private void button1_Click_1(object sender, EventArgs e)
{
string userType = userTypeBox.SelectedItem.ToString();
string username = usernameBox.Text;
string password = passwordBox.Text;
if (username == "" || password == "" || userTypeBox.Text == "")
{
MessageBox.Show("Please fill all fields!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
SqlDataAdapter sda = new SqlDataAdapter($"SELECT COUNT(*) FROM DB_Users WHERE Username='******' AND UserType='{userType}'", connectionString);
DataTable dt = new DataTable();
sda.Fill(dt);
if (dt.Rows[0][0].ToString() == "0")
{
MessageBox.Show("User with this username doesn't exists!", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
else
{
sda = new SqlDataAdapter($"SELECT Password FROM DB_Users WHERE Username='******'", connectionString);
dt = new DataTable();
sda.Fill(dt);
//root@12345 - main admin password
//designation@tel - employee password
if (password != Security.Decrypt(dt.Rows[0][0].ToString(), true))
{
MessageBox.Show("Incorrect password!", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else
{
sda = new SqlDataAdapter($"SELECT UserDetailsID FROM DB_Users WHERE Username='******'", connectionString);
dt = new DataTable();
sda.Fill(dt);
User user = new User();
user.username = username;
user.password = password;
user.userType = userType;
int userID;
if (dt.Rows[0][0].ToString() != "")
{
userID = Int32.Parse(dt.Rows[0][0].ToString());
user.userId = userID;
}
if (userType == "admin")
{
Admin_Form admin_Form = new Admin_Form(user);
this.Hide();
admin_Form.Show();
}
if (userType == "client")
{
Client_Form client_Form = new Client_Form(user);
this.Hide();
client_Form.Show();
}
if (userType == "employee")
{
Employee_Form employee_Form = new Employee_Form(user);
this.Hide();
employee_Form.Show();
}
}
}
}
private void signupBtn_Click(object sender, EventArgs e)
{
string username = usernameBox.Text;
string password = passwordBox.Text;
if (username == "" || password == "" || confpassBox.Text == "")
{
MessageBox.Show("Please fill all fields!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
if (password != confpassBox.Text)
{
MessageBox.Show("Passwords do not match!", "Error!", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
SqlDataAdapter sda = new SqlDataAdapter($"SELECT PsID FROM Passengers ORDER BY PsID DESC", connectionString);
DataTable dt = new DataTable();
sda.Fill(dt);
int PsId = Int32.Parse(dt.Rows[0][0].ToString());
sda = null;
dt = null;
sda = new SqlDataAdapter($"SELECT COUNT(*) FROM DB_Users WHERE Username='******'", connectionString);
dt = new DataTable();
sda.Fill(dt);
if (dt.Rows[0][0].ToString() == "1")
{
MessageBox.Show("User with this username already exists!", "Warning!", MessageBoxButtons.OK, MessageBoxIcon.Warning);
return;
}
User user = new User();
user.username = username;
user.password = password;
user.userType = "client";
user.userId = PsId + 1;
try
{
using (var conn = new SqlConnection(connectionString))
using (var insertCommand = new SqlCommand("INSERT INTO DB_Users (Username, Password, UserType, UserDetailsID) VALUES('" + user.username + "', '" + Security.Encrypt(user.password, true) + "','" + user.userType + "', '" + user.userId + "')"))
{
insertCommand.Connection = conn;
conn.Open();
insertCommand.ExecuteNonQuery();
conn.Close();
}
}
catch (Exception exp)
{
MessageBox.Show("Exception Occre while creating table:" + exp.Message + "\t" + exp.GetType()
, "Query error!", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
MessageBox.Show("Successfully!");
Client_Form client_Form = new Client_Form(user);
this.Hide();
client_Form.Show();
}
