private void RegisterButton_Click(object sender, EventArgs e) { //sets connection var connectionString = ConfigurationManager.ConnectionStrings["EmployeeManagement"].ConnectionString; SqlConnection con = new SqlConnection(connectionString); //opens connection con.Open(); //Creates a command/sql query to select the userid from the database SqlCommand checkUserName = new SqlCommand("Select * from Employees where UserID=@Username", con); SqlCommand checkEmail = new SqlCommand("Select * from Employees where Email=@Email", con); //Trys to add the current data in the UserID text box to the database checkUserName.Parameters.AddWithValue("@Username", this.Username.Text); // same checks for the user id the only diffrence is its the email checkEmail.Parameters.AddWithValue("@Email", this.EmailBox.Text); var result = checkUserName.ExecuteScalar(); var emailResult = checkEmail.ExecuteScalar(); //checks to see if any textboxes are empty if so then it carrys on if (FirstNameBox.Text == "" || LastNameBox.Text == "" || DOBpicker.Text == "" || JobTitleBox.Text == "" || EmailBox.Text == "" || Username.Text == "" || Password.Text == "") { // if a empty a message box shows to ask to enter all fields MessageBox.Show("Please enter all fields!"); //simple return function as we dont want the rest of the code to continue return; } // if both useername and email are not empty and are equal to values in the database it does the following commands if (result != null || emailResult != null) { //if the user name and email is null then set them to red if (result != null && emailResult != null) { Username.BackColor = Color.LightCoral; EmailBox.BackColor = Color.LightCoral; MessageBox.Show("This Username & Email already exist!"); } //if the username is null set the email to green but the username to red else if (result != null) { EmailBox.BackColor = Color.LightGreen; Username.BackColor = Color.LightCoral; MessageBox.Show("This Username already exist!"); } //if the email is null set the email to red and the username to green else if (emailResult != null) { EmailBox.BackColor = Color.LightCoral; Username.BackColor = Color.LightGreen; MessageBox.Show("This Email already exist!"); } //close connection to database con.Close(); } //if no duplicates are found it will move on to adding the data to the database else { // creates a new connection { //creates the new command to insert values into the database but uses values for neater code Random rnd = new Random(); int ID = rnd.Next(2000, 4000); int Employeeid = ID; //SAME AS REGISTER PAGE SqlCommand EmployeeCheck = new SqlCommand("SELECT * from Employees where EmployeeID='" + Employeeid + "'", con); SqlCommand cmd = new SqlCommand("insert into Employees (EmployeeID, FirstName, LastName, DOB, Address, Salary, Department, JobTitle, Role, Email, UserID, Password) " + " values(@EmployeeID, @FirstName, @LastName, @DOB, @Address, @Salary, @Department, @JobTitle, @Role, @Email, @UserID, @Password)", con); SqlDataAdapter da = new SqlDataAdapter(EmployeeCheck); DataSet ds = new DataSet(); da.Fill(ds); int i = ds.Tables[0].Rows.Count; if (i > 0) { MessageBox.Show(i.ToString()); //create a new id int newID = rnd.Next(2000, 10000); cmd.Parameters.AddWithValue("@EmployeeID", newID); cmd.Parameters.AddWithValue("@FirstName", FirstNameBox.Text); cmd.Parameters.AddWithValue("@LastName", LastNameBox.Text); cmd.Parameters.AddWithValue("@DOB", DOBpicker.Text); cmd.Parameters.AddWithValue("@Address", Address.Text); //sets the salary value to the variable based on which role is selected // CLEAN UP ALL IFS STATEMENTS if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Manager") { cmd.Parameters.AddWithValue("@Salary", Manager); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Engineer") { cmd.Parameters.AddWithValue("@Salary", Engineer); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Team Leader") { cmd.Parameters.AddWithValue("@Salary", TeamLeader); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Engineer