private void btnBack_Click(object sender, EventArgs e) { this.Hide(); ManagerForm mng = new ManagerForm(); mng.Show(); }
private void btn_login_Click(object sender, EventArgs e) { if (_Staff.StaffList.Count == 0) { MessageBox.Show("No account is registered yet."); return; } foreach (Person item in _Staff.StaffList) { if (txtbx_username.Text == item.Name && txtbx_password.Text == item.Password && (Role)Enum.Parse(typeof(Role), cmbx_roles.SelectedValue.ToString()) == Role.Officant) { MessageBox.Show("Login is successful"); this.Hide(); OfficiantForm officiantForm = new OfficiantForm(this, ProductItemList); officiantForm.Show(); break; } else if (txtbx_username.Text == item.Name && txtbx_password.Text == item.Password && (Role)Enum.Parse(typeof(Role), cmbx_roles.SelectedValue.ToString()) == Role.Manager) { MessageBox.Show("Login is successful"); this.Hide(); ManagerForm managerForm = new ManagerForm(this, ProductItemList, _Staff); managerForm.Show(); break; } else if (_Staff.StaffList.IndexOf(item) == _Staff.StaffList.Count - 1) { MessageBox.Show("Login failed"); } } }
private void btn_login_Click(object sender, EventArgs e) { string nameInput = txtbx_username.Text; string passwordInput = txtbx_password.Text; int roleIndex = cmbx_roles.SelectedIndex + 1; sqlConnection.Open(); string query = @"SELECT s.Name, s.RoleId FROM Staff as s WHERE s.Name='" + nameInput + "' AND Password='******' AND s.RoleId=" + roleIndex; SqlCommand sqlCommand = new SqlCommand(query, sqlConnection); SqlDataReader sqlDataReader = sqlCommand.ExecuteReader(); if (!sqlDataReader.HasRows) { MessageBox.Show("Login failed"); txtbx_username.Clear(); txtbx_password.Clear(); } while (sqlDataReader.Read()) { if (roleIndex == 1) { MessageBox.Show("Login is successful"); this.Hide(); OfficiantForm officiantForm = new OfficiantForm(this, txtbx_username.Text); officiantForm.Show(); } else if (roleIndex == 2) { MessageBox.Show("Login is successful"); this.Hide(); ManagerForm managerForm = new ManagerForm(this); managerForm.Show(); } else { MessageBox.Show("Login is successful"); } } sqlConnection.Close(); sqlCommand.Dispose(); sqlDataReader.Close(); }
// The manager response is similar to the login for normal employees, but this time we // are looking for a passcode / challenge instead of employeeID and password. // The manager is the only one that will have a passcode so the switch statement below // must match up with the manager role as well...a dumbed-down, simplistic 2-in-1 validation. // Upon meeting the challenge, the manager form will launch. All this should prevent // normal users from doing things they shouldn't unless they steal the manager's phone too. public void ManagerResponse(int passcode) { try { SqlConnection con = new SqlConnection(); con.ConnectionString = "Server=cis1.actx.edu;Database=project2;User Id=db2;Password = db20;"; con.Open(); using (SqlCommand readEmployeeRecords = con.CreateCommand()) { readEmployeeRecords.CommandText = "select * from dbo.Employee where Passcode = @Passcode;"; var pass = new SqlParameter("passcode", passcode); readEmployeeRecords.Parameters.Add(pass); using (SqlDataReader reader = readEmployeeRecords.ExecuteReader()) { string rec = ""; while (reader.Read()) { rec = reader.GetString(5); } switch (rec) { case "Manager": ManagerForm man = new ManagerForm(); man.Show(); break; } } } con.Close(); } catch (Exception err) { MessageBox.Show(err.Message); } }