private void buttonClose_Click(object sender, EventArgs e)
{
Hide();
frmCustomer cust = new frmCustomer();
cust.Tag = currentUser;
cust.ShowDialog();
Close();
}
private void buttonAddCard_Click(object sender, EventArgs e)
{
currentUser = (User)this.Tag;
#region validation variables
bool validName = nameCheck();
bool validAddress;
bool validCity;
bool validMonth;
bool validYear;
bool validCard;
bool validCsv;
bool goodToGo;
if (validName)
{
validAddress = addressCheck();
}
else
{
return;
}
if (validAddress)
{
validCity = cityCheck();
}
else
{
return;
}
if (validCity)
{
validMonth = monthCheck();
}
else
{
return;
}
if (validMonth)
{
validYear = yearCheck();
}
else
{
return;
}
if (validYear)
{
validCard = cardCheck();
}
else
{
return;
}
if (validCard)
{
validCsv = csvCheck();
}
else
{
return;
}
if (validCsv)
{
goodToGo = zipCheck();
}
else
{
return;
}
#endregion
if (goodToGo)
{
string nameOnCard = textBoxCardName.Text;
string expDate = textBoxYear.Text + "-" + textBoxMonth.Text + "-01";
string billingAddress = textBoxAddress.Text;
string city = textBoxCity.Text;
string zip = textBoxZip.Text;
string state = comboBoxState.Text;
string country = comboBoxCountry.Text;
string cardType = comboBoxCards.Text;
byte[] plainTxtCsv = Encoding.ASCII.GetBytes(textBoxCSV.Text);
byte[] plainTxtCardNumber = Encoding.ASCII.GetBytes(textBoxCardNumber.Text);
byte[] csvSalt = addAccount.CreateSalt();
byte[] cardNumSalt = addAccount.CreateSalt();
byte[] cardHashByte;
byte[] csvHashByte;
string csvHash;
string cardNumberHash;
string lastFour = textBoxCardNumber.Text.Substring(textBoxCardNumber.MaxLength - 4);
cardHashByte = addAccount.EncryptSha256(plainTxtCardNumber, cardNumSalt);
csvHashByte = addAccount.EncryptSha256(plainTxtCsv, csvSalt);
csvHash = Convert.ToBase64String(csvHashByte);
cardNumberHash = Convert.ToBase64String(cardHashByte);
try
{
using (SqlConnection cn = new SqlConnection(_cnDB))
{
using (SqlCommand cmd = new SqlCommand("usp_AddCard", cn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@userID", SqlDbType.Int, 100).Value = currentUser.userID;
cmd.Parameters.Add("@nameOnCard", SqlDbType.VarChar, 100).Value = nameOnCard;
cmd.Parameters.Add("@expirationDate", SqlDbType.Date, 25).Value = expDate;
cmd.Parameters.Add("@billingAddress", SqlDbType.VarChar, 100).Value = billingAddress;
cmd.Parameters.Add("@city", SqlDbType.VarChar, 50).Value = city;
cmd.Parameters.Add("@zip", SqlDbType.VarChar, 7).Value = zip;
cmd.Parameters.Add("@state", SqlDbType.VarChar, 30).Value = state;
cmd.Parameters.Add("@country", SqlDbType.VarChar, 50).Value = country;
cmd.Parameters.Add("@cardType", SqlDbType.VarChar, 30).Value = cardType;
cmd.Parameters.Add("@csvHash", SqlDbType.VarChar, 256).Value = csvHash;
cmd.Parameters.Add("@csvSalt", SqlDbType.VarChar, 256).Value = Convert.ToBase64String(csvSalt);
cmd.Parameters.Add("@cardNumberSalt", SqlDbType.VarChar, 256).Value = Convert.ToBase64String(cardNumSalt);
cmd.Parameters.Add("@cardNumberHash", SqlDbType.VarChar, 256).Value = cardNumberHash;
cmd.Parameters.Add("@lastFour", SqlDbType.VarChar, 4).Value = lastFour;
cn.Open();
cmd.ExecuteNonQuery();
cn.Close();
}
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine("Exception : " + ex.Message.ToString());
}
if (currentUser.membershipLevel.Equals("None") && radioButtonAnnual.Checked)
