private void buttonCancel_Click(object sender, EventArgs e)
{
frmManageEmp manageEmployeeForm = new frmManageEmp();
Hide();
manageEmployeeForm.ShowDialog();
Close();
}
private void buttonAddNewEmployee_Click(object sender, EventArgs e)
{
currentUser = (User)this.Tag;
frmManageEmp manage = new frmManageEmp();
manage.ShowDialog();
}
private void buttonEditAccount_Click(object sender, EventArgs e)
{
bool validFName = firstNameCheck();
bool validLName;
bool validAddress;
bool validCity;
bool goodToGo;
if (validFName)
{
validLName = lastNameCheck();
}
else
{
return;
}
if (validLName)
{
validAddress = addressCheck();
}
else
{
return;
}
if (validAddress)
{
validCity = cityCheck();
}
else
{
return;
}
if (validCity)
{
goodToGo = zipCheck();
}
else
{
return;
}
if (goodToGo)
{
if (textBoxEmail.Text.Equals(textBoxConfirmEmail.Text))
{
try
{
using (SqlConnection cn = new SqlConnection(_cnDB))
{
using (SqlCommand cmd = new SqlCommand("usp_EditAccount", cn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@userID", SqlDbType.Int, 100).Value = editedUser.userID;
cmd.Parameters.Add("@firstName", SqlDbType.VarChar, 25).Value = textBoxFirstName.Text;
cmd.Parameters.Add("@lastName", SqlDbType.VarChar, 25).Value = textBoxLastName.Text;
cmd.Parameters.Add("@address", SqlDbType.VarChar, 100).Value = textBoxAddress.Text;
cmd.Parameters.Add("@city", SqlDbType.VarChar, 25).Value = textBoxCity.Text;
cmd.Parameters.Add("@zip", SqlDbType.VarChar, 7).Value = textBoxZip.Text;
cmd.Parameters.Add("@state", SqlDbType.VarChar, 30).Value = addAccount.dictStates[comboBoxStates.Text];
cmd.Parameters.Add("@country", SqlDbType.VarChar, 50).Value = addAccount.dictCountry[comboBoxCountry.Text];
cmd.Parameters.Add("@email", SqlDbType.VarChar, 100).Value = textBoxEmail.Text;
cn.Open();
cmd.ExecuteNonQuery();
cn.Close();
}
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine("Exception : " + ex.Message.ToString());
}
frmManageEmp manageEmployeeForm = new frmManageEmp();
Hide();
manageEmployeeForm.ShowDialog();
Close();
}
else
{
MessageBox.Show("Please make sure your emails match");
}
}
}
private void buttonCreateAccount_Click(object sender, EventArgs e)
{
string fName;
string lName;
string address;
string city;
string state;
string zip;
string country;
string email;
string confirmEmail;
string plainTxtPassword;
byte[] passwordHashByte;
byte[] passwordSaltByte;
string confirmPassword;
string passwordHash;
string passwordSalt;
bool validFName = firstNameCheck();
bool validLName;
bool validAddress;
bool validZip;
bool validCity;
bool goodToGo;
if (validFName)
{
validLName = lastNameCheck();
}
else
{
return;
}
if (validLName)
{
validAddress = addressCheck();
}
else
{
return;
}
if (validAddress)
{
validCity = cityCheck();
}
else
{
return;
}
if (validCity)
{
validZip = zipCheck();
}
else
{
return;
}
if (validZip)
{
goodToGo = passCheck();
}
else
{
return;
}
if (goodToGo)
{
fName = textBoxFirstName.Text;
lName = textBoxLastName.Text;
address = textBoxAddress.Text;
city = textBoxCity.Text;
if (comboBoxCountry.Text == "US")
{
state = newAccountForm.dictStates[comboBoxStates.Text];
}
else
{
state = newAccountForm.dictProvinces[comboBoxStates.Text];
}
confirmPassword = textBoxConfirmPassword.Text;
confirmEmail = textBoxConfirmEmail.Text;
zip = textBoxZip.Text;
country = newAccountForm.dictCountry[comboBoxCountry.Text];
email = textBoxEmail.Text;
plainTxtPassword = textBoxPassword.Text;
passwordSaltByte = newAccountForm.CreateSalt();
byte[] plainTxtPasswordByte = Encoding.ASCII.GetBytes(plainTxtPassword);
byte[] saltByte = newAccountForm.CreateSalt();
passwordHashByte = newAccountForm.EncryptSha256(plainTxtPasswordByte, saltByte);
passwordSalt = Convert.ToBase64String(saltByte);
passwordHash = Convert.ToBase64String(passwordHashByte);
if (email.Equals(confirmEmail) && plainTxtPassword.Equals(confirmPassword))
{
try
{
using (SqlConnection cn = new SqlConnection(_cnDB))
{
using (SqlCommand cmd = new SqlCommand("usp_AddAccount", cn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@firstName", SqlDbType.VarChar, 25).Value = fName;
cmd.Parameters.Add("@lastName", SqlDbType.VarChar, 25).Value = lName;
cmd.Parameters.Add("@address", SqlDbType.VarChar, 100).Value = address;
cmd.Parameters.Add("@city", SqlDbType.VarChar, 25).Value = city;
cmd.Parameters.Add("@zip", SqlDbType.VarChar, 7).Value = zip;
cmd.Parameters.Add("@state", SqlDbType.VarChar, 30).Value = state;
cmd.Parameters.Add("@country", SqlDbType.VarChar, 50).Value = country;
cmd.Parameters.Add("@email", SqlDbType.VarChar, 100).Value = email;
cmd.Parameters.Add("@passwordHash", SqlDbType.VarChar, 256).Value = passwordHash;
cmd.Parameters.Add("@passwordSalt", SqlDbType.VarChar, 256).Value = passwordSalt;
cmd.Parameters.Add("@membershipLevel", SqlDbType.VarChar, 15).Value = "None";
cmd.Parameters.Add("@employee", SqlDbType.VarChar, 3).Value = "Yes";
cmd.Parameters.Add("@expDate", SqlDbType.Date, 20).Value = "0001-01-01";
cmd.Parameters.Add("@amountSpent", SqlDbType.VarChar, 3).Value = "0";
cn.Open();
cmd.ExecuteNonQuery();
cn.Close();
}
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine("Exception : " + ex.Message.ToString());
}
}
Hide();
frmManageEmp manageEmp = new frmManageEmp();
manageEmp.ShowDialog();
Close();
}
}