public void UpdateAccount()
{
try
{
con.Open();
String query = "update account set username = @username, password= @password where account_id = @id";
MySqlCommand cmd = new MySqlCommand(query, con);
cmd.Parameters.AddWithValue("@id", user_id);
cmd.Parameters.AddWithValue("@username", TxtUsername.Text);
cmd.Parameters.AddWithValue("@password", SHA256Hasher.ComputeSha256Hash(TxtPassword.Text));
cmd.ExecuteNonQuery();
con.Close();
LogHistoryEditAccount(GlobalVar.user_id, GlobalVar.user_type, GlobalVar.user);
}
catch
{
NotificationConnectionError a = new NotificationConnectionError();
a.ShowDialog();
}
}
public void InserAccount()
{
try
{
con.Open();
String query = "INSERT INTO `account` (`username`, `password`, `account_type`) VALUES (@username, @password, @account_type)";
MySqlCommand cmd = new MySqlCommand(query, con);
cmd.Parameters.AddWithValue("@username", TxtUsername.Text);
cmd.Parameters.AddWithValue("@password", SHA256Hasher.ComputeSha256Hash(TxtPassword.Text));
cmd.Parameters.AddWithValue("@account_type", "Voter");
cmd.ExecuteNonQuery();
con.Close();
LogHistoryAddAccount(GlobalVar.user_id, GlobalVar.user_type, GlobalVar.user);
}
catch
{
NotificationConnectionError a = new NotificationConnectionError();
a.ShowDialog();
}
}
private void BtnLogin_Click(object sender, EventArgs e)
{
MySqlConnection con = new MySqlConnection(Connection.GetConnectionStr());
GlobalVar.user = TxtUsername.Text;
if (TxtUsername.Text == "Username" && TxtPassword.Text == "Password")
{
label10.Text = "Username and Password can't be blank!";
}
else if (TxtPassword.Text == "Password" && TxtUsername.Text == "")
{
label10.Text = "Username and Password can't be blank!";
}
else if (TxtUsername.Text == "Username" && TxtPassword.Text == "")
{
label10.Text = "Username and Password can't be blank!";
}
else if (TxtUsername.Text == "Username")
{
label10.Text = "Username can't be blank! ";
}
else if (TxtPassword.Text == "Password")
{
label10.Text = "Password can't be blank! ";
}
else
{
try
{
con.Open();
string query = "SELECT account_type, account_id, status FROM account WHERE username = @user and password = @pass";
MySqlCommand cmd = new MySqlCommand(query, con);
cmd.Parameters.AddWithValue("@user", TxtUsername.Text);
cmd.Parameters.AddWithValue("@pass", SHA256Hasher.ComputeSha256Hash(TxtPassword.Text));
MySqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
GlobalVar.user_type = reader["account_type"].ToString();
GlobalVar.user_id = reader["account_id"].ToString();
GlobalVar.status = reader["status"].ToString();
}
con.Close();
if (GlobalVar.user_type == "")
{
label10.Text = "Incorrect Password or Username. ";
}
else
{
LogHistoryLoginSuccess(GlobalVar.user_id, GlobalVar.user_type, TxtUsername.Text);
if (GlobalVar.user_type.Equals("SSG"))
{
FrmAdmin a = new FrmAdmin();
a.Show();
this.Hide();
}
else if (GlobalVar.user_type.Equals("Comelec"))
{
FrmTally a = new FrmTally();
a.Show();
this.Hide();
}
else if (GlobalVar.user_type.Equals("Voter"))
{
try
{
con.Open();
string query1 = "SELECT voters_id, status FROM voters WHERE account_id = @id";
MySqlCommand cmd1 = new MySqlCommand(query1, con);
cmd1.Parameters.AddWithValue("@id", GlobalVar.user_id);
MySqlDataReader reader1 = cmd1.ExecuteReader();
while (reader1.Read())
{
GlobalVar.status = reader1["status"].ToString();
GlobalVar.voters_id = reader1["voters_id"].ToString();
}
con.Close();
if (GlobalVar.status == "Voted")
{
label10.Text = "You are already voted.";
}
else
{
FrmDashboard a = new FrmDashboard();
a.Show();
this.Hide();
}
}
catch
{
NotificationConnectionError b = new NotificationConnectionError();
b.ShowDialog();
}
}
}
}
catch
{
NotificationConnectionError a = new NotificationConnectionError();
a.ShowDialog();
}
}
}