Scheduler") { cmd.Parameters.AddWithValue("@Salary", EngineerScheduler); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Senior Developer") { cmd.Parameters.AddWithValue("@Salary", SeniorDevelopment); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Programmer") { cmd.Parameters.AddWithValue("@Salary", Programmer); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Anaylst") { cmd.Parameters.AddWithValue("@Salary", Anaylst); } cmd.Parameters.AddWithValue("@Department", DepartmentBox.GetItemText(DepartmentBox.SelectedItem)); cmd.Parameters.AddWithValue("@JobTitle", JobTitleBox.Text); cmd.Parameters.AddWithValue("@Role", RoleBox.GetItemText(RoleBox.SelectedItem)); cmd.Parameters.AddWithValue("@Email", EmailBox.Text); cmd.Parameters.AddWithValue("@UserID", Username.Text); decryptedPassword = Password.Text; //adds the password as normal but adds it as an encrypted value cmd.Parameters.AddWithValue("@Password", PasswordLogin.encryptPassword(Password.Text.Trim())); //passing id cmd.ExecuteNonQuery(); //shows a succesful message MessageBox.Show("Succesfully Registerd!"); FirstNameBox.Clear(); LastNameBox.Clear(); JobTitleBox.Clear(); EmailBox.Clear(); Username.Clear(); Password.Clear(); Address.Clear(); DOBpicker.ResetText(); RoleBox.ResetText(); DepartmentBox.ResetText(); } else { cmd.Parameters.AddWithValue("@EmployeeID", Employeeid); cmd.Parameters.AddWithValue("@FirstName", FirstNameBox.Text); cmd.Parameters.AddWithValue("@LastName", LastNameBox.Text); cmd.Parameters.AddWithValue("@DOB", DOBpicker.Text); cmd.Parameters.AddWithValue("@Address", Address.Text); //sets the salary value to the variable based on which role is selected // CLEAN UP ALL IFS STATEMENTS if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Manager") { cmd.Parameters.AddWithValue("@Salary", Manager); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Engineer") { cmd.Parameters.AddWithValue("@Salary", Engineer); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Team Leader") { cmd.Parameters.AddWithValue("@Salary", TeamLeader); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Engineer Scheduler") { cmd.Parameters.AddWithValue("@Salary", EngineerScheduler); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Senior Developer") { cmd.Parameters.AddWithValue("@Salary", SeniorDevelopment); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Programmer") { cmd.Parameters.AddWithValue("@Salary", Programmer); } else if (RoleBox.GetItemText(RoleBox.SelectedItem) == "Anaylst") { cmd.Parameters.AddWithValue("@Salary", Anaylst); } cmd.Parameters.AddWithValue("@Department", DepartmentBox.GetItemText(DepartmentBox.SelectedItem)); cmd.Parameters.AddWithValue("@JobTitle", JobTitleBox.Text); cmd.Parameters.AddWithValue("@Role", RoleBox.GetItemText(RoleBox.SelectedItem)); cmd.Parameters.AddWithValue("@Email", EmailBox.Text); cmd.Parameters.AddWithValue("@UserID", Username.Text); decryptedPassword = Password.Text; //adds the password as normal but adds it as an encrypted value cmd.Parameters.AddWithValue("@Password", PasswordLogin.encryptPassword(Password.Text.Trim())); cmd.ExecuteNonQuery(); //closes connection con.Close(); //shows a succesful message MessageBox.Show("Succesfully Registerd!"); FirstNameBox.Clear(); LastNameBox.Clear(); JobTitleBox.Clear(); EmailBox.Clear(); Username.Clear(); Password.Clear(); Address.Clear(); DOBpicker.ResetText(); RoleBox.ResetText(); DepartmentBox.ResetText(); } } } }