{
try
{
using (SqlConnection cn = new SqlConnection(_cnDB))
{
using (SqlCommand cmd = new SqlCommand("usp_UpdateAccountMembershipLevelBronze", cn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@userID", SqlDbType.Int, 100).Value = currentUser.userID;
cn.Open();
cmd.ExecuteNonQuery();
cn.Close();
}
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine("Exception : " + ex.Message.ToString());
}
}
if (radioButtonTemp.Checked)
{
DateTime date = Convert.ToDateTime(currentUser.expDate);
date = date.AddDays(1);
string expDateNew = date.ToString("yyyy-MM-dd");
updateDate(expDateNew);
}
if (radioButtonAnnual.Checked)
{
DateTime date = Convert.ToDateTime(currentUser.expDate);
date = date.AddYears(1);
string expDateNew = date.ToString("yyyy-MM-dd");
updateDate(expDateNew);
}
}
Hide();
frmCustomer cust = new frmCustomer();
cust.Tag = currentUser;
cust.ShowDialog();
Close();
}
private void buttonSignIn_Click(object sender, EventArgs e)
{
emailEntry = textBoxEmail.Text;
string passwordEntry = textBoxPassword.Text;
bool checkName = nameCheck();
bool checkPass2;
bool goodToGo;
if (checkName)
{
checkPass2 = passCheck();
}
else
{
return;
}
if (checkPass2)
{
goodToGo = true;
}
else
{
goodToGo = false;
}
if (goodToGo)
{
try
{
using (SqlConnection cn = new SqlConnection(_cnDB))
{
using (SqlCommand cmd = new SqlCommand("usp_GetUser", cn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@email", SqlDbType.VarChar, 100).Value = emailEntry;
cn.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.HasRows)
{
while (reader.Read())
{
currentUser.userID = reader.GetInt32(0);
currentUser.firstName = reader.GetString(1);
currentUser.lastName = reader.GetString(2);
currentUser.address = reader.GetString(3);
currentUser.city = reader.GetString(4);
currentUser.zip = reader.GetString(5);
currentUser.state = reader.GetString(6);
currentUser.country = reader.GetString(7);
currentUser.email = reader.GetString(8);
currentUser.passwordHash = reader.GetString(9);
currentUser.passwordSalt = reader.GetString(10);
currentUser.membershipLevel = reader.GetString(11);
string employeeString = reader.GetString(12);
currentUser.expDate = Convert.ToString(reader.GetDateTime(13));
currentUser.amountSpent = Convert.ToDouble(reader["amountSpent"]);
if (employeeString.Equals("No"))
{
currentUser.employee = false;
}
else if (employeeString.Equals("Yes"))
{
currentUser.employee = true;
}
}
}
reader.Close();
cn.Close();
}
}
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine("Exception : " + ex.Message.ToString());
}
if (currentUser.userID != 0)
{
byte[] passwordEntryByte = Encoding.ASCII.GetBytes(passwordEntry);
byte[] shaPasswordEntry = createAccount.EncryptSha256(passwordEntryByte, Convert.FromBase64String(currentUser.passwordSalt));
if (checkPass(currentUser.passwordHash, Convert.ToBase64String(shaPasswordEntry)))
{
if (currentUser.employee)
{
this.Hide();
frmEmployee emp = new frmEmployee();
emp.Tag = currentUser;
emp.ShowDialog();
this.Close();
}
else if (!currentUser.employee)
{
updateMemStatus();
getUser();
this.Hide();
frmCustomer cust = new frmCustomer();
cust.Tag = currentUser;
cust.ShowDialog();
this.Close();
}
}
else
{
MessageBox.Show("Incorrect Password");
}
}
else
{
MessageBox.Show("Please check your email");
}
}
}