protected void buttonSelect_Click(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(myConnStr);
        //counts number of rows where value exists
        SqlCommand cmdSelectCount = new SqlCommand("SELECT COUNT(*) FROM tblCandidate WHERE candCode = '" + textboxEnterCode.Text + "'", con);

        try
        {
            con.Open();

            //returns first row and first column value of query result
            vc.matchCount = cmdSelectCount.ExecuteScalar().ToString();

            //if a row in the database contains the entered candidate code
            if (vc.getMatchCount() == "1")
            {
                SqlCommand    cmdSelectCand = new SqlCommand("SELECT * FROM tblCandidate WHERE candCode = '" + textboxEnterCode.Text + "'", con);
                SqlDataReader read          = cmdSelectCand.ExecuteReader();
                while (read.Read())
                {
                    //stores firstName and lastName value in label
                    lblConfirmMsg.Text = "You have chosen " + (read["candFirstName"].ToString() + " " + read["candLastName"].ToString() + ". Please confirm your choice below:");
                }
                read.Close();

                if (lblConfirmMsg.Text != "")
                {
                    buttonYes.Visible = true;
                    buttonNo.Visible  = true;
                }
            }
            //if a row in the database doesn't contain the entered username
            else
            {
                lblErrorMsg.Visible   = true;
                textboxEnterCode.Text = "";
                textboxEnterCode.Focus();
            }
        }
        catch (Exception er)
        {
            Response.Write("<script language='javascript'> alert('Error! Database connection failed. Please try again.');</script>");
            textboxEnterCode.Text = "";
            textboxEnterCode.Focus();
        }
        finally
        {
            con.Close();
        }
    }
    protected void buttonLogin_Click(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(myConnStr);

        try
        {
            con.Open();

            //counts number of rows where both values exist
            SqlCommand cmdSelectCount = new SqlCommand("SELECT COUNT(*) FROM tblAdmin WHERE adminUsername = '******' AND adminPassword = '******'", con);
            //returns first row and first column value of query result
            vc.matchCount = cmdSelectCount.ExecuteScalar().ToString();

            //if a row in the database contains the entered username and password
            if (vc.getMatchCount() == "1")
            {
                SqlCommand    select2Cmd = new SqlCommand("SELECT * FROM tblAdmin WHERE adminUsername = '******' AND adminPassword = '******'", con);
                SqlDataReader read       = select2Cmd.ExecuteReader();

                while (read.Read())
                {
                    //stores firstName and lastName value in string variable
                    theAdmin.adminName = (read["adminFirstName"].ToString() + " " + read["adminLastName"].ToString());
                }
                read.Close();

                //creates session for user
                Session["adminName"] = theAdmin.adminName;
                Response.Redirect("AdminMenu.aspx");
            }
            //if a row in the database doesn't contain the entered username and password
            else
            {
                lblErrorMsg.Visible = true;
                clearTextbox();
                textboxUsername.Focus();
            }
        }
        catch (Exception er)
        {
            Response.Write("<script language='javascript'> alert(''Error! Database connection failed. Please try again.');location.href='AdminLogin.aspx'');</script>");
        }
        finally
        {
            con.Close();
        }
    }
    protected void buttonRegister_Click(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(myConnStr);

        try
        {
            con.Open();

            //counts number of rows where the value exists
            SqlCommand cmdSelectCount = new SqlCommand("SELECT COUNT(*) FROM tblStaff WHERE staffUsername = @username", con);
            cmdSelectCount.Parameters.AddWithValue("@username", textboxUsername.Text);

            //returns first row and first column value of query result
            vc.matchCount = cmdSelectCount.ExecuteScalar().ToString();

            //if a row in the database contains the entered username
            if (vc.getMatchCount() != "1")
            {
                SqlCommand cmdInsertStaff = new SqlCommand("INSERT INTO tblStaff (staffFirstName, staffLastName, staffUsername, staffPassword, staffVoteStatus) VALUES (@fName,@lName, @username, @password, 0)", con);

                cmdInsertStaff.Parameters.AddWithValue("@fName", textboxFName.Text);
                cmdInsertStaff.Parameters.AddWithValue("@lName", textboxLName.Text);
                cmdInsertStaff.Parameters.AddWithValue("@username", textboxUsername.Text);
                cmdInsertStaff.Parameters.AddWithValue("@password", textboxPassword.Text);
                cmdInsertStaff.ExecuteNonQuery();

                Response.Write("<script language='javascript'> alert('Record has been added successfully!');location.href='VoterLogin.aspx'</script>");
            }
            //if a row in the database doesn't contain the entered username
            else
            {
                Response.Write("<script language='javascript'> alert('Username already exists!');</script>");
                clearTextbox();
                textboxUsername.Focus();
            }
        }
        catch (Exception er)
        {
            Response.Write("<script language='javascript'> alert('Error! Database connection failed. Please try again.');location.href='VoterRegister.aspx'</script>");
        }
        finally
        {
            con.Close();
        }
    }
    protected void buttonLogin_Click(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(myConnStr);

        try
        {
            con.Open();

            //counts number of rows where both values exist
            SqlCommand cmdSelectCount = new SqlCommand("SELECT COUNT(*) FROM tblStaff WHERE staffUsername = '******' AND staffPassword = '******'", con);
            //returns first row and first column value of query result
            vc.matchCount = cmdSelectCount.ExecuteScalar().ToString();

            //if a row in the database contains the entered username and password
            if (vc.getMatchCount() == "1")
            {
                SqlCommand cmdSelectStaffVoted = new SqlCommand("SELECT staffVoteStatus FROM tblStaff WHERE staffUsername = '******' AND staffPassword = '******'", con);
                //returns first row and first column value of query result
                vc.voteCount = cmdSelectStaffVoted.ExecuteScalar().ToString();

                //if the staff hasn't voted
                if (vc.getVoteCount() != "1")
                {
                    SqlCommand    cmdSelectStaff = new SqlCommand("SELECT * FROM tblStaff WHERE staffUsername = '******' AND staffPassword = '******'", con);
                    SqlDataReader read           = cmdSelectStaff.ExecuteReader();

                    while (read.Read())
                    {
                        //stores firstName, lastName and staffID values in string variables
                        theStaff.staffName = (read["staffFirstName"].ToString() + " " + read["staffLastName"].ToString());
                        theStaff.staffID   = Convert.ToInt32(read["staffID"]);
                    }
                    read.Close();

                    //creates a session for user
                    Session["staffName"] = theStaff.staffName;
                    Session["staffID"]   = theStaff.staffID;

                    //query string to send staff ID information to next page
                    Response.Redirect("VoterMenu.aspx?staffID=" + Session["staffID"]);
                }
                //if the staff has voted
                else
                {
                    Response.Write("<script language='javascript'> alert('You have already voted!');location.href='Home.aspx'</script>");
                }
            }
            //if a row in the database doesn't contain the entered username and password
            else
            {
                lblErrorMsg.Visible = true;
                clearTextbox();
                textboxUsername.Focus();
            }
        }
        catch (Exception er)
        {
            Response.Write("<script language='javascript'> alert('Error! Database connection failed. Please enter your details again.');</script>");
            clearTextbox();
            textboxUsername.Focus();
        }
        finally
        {
            con.Close();
        }
    }