBox.Text,
pass = passTextBox.Text,
sqlCommand = "SELECT * FROM All_Users " +
"WHERE username = @user_id AND pass = @pass_id";
SqlConnection connection = null;
SqlDataReader rdr = null;
try
{
// create new connection
connection = new System.Data.SqlClient.SqlConnection();
// set connection string
connection.ConnectionString = s.TESTConnectionString;
// open connection
connection.Open();
// create command
SqlCommand sql = new SqlCommand(sqlCommand, connection);
sql.Parameters.Add(new SqlParameter("@user_id", userNameTextBox.Text));
sql.Parameters.Add(new SqlParameter("@pass_id", passTextBox.Text));
// and execute it
rdr = sql.ExecuteReader();
if (rdr.Read())
{
if ((bool)rdr["isLogin"] == false)
{
// if user loged in for the first time
// show ChangePassForm
ChangePassword changePass = new ChangePassword(this);
changePass.fillFormComponents((string)rdr["userType"], (string)rdr["username"], false);
changePass.Show();
}
else
{
// else depending on userType open form
if ("administrator".Equals(((string)rdr["userType"]).ToLower()))
{
application = new AdminApplication((string)rdr["username"]);
}
else if ("laboratory personnel".Equals(((string)rdr["userType"]).ToLower()))
{
application = new LabApplication((string)rdr["username"]);
}
else if ("teacher".Equals(((string)rdr["userType"]).ToLower()))
{
application = new TeacherApplication((string)rdr["username"]);
}
application.setParent(this);
application.Show();
}
}
else
{
clearFormComponents();
MessageBox.Show("There is no user with that username and password!", "Warning");
setFocusOnUsername();
}
}
catch (Exception)
{
}
finally
{
// close reader
if (rdr != null)
{
rdr.Close();
}
// close connection
if (connection != null)
{
connection.Close();
}
}
}
private void oldPassTextBox_Validating(object sender, CancelEventArgs e)
{
if (!oldPassTextBox.Text.Equals(string.Empty))
{
// for connection string
project.Properties.Settings s = new project.Properties.Settings();
SqlConnection connection = null;
SqlDataReader rdr = null;
try
{
// create new connection
connection = new System.Data.SqlClient.SqlConnection();
// set connection string
connection.ConnectionString = s.TESTConnectionString;
// open connection
connection.Open();
// create command
string sqlCommand = "SELECT pass FROM All_Users WHERE username = @usrName";
SqlCommand sql = new SqlCommand(sqlCommand, connection);
sql.Parameters.Add(new SqlParameter("@usrName", usernameTextBox.Text));
// and execute it
rdr = sql.ExecuteReader();
if (rdr.Read())
{
if (!((string)rdr["pass"]).Equals(oldPassTextBox.Text))
{
// report error
validationSetError(e, oldPassTextBox, "Old password is not the same like this you inputed!");
oldPassTextBox.SelectAll();
}
else
{
clearErrorProvider();
}
}
}
catch (Exception)
{
}
finally
{
// close reader
if (rdr != null)
{
rdr.Close();
}
// close connection
if (connection != null)
{
connection.Close();
}
}
}
else
{
clearErrorProvider();
}
changed = true;
}
private void changeButton_Click(object sender, EventArgs e)
{
if (changed && (!oldPassTextBox.Text.Equals(string.Empty) ||
!newPassTextBox.Text.Equals(string.Empty) ||
!newPassAgainTextBox.Text.Equals(string.Empty)))
{
SqlConnection connection = null;
try
{
// for connection string
project.Properties.Settings s = new project.Properties.Settings();
// create new connection
connection = new System.Data.SqlClient.SqlConnection();
// set connection string
connection.ConnectionString = s.TESTConnectionString;
// open connection
connection.Open();
string sqlCommand = "UPDATE All_Users SET pass = @usrPass WHERE username = @usrName";
// create command
SqlCommand sql = new SqlCommand(sqlCommand, connection);
sql.Parameters.Add(new SqlParameter("@usrPass", newPassAgainTextBox.Text));
sql.Parameters.Add(new SqlParameter("@usrName", usernameTextBox.Text));
// and execute it
sql.ExecuteNonQuery();
if (parent is BaseApplication)
{
// if parent is type of BaseApp then
// clear componetns
clearFormComponents();
// refresh user info
((BaseApplication)parent).fillUserInfo();
// hide this
this.Hide();
}
else if (parent is LoginForm)
{
// else if parent is type of LoginForm
// set isLogin on true
sqlCommand = "UPDATE All_Users SET isLogin = 1 WHERE username = @usrName";
// create command
sql = new SqlCommand(sqlCommand, connection);
sql.Parameters.Add(new SqlParameter("@usrName", usernameTextBox.Text));
// and execute it
sql.ExecuteNonQuery();
// open application depending on
// user type
if ("administrator".Equals(userType.ToLower()))
{
((LoginForm)parent).Application = new AdminApplication(usernameTextBox.Text);
}
else if ("laboratory personnel".Equals(userType.ToLower()))
{
((LoginForm)parent).Application = new LabApplication(usernameTextBox.Text);
}
else if ("teacher".Equals(userType.ToLower()))
{
((LoginForm)parent).Application = new TeacherApplication(usernameTextBox.Text);
}
((LoginForm)parent).Application.setParent(((LoginForm)parent));
((LoginForm)parent).Application.Show();
// and dispose this
this.Dispose();
}
}
catch (Exception)
{
}
finally
{
// close connection
if (connection != null)
{
connection.Close();
}
changed = false;
clearFormComponents();
}
}
else
{
MessageBox.Show("You haven't inputed anything", "Warning");
}
}
private void registerButton_Click(object sender, EventArgs e)
{
if (!validateUserType() || !validateEmailAddress())
{
// if both required filds are empty
// or both are inputed wrong
MessageBox.Show("You haven't entered all required fileds!", "Error");
if (!validateUserType())
{
typeComboBox.Focus();
}
else
{
mailTextBox.Focus();
}
}
else
{
// for connection string
project.Properties.Settings s = new project.Properties.Settings();
SqlConnection connection = null;
SqlDataReader rdr = null;
try
{
string sqlCommand = "INSERT INTO New_Users(userType, name, surname, title, office, phone, mail)" +
" VALUES (@userType, @name, @surname, @title, @office, @phone, @mail)";
string[] atValues = { "@userType", "@name", "@surname", "@title", "@office", "@phone", "@mail" };
string[] values = { typeComboBox.Text, nameTextBox.Text, surnameTextBox.Text,
titleTextBox.Text, officeTextBox.Text, telephoneTextBox.Text, mailTextBox.Text };
// create new connection
connection = new System.Data.SqlClient.SqlConnection();
// set connection string
connection.ConnectionString = s.TESTConnectionString;
// open connection
connection.Open();
// create command
SqlCommand insertCommand = new SqlCommand(sqlCommand, connection);
SqlParameter param = null;
for (int i = 0; i < atValues.Length; i++)
{
param = new SqlParameter(atValues[i], values[i]);
insertCommand.Parameters.Add(param);
}
// send data to admin
int row = insertCommand.ExecuteNonQuery();
}
catch (Exception)
{
}
finally
{
// close reader
if (rdr != null)
{
rdr.Close();
}
// close connection
if (connection != null)
{
connection.Close();
}
}
// clear form
typeComboBox.Text = "choose type...";
nameTextBox.Clear();
surnameTextBox.Clear();
titleTextBox.Clear();
officeTextBox.Clear();
telephoneTextBox.Clear();
mailTextBox.Clear();
this.Hide();
}
}
