public ForgotPassword(string username) { InitializeComponent(); user = username; var conn = DBUtils.Instance(); conn.IsConnect(); using (MySqlCommand cmd = new MySqlCommand("SELECT securityQuestion, answer FROM Accounts WHERE username = @username", conn.Connection)) { cmd.Parameters.AddWithValue("@username", username); MySqlDataReader dr = cmd.ExecuteReader(); if (dr.Read()) { int securityQuestionIndex = dr.GetOrdinal("securityQuestion"); question = Convert.ToString(dr.GetValue(securityQuestionIndex)); int answerIndex = dr.GetOrdinal("answer"); answer = Convert.ToString(dr.GetValue(answerIndex)); securityQuestion.Content = question; } } }
private void btnLogin_Click(object sender, RoutedEventArgs e) { if (string.IsNullOrEmpty(txtUsername.Text) || string.IsNullOrEmpty(txtPassword.Password)) { MessageBox.Show("One or more fields are empty!"); return; } else { var conn = DBUtils.Instance(); conn.IsConnect(); Nullable <int> loginAttempts; using (MySqlCommand cmd = new MySqlCommand("Select tries FROM Accounts WHERE username = @username", conn.Connection)) { cmd.Parameters.AddWithValue("@username", txtUsername.Text); loginAttempts = Convert.ToInt32(cmd.ExecuteScalar()); } if (loginAttempts < 5) { string un = txtUsername.Text; string pw = txtPassword.Password; using (MySqlCommand cmd = new MySqlCommand("Select * from Accounts where username = @username AND password = @password", conn.Connection)) { cmd.Parameters.AddWithValue("@username", un); cmd.Parameters.AddWithValue("@password", pw); MySqlDataReader dr = cmd.ExecuteReader(); if (dr.Read()) { string lName, fName, mName; lName = dr.GetString(2); fName = dr.GetString(3); mName = dr.GetString(4); int userLevelIndex = dr.GetOrdinal("accountLvl"); userLevel = dr.GetString(userLevelIndex); using (MySqlCommand cmd2 = new MySqlCommand("UPDATE Accounts SET tries = 0", conn.Connection)) { dr.Close(); dr.Dispose(); cmd2.ExecuteNonQuery(); MessageBox.Show("Login Successful"); } } else { using (MySqlCommand cmd2 = new MySqlCommand("Select username from Accounts where username = @username", conn.Connection)) { cmd2.Parameters.AddWithValue("@username", un); dr.Close(); dr.Dispose(); dr = cmd2.ExecuteReader(); int ordinal = 0; string value = ""; if (dr.Read()) { ordinal = dr.GetOrdinal("username"); value = dr.GetString(ordinal); if (value.Equals(un)) { using (MySqlCommand cmd3 = new MySqlCommand("UPDATE Accounts SET tries = tries + 1 WHERE username = @username", conn.Connection)) { cmd3.Parameters.AddWithValue("@username", un); dr.Close(); dr.Dispose(); cmd3.ExecuteNonQuery(); cmd3.Dispose(); } } } } MessageBox.Show("Username or Password is invalid"); return; } } Hide(); new Main().ShowDialog(); ShowDialog(); txtPassword.Password = null; txtUsername.Text = null; } else { user = txtUsername.Text; string sMessageBoxText = "Due to multiple login attempts, your account has been locked. \nPlease unlock it to continue."; string sCaption = "Account Recovery"; MessageBoxButton btnMessageBox = MessageBoxButton.YesNoCancel; MessageBoxImage icnMessageBox = MessageBoxImage.Warning; MessageBoxResult dr = MessageBox.Show(sMessageBoxText, sCaption, btnMessageBox, icnMessageBox); switch (dr) { case MessageBoxResult.Yes: Hide(); new ForgotPassword(txtUsername.Text).ShowDialog(); ShowDialog(); break; case MessageBoxResult.No: break; } } } }
private void updateListView() { var conn = DBUtils.Instance(); conn.DatabaseName = "medinventSys"; string sql; if (inventoryType == "ALL") { if (string.IsNullOrEmpty(to)) { sql = "SELECT * from tblinventory where dateExpiry > '" + from + "'"; } else { sql = "SELECT * from tblinventory where dateExpiry between '" + from + "' and '" + to + "'"; } if (conn.IsConnect()) { using (var cmd = new MySqlCommand(sql, conn.Connection)) { lvExpiringInvent.Items.Clear(); using (var reader = cmd.ExecuteReader()) { while (reader.Read()) { //2 int inventTypeIndex = reader.GetOrdinal("inventType"); string inventType = Convert.ToString(reader.GetValue(inventTypeIndex)); //3 int codeIndex = reader.GetOrdinal("code"); string code = Convert.ToString(reader.GetValue(codeIndex)); //4 int descIndex = reader.GetOrdinal("descript"); string