protected void btnSubmit_Click(object sender, EventArgs e) { if (!ddlEndDateValidateAllOrNoneSet.IsValid || !ddlStartDateValidateAllOrNoneSet.IsValid) { return; } txtPwd.Attributes["value"] = txtPwd.Text; // pwd fields is unset on send back to server, so re-set it if (GetUrlParamType() == UrlParamType.View) { Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "edit")); } else if (GetUrlParamType() == UrlParamType.Edit) { Staff staff = StaffDB.GetByID(Convert.ToInt32(this.lblId.Text)); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text)) { SetErrorMessage("Login name already in use by another user"); return; } if (StaffDB.LoginExists(txtLogin.Text, staff.StaffID)) { SetErrorMessage("Login name already in use by another user"); return; } if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6) { SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters"); return; } bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]); bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]); PersonDB.Update(staff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), staff.Person.Nickname, ddlGender.SelectedValue, staff.Person.Dob, DateTime.Now); StaffDB.Update(staff.StaffID, staff.Person.PersonID, txtLogin.Text, txtPwd.Text, staff.StaffPosition.StaffPositionID, staff.Field.ID, staff.CostCentre.CostCentreID, staff.IsContractor, staff.Tfn, staff.ProviderNumber, ddlStatus.SelectedValue == "Inactive", staff.IsCommission, staff.CommissionPercent, staff.IsStakeholder, staff.IsMasterAdmin, staff.IsAdmin, staff.IsPrincipal, staff.IsProvider, staff.IsExternal, GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, staff.EnableDailyReminderSMS, staff.EnableDailyReminderEmail, staff.HideBookingNotes); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text) { UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString()); UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString()); } Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "view")); } else if (GetUrlParamType() == UrlParamType.Add) { if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && UserDatabaseMapperDB.UsernameExists(txtLogin.Text)) { SetErrorMessage("Login name already in use by another user"); return; } if (StaffDB.LoginExists(txtLogin.Text)) { SetErrorMessage("Login name already in use by another user"); return; } if (txtPwd.Text.Length < 6) { SetErrorMessage("Password must be at least 6 characters"); return; } int person_id = -1; int staff_id = -1; bool staff_added = false; int mainDbUserID = -1; try { if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"])) { mainDbUserID = UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString()); } Staff loggedInStaff = StaffDB.GetByID(Convert.ToInt32(Session["StaffID"])); person_id = PersonDB.Insert(loggedInStaff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), "", ddlGender.SelectedValue, DateTime.MinValue); staff_id = StaffDB.Insert(person_id, txtLogin.Text, txtPwd.Text, StaffPositionDB.GetByDescr("Unknown").StaffPositionID, 0, 59, false, "", "", ddlStatus.SelectedValue == "Inactive", false, 0, false, false, false, false, false, true, GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, false, false, false); staff_added = true; string url = Request.RawUrl; url = UrlParamModifier.AddEdit(url, "type", "view"); url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString()); Response.Redirect(url); } catch (Exception) { if (staff_added) { string url = Request.RawUrl; url = UrlParamModifier.AddEdit(url, "type", "view"); url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString()); Response.Redirect(url); return; } // roll back - backwards of creation order PersonDB.Delete(person_id); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"])) { UserDatabaseMapperDB.Delete(mainDbUserID); } throw; } } else { HideTableAndSetErrorMessage(); } }
