public GameTextItem GetOne(int ID)
{
var item = new GameTextItem();
string sql = "SELECT * FROM [portal].[dbo].chuchaychay WHERE id = @id";
SqlConnection conn = new SqlConnection(Constants.DBConnection);
SqlCommand MyCommand = new SqlCommand(sql, conn);
MyCommand.Parameters.AddWithValue("id", ID);
SqlDataReader MyReader;
conn.Open();
MyReader = MyCommand.ExecuteReader();
while (MyReader.Read())
{
item = new GameTextItem
{
ID = MyReader.GetInt32(MyReader.GetOrdinal("id")),
Title = MyReader.GetString(MyReader.GetOrdinal("Title")),
Link = MyReader.GetString(MyReader.GetOrdinal("Link")),
DataStart = MyReader.GetDateTime(MyReader.GetOrdinal("DataStart")),
DateEnd = MyReader.GetDateTime(MyReader.GetOrdinal("DateEnd")),
IsDelete = MyReader.GetBoolean(MyReader.GetOrdinal("IsDelete")),
Order = MyReader.GetInt32(MyReader.GetOrdinal("Orders")),
};
}
MyReader.Close();
conn.Close();
return(item);
}
/*update 24/03*/
public List <GameTextItem> GetAll()
{
var lst = new List <GameTextItem>();
string sql = "SELECT * FROM [portal].[dbo].chuchaychay ORDER BY id DESC";
SqlConnection conn = new SqlConnection(Constants.DBConnection);
SqlCommand MyCommand = new SqlCommand(sql, conn);
SqlDataReader MyReader;
conn.Open();
MyReader = MyCommand.ExecuteReader();
while (MyReader.Read())
{
var item = new GameTextItem
{
ID = MyReader.GetInt32(MyReader.GetOrdinal("id")),
Title = MyReader.GetString(MyReader.GetOrdinal("Title")),
Link = MyReader.GetString(MyReader.GetOrdinal("Link")),
DataStart = MyReader.GetDateTime(MyReader.GetOrdinal("DataStart")),
DateEnd = MyReader.GetDateTime(MyReader.GetOrdinal("DateEnd")),
IsDelete = MyReader.GetBoolean(MyReader.GetOrdinal("IsDelete")),
Order = MyReader.GetInt32(MyReader.GetOrdinal("Orders")),
DataStartstring = MyReader.GetDateTime(MyReader.GetOrdinal("DataStart")).ToShortDateString(),
DateEndstring = MyReader.GetDateTime(MyReader.GetOrdinal("DateEnd")).ToShortDateString()
};
lst.Add(item);
}
MyReader.Close();
conn.Close();
return(lst);
}
private void checkMasterAdmin()
{
//connection to database
string Conn = "datasource=localhost;port=3306;username=root;password=;database=sbc;sslMode=none";
MySqlConnection MyConn = new MySqlConnection(Conn);
MyConn.Open();
MySqlDataReader MyReader;
//get owner IC from database given the owner name from form
string findMaster = "SELECT Master FROM admin WHERE EmpID = '" + Program.admin.getEmpID() + "';";
MySqlCommand selectComm = new MySqlCommand(findMaster, MyConn);
MyReader = selectComm.ExecuteReader();
MyReader.Read();
bool isMaster = MyReader.GetBoolean("Master");
MyConn.Close();
if (!isMaster)
{
//hide buttons if admin is not master
//account management
accMngButton.Visible = false;
accMngLabel.Visible = false;
//logs
logButton.Visible = false;
logLabel.Visible = false;
}
}
private void button1_Click(object sender, EventArgs e)
{
String empId = usernameInput.Text;
String userPwd = passwordInput.Text;
String computedHash;
if (empId.Trim() == "" || userPwd.Trim() == "")
{
MessageBox.Show("Username or Password field should not be blank!");
}
//Perform hashing for password
using (var md5Hash = MD5.Create())
{
// Byte array representation of source string
var sourceBytes = Encoding.UTF8.GetBytes(userPwd);
// Generate hash value(Byte Array) for input data
var hashBytes = md5Hash.ComputeHash(sourceBytes);
// Convert hash byte array to string
computedHash = BitConverter.ToString(hashBytes).Replace("-", string.Empty);;
}
try
{
//Connection to database
string Conn = "datasource=localhost; port=3306;username=root;password=;database=sbc; sslMode=none";
string Query = "SELECT * FROM admin WHERE EmpID ='" + empId + "';";
MySqlConnection MyConn = new MySqlConnection(Conn);
MySqlCommand MyComd = new MySqlCommand(Query, MyConn);
MySqlDataReader MyReader;
MyConn.Open();
MyReader = MyComd.ExecuteReader();
if (MyReader.Read())
{
string dbEmpId = MyReader.GetString("EmpID");
string dbName = MyReader.GetString("Name");
Boolean dbMaster = MyReader.GetBoolean("Master");
Program.admin = new Admin(dbEmpId, dbName, dbMaster);
string hash = MyReader.GetString("hash");
if (computedHash.ToLower() == hash.ToLower())
{
//login successful
this.Hide();
AdminForm adminForm = new AdminForm();
PermitExpiryReminder();
adminForm.ShowDialog();
}
else
{
//show error message box
MessageBox.Show("Password incorrect");
}
}
//check permit validity
}catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