desc = Convert.ToString(reader.GetValue(descIndex)); //5 int genNameIndex = reader.GetOrdinal("genName"); string genName = Convert.ToString(reader.GetValue(genNameIndex)); //6 int qtyIndex = reader.GetOrdinal("qty"); int qty = Convert.ToInt32(reader.GetValue(qtyIndex)); //7 int unitIndex = reader.GetOrdinal("unit"); string unit = Convert.ToString(reader.GetValue(unitIndex)); //8 int ppUnitIndex = reader.GetOrdinal("priceperUnit"); double ppUnitDouble = Convert.ToDouble(reader.GetValue(ppUnitIndex)); string ppUnit = ppUnitDouble.ToString("F"); //9 int datePurchaseIndex = reader.GetOrdinal("datePurchase"); myDate = Convert.ToDateTime(reader.GetValue(datePurchaseIndex)); string datePurchase = myDate.ToString("dd MMMM yyyy"); //10 int dateExpiryIndex = reader.GetOrdinal("dateExpiry"); string dateExpiry; if (reader.GetValue(dateExpiryIndex) == DBNull.Value) { dateExpiry = "--"; } else { DateTime dateExpiryDate = Convert.ToDateTime(reader.GetValue(dateExpiryIndex)); dateExpiry = dateExpiryDate.ToString("dd MMMM yyyy"); } //11 int manufIndex = reader.GetOrdinal("manuf"); string manuf = Convert.ToString(reader.GetValue(manufIndex)); //12 int vendorIndex = reader.GetOrdinal("vendor"); string vendor = Convert.ToString(reader.GetValue(vendorIndex)); //13 int branchIndex = reader.GetOrdinal("branch"); string branch = Convert.ToString(reader.GetValue(branchIndex)); expiringInvent.Add(new ListViewStockInReport { i = i, inventType = inventType, code = code, desc = desc, genName = genName, qty = qty, unit = unit, priceperUnit = ppUnit, datePurchase = datePurchase, dateExpiry = dateExpiry, manuf = manuf, vendor = vendor, branch = branch }); i++; itemcount++; } } } conn.Close(); } } else { if (string.IsNullOrEmpty(to)) { sql = "SELECT * from tblinventory where dateExpiry > '" + from + "' and inventType = '" + inventoryType + "'"; } else { sql = "SELECT * from tblinventory where dateExpiry between '" + from + "' and '" + to + "' and inventType = '" + inventoryType + "'"; } if (conn.IsConnect()) { using (var cmd = new MySqlCommand(sql, conn.Connection)) { lvExpiringInvent.Items.Clear(); using (var reader = cmd.ExecuteReader()) { //2 int inventTypeIndex = reader.GetOrdinal("inventType"); string inventType = Convert.ToString(reader.GetValue(inventTypeIndex)); //3 int codeIndex = reader.GetOrdinal("code"); string code = Convert.ToString(reader.GetValue(codeIndex)); //4 int descIndex = reader.GetOrdinal("descript"); string desc = Convert.ToString(reader.GetValue(descIndex)); //5 int genNameIndex = reader.GetOrdinal("genName"); string genName = Convert.ToString(reader.GetValue(genNameIndex)); //6 int qtyIndex = reader.GetOrdinal("qty"); int qty = Convert.ToInt32(reader.GetValue(qtyIndex)); //7 int unitIndex = reader.GetOrdinal("unit"); string unit = Convert.ToString(reader.GetValue(unitIndex)); //8 int ppUnitIndex = reader.GetOrdinal("priceperUnit"); double ppUnitDouble = Convert.ToDouble(reader.GetValue(ppUnitIndex)); string ppUnit = ppUnitDouble.ToString("F"); //9 int datePurchaseIndex = reader.GetOrdinal("datePurchase"); myDate = Convert.ToDateTime(reader.GetValue(datePurchaseIndex)); string datePurchase = myDate.ToString("dd MMMM yyyy"); //10 int dateExpiryIndex = reader.GetOrdinal("dateExpiry"); string dateExpiry; if (reader.GetValue(dateExpiryIndex) == DBNull.Value) { dateExpiry = "--"; } else { DateTime dateExpiryDate = Convert.ToDateTime(reader.GetValue(dateExpiryIndex)); dateExpiry = dateExpiryDate.ToString("dd MMMM yyyy"); } //11 int manufIndex = reader.GetOrdinal("manuf"); string manuf = Convert.ToString(reader.GetValue(manufIndex)); //12 int vendorIndex = reader.GetOrdinal("vendor"); string vendor = Convert.ToString(reader.GetValue(vendorIndex)); //13 int branchIndex = reader.GetOrdinal("branch"); string branch = Convert.ToString(reader.GetValue(branchIndex)); expiringInvent.Add(new ListViewStockInReport { i = i, inventType = inventType, code = code, desc = desc, genName = genName, qty = qty, unit = unit, priceperUnit = ppUnit, datePurchase = datePurchase, dateExpiry = dateExpiry, manuf = manuf, vendor = vendor, branch = branch }); i++; itemcount++; } } conn.Close(); } } }