private void button1_Click(object sender, EventArgs e) { var connectionString = ConfigurationManager.ConnectionStrings["EmployeeManagement"].ConnectionString; SqlConnection con = new SqlConnection(connectionString); //creates a new datatable DataTable dt = new DataTable(); //creates new adapter SqlDataAdapter adapt = new SqlDataAdapter(); //creates a new command SqlCommand Tcmd = new SqlCommand(); //sets the command connection equal to the database connection Tcmd.Connection = con; //write the query in this case being selecting the email from the employees table Tcmd.CommandText = "select * from Employees Where Email='" + Email.Text + "'"; //sets the data adapter to equal the sql query adapt.SelectCommand = Tcmd; //fills the datatable adapt.Fill(dt); //checks if the textboxes are empty if so continue if statment if (Email.Text == "" || NewPass.Text == "" || ConfirmPass.Text == "") { //ask to fill in all fields MessageBox.Show("Please enter all fields"); } //if the email does not match on of the database if (dt.Rows.Count == 0) { //displays to the user the email is invalid MessageBox.Show("Invalid Email"); } //checks to see if the email is equal to the email resend if not send error else if (Email.Text != VerifCode.EmailReSend) { //if not show an error message and return so no further code is carried out MessageBox.Show("Please enter the correct email"); MessageBox.Show(VerifCode.EmailReSend); return; } //checks to see if the new passwords is equal to the confirm passwords textboxes if so carry on else if (NewPass.Text == ConfirmPass.Text) { //opens connection con.Open(); //sets the query in this case updating the password where the current email is located Tcmd.CommandText = "update Employees set Password='******' where Email='" + Email.Text + "'"; //shows the user a succesful reset has taken place MessageBox.Show("Reset"); //resets the datatable so the passwords is updated dt.Reset(); //fills the datatable with the new password adapt.Fill(dt); Tcmd.ExecuteNonQuery(); //closes the form and goes back to login screen this.Close(); Form1 x = new Form1(); x.Show(); } else { //if the new passwords and confirm password dosent match then show this MessageBox.Show("Passwords dont match!"); } //closes connection to database con.Close(); }
private void Login_Click_1(object sender, EventArgs e) { //Opened his connection var connectionString = ConfigurationManager.ConnectionStrings["EmployeeManagement"].ConnectionString; SqlConnection con = new SqlConnection(connectionString); con.Open(); string userid = Username.Text; string password = Password.Text; //selects the username and password and makes sure they are case sensitive based on what the password was through registration string checkLogin = "******"; SqlCommand Tcmd = new SqlCommand(checkLogin, con); Tcmd.Parameters.AddWithValue("@Username", Username.Text); //checks the password but uses the encrypted function so the real password is never reavled Tcmd.Parameters.AddWithValue("@Password", PasswordLogin.encryptPassword(Password.Text)); SqlDataAdapter da = new SqlDataAdapter(Tcmd); DataTable dt = new DataTable(); da.Fill(dt); //checks to see if the password and username match and are infact a part of the database if (dt.Rows.Count > 0) { this.Hide(); WelcomePage y = new WelcomePage(); y.Show(); } else if (userid == "admin" && password == "admin") { this.Hide(); AdminDashboard a = new AdminDashboard(); a.Show(); return; } else { MessageBox.Show("Incorrect password please try again!"); return; } string queryString = "select EmployeeID from Employees where UserID=@UserID"; using (SqlConnection connection = new SqlConnection(connectionString)) using (SqlCommand command = new SqlCommand(queryString, connection)) { command.Parameters.AddWithValue("@UserID", Username.Text); connection.Open(); using (SqlDataReader reader = command.ExecuteReader()) { reader.Read(); CurrentUser.currentID = reader.GetInt32(0); // Call Close when done reading. reader.Close(); } } string getUserName = "******"; using (SqlConnection connection = new SqlConnection(connectionString)) using (SqlCommand getName = new SqlCommand(getUserName, connection)) { getName.Parameters.AddWithValue("@UserID", Username.Text); connection.Open(); using (SqlDataReader reader = getName.ExecuteReader()) { reader.Read(); CurrentUser.Name = reader.GetString(0); // Call Close when done reading. reader.Close(); } } con.Close(); }