Пример #1
0
        protected void loginbtn_Click(object sender, EventArgs e)
        {
            string username = usertbx.Text;
            string password = pwtbx.Text;
            Staff s = new Staff();
            s = SWENDbmanager.UserLogin(username,password);

            if (s == null)
            {
                lblfail.Text = "Invalid Username or Password..";
            }
            else
            {
                string staffnum = Convert.ToString(s.Staffnum);
                Response.Redirect("HomePage.aspx?staffnum=" + staffnum);
            }
        }
Пример #2
0
        protected void Button1_Click(object sender, EventArgs e)
        {
            Staff s = new Staff();
            s.Staffname = staffnametbx.Text;
            s.Dob = dobtbx.Text;
            s.Bankaccnum = banknotbx.Text;
            s.Contactnum = Convert.ToInt32(contatbx.Text);
            s.Homeadd = hometbx.Text;
            s.Dutytype = dutytbx.Text;
            s.Username = usernametbx.Text;
            s.Password = passtbx.Text;

            if (SWENDbmanager.InsertStaff(s) == 1)
            {
                lblSuccessful.Text = "Staff Creation Completed..";
            }
            else
            {
                lblSuccessful.Text = "Staff Creation Failed..";
            }
        }
Пример #3
0
        protected void Button1_Click(object sender, EventArgs e)
        {
            Staff s1 = new Staff();
            s1.Staffnum = Convert.ToInt32(lblstaffnum.Text);
            s1.Staffname = staffnametbx.Text;
            s1.Dob = dobtbx.Text;
            s1.Bankaccnum = banktbx.Text;
            s1.Contactnum = Convert.ToInt32(conttbx.Text);
            s1.Dutytype = lblduty.Text;
            s1.Homeadd = hometbx.Text;
            s1.Username = usertbx.Text;
            s1.Password = pwtbx.Text;

            if (SWENDbmanager.UpdateStaff(s1) == 1)
            {
                lblupdated.Text = "Profile Update Completed..";
            }
            else
            {
                lblupdated.Text = "Profile Update Failed..";
            }
        }
Пример #4
0
        protected void Button3_Click(object sender, EventArgs e)
        {
            Staff s = new Staff();
            s.Staffnum = Convert.ToInt32(lblstaffno.Text);
            s.Staffname = staffnametbx.Text;
            s.Dob = lbldob.Text;
            s.Bankaccnum = lblbankno.Text;
            s.Contactnum = Convert.ToInt32(contatbx.Text);
            s.Homeadd = homeaddtbx.Text;
            s.Dutytype = dutytbx.Text;
            s.Username = usernametbx.Text;
            s.Password = passtbx.Text;

            if (SWENDbmanager.UpdateStaff(s) == 1)
            {
                lblSuccesful.Text = "Staff Update Completed..";
            }
            else
            {
                lblSuccesful.Text = "Staff Update Failed..";
            }
        }
Пример #5
0
        public static Staff UserLogin(string username, string password)
        {
            Staff s = null;
            SqlConnection conn = null;
            try
            {
                conn = new SqlConnection();
                conn.ConnectionString = ConfigurationManager.ConnectionStrings["SWENConnectionString"].ConnectionString;
                conn.Open();
                SqlCommand comm = new SqlCommand();
                comm.Connection = conn;
                comm.CommandText = "SELECT * FROM Staff WHERE password=@password COLLATE SQL_Latin1_General_CP1_CS_AS and username=@username COLLATE SQL_Latin1_General_CP1_CS_AS";

                comm.Parameters.AddWithValue("@password", password);
                comm.Parameters.AddWithValue("@username", username);
                SqlDataReader dr = comm.ExecuteReader();
                if (dr.Read())
                {
                    s = new Staff();

                 s.Username = (string)dr["username"];
                 s.Password = (string)dr["password"];
                 s.Staffnum = (int)dr["staffnum"];
                 s.Staffname = (string)dr["staffname"];;
                 s.Dob = (string)dr["dateofbirth"];
                 s.Bankaccnum = (string)dr["bankaccnum"];
                 s.Contactnum = (int)dr["contactnum"];
                 s.Homeadd = (string)dr["homeadd"];
                 s.Dutytype = (string)dr["dutytype"];
                }
                dr.Close();
            }
            catch (SqlException e)
            {
                throw e;
            }
            return s;
        }
Пример #6
0
        public static int UpdateStaff(Staff s)
        {
            int rowsupdated = 0;