protected void GrdStaff_RowUpdating(object sender, GridViewUpdateEventArgs e) { Label lblId = (Label)GrdStaff.Rows[e.RowIndex].FindControl("lblId"); DropDownList ddlTitle = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlTitle"); TextBox txtFirstname = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtFirstname"); TextBox txtMiddlename = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtMiddlename"); TextBox txtSurname = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtSurname"); DropDownList ddlGender = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlGender"); DropDownList ddlDOB_Day = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlDOB_Day"); DropDownList ddlDOB_Month = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlDOB_Month"); DropDownList ddlDOB_Year = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlDOB_Year"); TextBox txtLogin = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtLogin"); TextBox txtPwd = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtPwd"); //DropDownList ddlStaffPosition = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlStaffPosition"); DropDownList ddlField = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlField"); CheckBox chkContractor = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkContractor"); TextBox txtTFN = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtTFN"); DropDownList ddlStatus = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlStatus"); DropDownList ddlCostCentre = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlCostCentre"); TextBox txtProviderNumber = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtProviderNumber"); CheckBox chkIsCommission = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsCommission"); TextBox txtCommissionPercent = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtCommissionPercent"); CheckBox chkIsStakeholder = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsStakeholder"); CheckBox chkIsAdmin = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsAdmin"); CheckBox chkIsMasterAdmin = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsMasterAdmin"); CheckBox chkIsPrincipal = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsPrincipal"); CheckBox chkIsProvider = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkIsProvider"); CheckBox chkSMSBKs = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkSMSBKs"); CheckBox chkEmailBKs = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkEmailBKs"); CheckBox chkHideBKNotes = (CheckBox)GrdStaff.Rows[e.RowIndex].FindControl("chkHideBKNotes"); int staff_id = Convert.ToInt32(lblId.Text); int person_id = GetPersonID(Convert.ToInt32(lblId.Text)); if (person_id == -1) // happens when back button hit after update .. with option to update again ... but no selected row exists within page data { GrdStaff.EditIndex = -1; FillGrid(); return; } Staff staff = StaffDB.GetByID(staff_id); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text)) { SetErrorMessage("Login name already in use by another user"); return; } if (staff.Login != txtLogin.Text && StaffDB.LoginExists(txtLogin.Text, staff_id)) { SetErrorMessage("Login name already in use by another user"); return; } if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6) { SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters"); return; } DataTable dt = Session["staffinfo_data"] as DataTable; DataRow[] foundRows = dt.Select("person_id=" + person_id.ToString()); DataRow row = foundRows[0]; // Convert.ToInt32(row["person_id"]) if (!Convert.ToBoolean(row["is_provider"]) && chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value))) { SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to update them or hit cancel. Contact Mediclinic if you would like to upgrade your account."); return; } if (chkIsProvider.Checked) { System.Data.DataTable tbl = DBBase.GetGenericDataTable_WithWhereOrderClause(null, "Field", "has_offerings=1 AND field_id <> 0", "", "field_id", "descr"); bool roleSetAsProvider = false; IDandDescr[] fields = new IDandDescr[tbl.Rows.Count]; for (int i = 0; i < tbl.Rows.Count; i++) { fields[i] = new IDandDescr(Convert.ToInt32(tbl.Rows[i]["field_id"]), tbl.Rows[i]["descr"].ToString()); if (Convert.ToInt32(ddlField.SelectedValue) == Convert.ToInt32(tbl.Rows[i]["field_id"])) { roleSetAsProvider = true; } } if (!roleSetAsProvider) { if (fields.Length == 1) { SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "'."); return; } else if (fields.Length == 2) { SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "' or '" + fields[1].Descr + "'."); return; } else { string providerFields = string.Empty; for (int i = 0; i < fields.Length; i++) { providerFields += (providerFields.Length == 0 ? "" : ", ") + (fields.Length >= 2 && i == (fields.Length - 2) ? "or " : "") + fields[i].Descr; } SetErrorMessage("When setting a staff member as a provider, you need to set their Role as one of the following: " + providerFields); return; } } } if (chkIsMasterAdmin.Checked) { chkIsAdmin.Checked = true; } PersonDB.Update(person_id, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), row["nickname"].ToString(), ddlGender.SelectedValue, GetDate(ddlDOB_Day.SelectedValue, ddlDOB_Month.SelectedValue, ddlDOB_Year.SelectedValue), DateTime.Now); StaffDB.Update(staff_id, person_id, txtLogin.Text, txtPwd.Text, Convert.ToInt32(row["staff_position_id"]), Convert.ToInt32(ddlField.SelectedValue), Convert.ToInt32(ddlCostCentre.SelectedValue), chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(), ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text), chkIsStakeholder.Checked, chkIsMasterAdmin.Checked, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, staff.IsExternal, row["start_date"] == DBNull.Value ? DateTime.MinValue : (DateTime)row["start_date"], row["end_date"] == DBNull.Value ? DateTime.MinValue : (DateTime)row["end_date"], row["comment"].ToString(), chkSMSBKs.Checked, chkEmailBKs.Checked, chkHideBKNotes.Checked); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text) { UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString()); if (curDBMapper == null) { UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString()); } else { UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString()); } } GrdStaff.EditIndex = -1; FillGrid(); }
protected void GrdStaff_RowUpdating(object sender, GridViewUpdateEventArgs e) { Label lblId = (Label)GrdStaff.Rows[e.RowIndex].FindControl("lblId"); DropDownList ddlTitle = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlTitle"); TextBox txtFirstname = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtFirstname"); TextBox txtMiddlename = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtMiddlename"); TextBox txtSurname = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtSurname"); DropDownList ddlGender = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlGender"); TextBox txtLogin = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtLogin"); TextBox txtPwd = (TextBox)GrdStaff.Rows[e.RowIndex].FindControl("txtPwd"); DropDownList ddlStatus = (DropDownList)GrdStaff.Rows[e.RowIndex].FindControl("ddlStatus"); int staff_id = Convert.ToInt32(lblId.Text); int person_id = GetPersonID(Convert.ToInt32(lblId.Text)); if (person_id == -1) // happens when back button hit after update .. with option to update again ... but no selected row exists within page data { GrdStaff.EditIndex = -1; FillGrid(); return; } Staff staff = StaffDB.GetByID(staff_id); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text)) { SetErrorMessage("Login name already in use by another user"); return; } if (staff.Login != txtLogin.Text && StaffDB.LoginExists(txtLogin.Text, staff_id)) { SetErrorMessage("Login name already in use by another user"); return; } if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6) { SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters"); return; } DataTable dt = Session["externalstaffinfo_data"] as DataTable; DataRow[] foundRows = dt.Select("person_id=" + person_id.ToString()); DataRow row = foundRows[0]; // Convert.ToInt32(row["person_id"]) PersonDB.Update(person_id, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), row["nickname"].ToString(), ddlGender.SelectedValue, staff.Person.Dob, DateTime.Now); StaffDB.Update(staff_id, person_id, txtLogin.Text, txtPwd.Text, Convert.ToInt32(row["staff_position_id"]), staff.Field.ID, staff.CostCentre.CostCentreID, staff.IsContractor, staff.Tfn, staff.ProviderNumber, ddlStatus.SelectedValue == "Inactive", staff.IsCommission, staff.CommissionPercent, staff.IsStakeholder, staff.IsMasterAdmin, staff.IsAdmin, staff.IsPrincipal, staff.IsProvider, staff.IsExternal, row["start_date"] == DBNull.Value ? DateTime.MinValue : (DateTime)row["start_date"], row["end_date"] == DBNull.Value ? DateTime.MinValue : (DateTime)row["end_date"], row["comment"].ToString(), staff.EnableDailyReminderSMS, staff.EnableDailyReminderEmail); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text) { UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString()); UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString()); } GrdStaff.EditIndex = -1; FillGrid(); }