            SqlConnection conn = null;
            try
            {
                conn = new SqlConnection();
                conn.ConnectionString = ConfigurationManager.ConnectionStrings["SWENConnectionString"].ConnectionString;
                conn.Open();
                SqlCommand comm = new SqlCommand();
                comm.Connection = conn;
                comm.CommandText = "UPDATE Staff SET staffname=@staffname, dateofbirth=@dateofbirth, bankaccnum=@bankaccnum, contactnum=@contactnum, dutytype=@dutytype,  homeadd=@homeadd, username=@username, password=@password WHERE staffnum=@staffnum";
                comm.Parameters.AddWithValue("@staffname", s.Staffname);
                comm.Parameters.AddWithValue("@dateofbirth", s.Dob);
                comm.Parameters.AddWithValue("@bankaccnum", s.Bankaccnum);
                comm.Parameters.AddWithValue("@contactnum", s.Contactnum);
                comm.Parameters.AddWithValue("@dutytype", s.Dutytype);
                comm.Parameters.AddWithValue("@homeadd", s.Homeadd);
                comm.Parameters.AddWithValue("@username", s.Username);
                comm.Parameters.AddWithValue("@password", s.Password);
                comm.Parameters.AddWithValue("@staffnum",s.Staffnum);

                rowsupdated = comm.ExecuteNonQuery();
                conn.Close();
            }
            catch (SqlException e)
            {
                throw e;
            }
            return rowsupdated;
        }
Пример #7
0
        public static int InsertStaff(Staff s)
        {
            int rowsinserted = 0;

            SqlConnection conn = null;
            try
            {
                conn = new SqlConnection();
                conn.ConnectionString = ConfigurationManager.ConnectionStrings["SWENConnectionString"].ConnectionString;
                conn.Open();
                SqlCommand comm = new SqlCommand();
                comm.Connection = conn;
                comm.CommandText = "INSERT INTO Staff(staffname,dateofbirth,bankaccnum,contactnum,dutytype,homeadd,username,password)" +
                    " VALUES (@staffname,@dateofbirth,@bankaccnum,@contactnum,@dutytype,@homeadd,@username,@password)";

                comm.Parameters.AddWithValue("@staffname", s.Staffname);
                comm.Parameters.AddWithValue("@dateofbirth", s.Dob);
                comm.Parameters.AddWithValue("@bankaccnum", s.Bankaccnum);
                comm.Parameters.AddWithValue("@contactnum" , s.Contactnum);
                comm.Parameters.AddWithValue("@dutytype", s.Dutytype);
                comm.Parameters.AddWithValue("@homeadd", s.Homeadd);
                comm.Parameters.AddWithValue("@username", s.Username);
                comm.Parameters.AddWithValue("@password", s.Password);
                rowsinserted = comm.ExecuteNonQuery();

                conn.Close();
            }
            catch (SqlException e)
            {
                throw e;
            }
            return rowsinserted;
        }
Пример #8
0
        public static Staff GetStaffByNum(int staffnum)
        {
            Staff s = new Staff();
            SqlConnection conn = null;
            try
            {
                conn = new SqlConnection();
                conn.ConnectionString = ConfigurationManager.ConnectionStrings["SWENConnectionString"].ConnectionString;
                conn.Open();
                SqlCommand comm = new SqlCommand();
                comm.Connection = conn;
                comm.CommandText = "SELECT * FROM Staff WHERE staffnum=@staffnum";
                comm.Parameters.AddWithValue("@staffnum", staffnum);
                SqlDataReader dr = comm.ExecuteReader();
                if (dr.Read())
                {

                    s.Staffnum = (int)dr["staffnum"];
                    s.Staffname = (string)dr["staffname"];
                    s.Dob = (string)dr["dateofbirth"];
                    s.Bankaccnum = (string)dr["bankaccnum"];
                    s.Contactnum = (int)dr["contactnum"];
                    s.Dutytype = (string)dr["dutytype"];
                    s.Homeadd = (string)dr["homeadd"];
                    s.Username = (string)dr["username"];
                    s.Password = (string)dr["password"];

                }
                dr.Close();
            }

            catch (SqlException e)
            {
                throw e;
            }

            return s;
        }