protected void btnSubmit_Click(object sender, EventArgs e) { if (!ddlEndDateValidateAllOrNoneSet.IsValid || !ddlStartDateValidateAllOrNoneSet.IsValid || !ddlDOBValidateAllOrNoneSet.IsValid) { return; } txtPwd.Attributes["value"] = txtPwd.Text; // pwd fields is unset on send back to server, so re-set it if (GetUrlParamType() == UrlParamType.View) { Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "edit")); } else if (GetUrlParamType() == UrlParamType.Edit) { Staff staff = StaffDB.GetByID(Convert.ToInt32(this.lblId.Text)); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text && UserDatabaseMapperDB.UsernameExists(txtLogin.Text)) { SetErrorMessage("Login name already in use by another user"); return; } if (StaffDB.LoginExists(txtLogin.Text, staff.StaffID)) { SetErrorMessage("Login name already in use by another user"); return; } if (staff.Pwd != txtPwd.Text && txtPwd.Text.Length < 6) { SetErrorMessage(staff.Pwd.Length >= 6 ? "Password must be at least 6 characters" : "New passwords must be at least 6 characters"); return; } bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]); bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]); bool setIsStakeholder = loggedInUserIsStakeholder ? chkIsStakeholder.Checked : staff.IsStakeholder; bool setIsMasterAdmin = loggedInUserIsStakeholder || loggedInUserIsMasterAdmin ? chkIsMasterAdmin.Checked : staff.IsMasterAdmin; if (!staff.IsProvider && chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value))) { SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to update them or hit cancel. Contact Mediclinic if you would like to upgrade your account."); return; } if (chkIsProvider.Checked) { System.Data.DataTable tbl = DBBase.GetGenericDataTable_WithWhereOrderClause(null, "Field", "has_offerings=1 AND field_id <> 0", "", "field_id", "descr"); bool roleSetAsProvider = false; IDandDescr[] fields = new IDandDescr[tbl.Rows.Count]; for (int i = 0; i < tbl.Rows.Count; i++) { fields[i] = new IDandDescr(Convert.ToInt32(tbl.Rows[i]["field_id"]), tbl.Rows[i]["descr"].ToString()); if (Convert.ToInt32(ddlField.SelectedValue) == Convert.ToInt32(tbl.Rows[i]["field_id"])) { roleSetAsProvider = true; } } if (!roleSetAsProvider) { if (fields.Length == 1) { SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "'."); return; } else if (fields.Length == 2) { SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "' or '" + fields[1].Descr + "'."); return; } else { string providerFields = string.Empty; for (int i = 0; i < fields.Length; i++) { providerFields += (providerFields.Length == 0 ? "" : ", ") + (fields.Length >= 2 && i == (fields.Length - 2) ? "or " : "") + fields[i].Descr; } SetErrorMessage("When setting a staff member as a provider, you need to set their Role as one of the following: " + providerFields); return; } } } if (chkIsMasterAdmin.Checked) { chkIsAdmin.Checked = true; } PersonDB.Update(staff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), staff.Person.Nickname, ddlGender.SelectedValue, GetDOBFromForm(), DateTime.Now); StaffDB.Update(staff.StaffID, staff.Person.PersonID, txtLogin.Text, txtPwd.Text, staff.StaffPosition.StaffPositionID, Convert.ToInt32(ddlField.SelectedValue), staff.CostCentre.CostCentreID, chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(), ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text), setIsStakeholder, setIsMasterAdmin, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, staff.IsExternal, GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, chkSMSBKs.Checked, chkEmailBKs.Checked); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && staff.Login != txtLogin.Text) { UserDatabaseMapper curDBMapper = UserDatabaseMapperDB.GetByLogin(staff.Login, Session["DB"].ToString()); if (curDBMapper == null) { UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString()); } else { UserDatabaseMapperDB.Update(curDBMapper.ID, txtLogin.Text, Session["DB"].ToString()); } } Response.Redirect(UrlParamModifier.AddEdit(Request.RawUrl, "type", "view")); } else if (GetUrlParamType() == UrlParamType.Add) { if (chkIsProvider.Checked && (StaffDB.GetCountOfProviders() >= Convert.ToInt32(SystemVariableDB.GetByDescr("MaxNbrProviders").Value))) { SetErrorMessage("You have reached your maximum allowable providers. Please uncheck their status as a provider to add them. Contact Mediclinic if you would like to upgrade your account."); return; } if (chkIsProvider.Checked) { System.Data.DataTable tbl = DBBase.GetGenericDataTable_WithWhereOrderClause(null, "Field", "has_offerings=1 AND field_id <> 0", "", "field_id", "descr"); bool roleSetAsProvider = false; IDandDescr[] fields = new IDandDescr[tbl.Rows.Count]; for (int i = 0; i < tbl.Rows.Count; i++) { fields[i] = new IDandDescr(Convert.ToInt32(tbl.Rows[i]["field_id"]), tbl.Rows[i]["descr"].ToString()); if (Convert.ToInt32(ddlField.SelectedValue) == Convert.ToInt32(tbl.Rows[i]["field_id"])) { roleSetAsProvider = true; } } if (!roleSetAsProvider) { if (fields.Length == 1) { SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "'."); return; } else if (fields.Length == 2) { SetErrorMessage("When setting a staff member as a provider, you need to set their Role as '" + fields[0].Descr + "' or '" + fields[1].Descr + "'."); return; } else { string providerFields = string.Empty; for (int i = 0; i < fields.Length; i++) { providerFields += (providerFields.Length == 0 ? "" : ", ") + (fields.Length >= 2 && i == (fields.Length - 2) ? "or " : "") + fields[i].Descr; } SetErrorMessage("When setting a staff member as a provider, you need to set their Role as one of the following: " + providerFields); return; } } } if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"]) && UserDatabaseMapperDB.UsernameExists(txtLogin.Text)) { lblErrorMessage.Text = "Login name already in use by another user"; lblErrorMessage.Visible = true; return; } if (StaffDB.LoginExists(txtLogin.Text)) { lblErrorMessage.Text = "Login name already in use by another user"; lblErrorMessage.Visible = true; return; } if (txtPwd.Text.Length < 6) { SetErrorMessage("Password must be at least 6 characters"); return; } int person_id = -1; int staff_id = -1; bool staff_added = false; int mainDbUserID = -1; try { if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"])) { mainDbUserID = UserDatabaseMapperDB.Insert(txtLogin.Text, Session["DB"].ToString()); } bool loggedInUserIsStakeholder = Session["IsStakeholder"] != null && Convert.ToBoolean(Session["IsStakeholder"]); bool loggedInUserIsMasterAdmin = Session["IsMasterAdmin"] != null && Convert.ToBoolean(Session["IsMasterAdmin"]); bool setIsStakeholder = loggedInUserIsStakeholder ? chkIsStakeholder.Checked : false; bool setIsMasterAdmin = loggedInUserIsStakeholder || loggedInUserIsMasterAdmin ? chkIsMasterAdmin.Checked : false; if (chkIsMasterAdmin.Checked) { chkIsAdmin.Checked = true; } Staff loggedInStaff = StaffDB.GetByID(Convert.ToInt32(Session["StaffID"])); person_id = PersonDB.Insert(loggedInStaff.Person.PersonID, Convert.ToInt32(ddlTitle.SelectedValue), Utilities.FormatName(txtFirstname.Text), Utilities.FormatName(txtMiddlename.Text), Utilities.FormatName(txtSurname.Text), "", ddlGender.SelectedValue, GetDOBFromForm()); staff_id = StaffDB.Insert(person_id, txtLogin.Text, txtPwd.Text, StaffPositionDB.GetByDescr("Unknown").StaffPositionID, Convert.ToInt32(ddlField.SelectedValue), 59, chkContractor.Checked, txtTFN.Text, txtProviderNumber.Text.ToUpper(), ddlStatus.SelectedValue == "Inactive", chkIsCommission.Checked, Convert.ToDecimal(txtCommissionPercent.Text), setIsStakeholder, setIsMasterAdmin, chkIsAdmin.Checked, chkIsPrincipal.Checked, chkIsProvider.Checked, false, GetStartDateFromForm(), GetEndDateFromForm(), txtComments.Text, chkSMSBKs.Checked, chkEmailBKs.Checked); staff_added = true; string url = Request.RawUrl; url = UrlParamModifier.AddEdit(url, "type", "view"); url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString()); Response.Redirect(url); } catch (Exception) { if (staff_added) { string url = Request.RawUrl; url = UrlParamModifier.AddEdit(url, "type", "view"); url = UrlParamModifier.AddEdit(url, "id", staff_id.ToString()); Response.Redirect(url); return; } // roll back - backwards of creation order PersonDB.Delete(person_id); if (!Convert.ToBoolean(ConfigurationManager.AppSettings["UseConfigDB"])) { UserDatabaseMapperDB.Delete(mainDbUserID); } throw; } } else { HideTableAndSetErrorMessage(); } }