private bool verifyCredentials(string userID, string password)
//Function to verify user information and return whether access is permitted or denied.
{
//Create database and user objects
projectDB db = new projectDB();
user currentUser = new user();
//local variables
int uid, rank = 0;
string fname, lname, username, employmentStatus = null;
bool verified = false;
//************************************************encrypt password
password = db.encrypt(password);
//Try to find the user int the database.
try
{
//See if username and password match on database
string query = "SELECT employeeID FROM Employees WHERE username='******' AND userPass ='******';";
verified = db.getBool(query, true);
if (verified)
{
//Set user information
uid = Convert.ToInt32(db.getString("SELECT employeeID FROM Employees WHERE username = '******' AND userPass = '******'; "));
rank = Convert.ToInt32(db.getString("SELECT rank FROM Employees WHERE username = '******' AND userPass = '******'; "));
fname = db.getString("SELECT firstName FROM Employees WHERE username = '******' AND userPass = '******'; ");
lname = db.getString("SELECT lastName FROM Employees WHERE username = '******' AND userPass = '******'; ");
employmentStatus = db.getString("SELECT employeeStatus FROM Employees WHERE username = '******' AND userPass = '******'; ");
username = txtEmpID.Text;
currentUser.set(uid, rank, fname, lname, employmentStatus, username);
//verify everything worked
if (employmentStatus != "Active")
{
lblError.Visible = true;
return(false);
}
//Proceed with login
Main form = new Main(currentUser);
form.Show();
this.Hide();
return(true);
}
}
catch
{
return(false);
}
lblError.Visible = true;
return(false);
}
private void btnAddItem_Click(object sender, EventArgs e)
{
//Verify item and quantity are available in database and required rank
try
{
string quantityReq = txtQuantity.Text;
int currentQuantity = db.getInt("SELECT available FROM Equipment WHERE equipmentID =" + txtScanItem.Text + ";");
int newQuantity = currentQuantity - Convert.ToInt32(quantityReq);
if (newQuantity < 0)
{
lblInformation.Text = "Not enough inventory to supply this order. \n\nContact Warehouse Personel or Inventory Management.";
lblInformation.ForeColor = Color.Red;
return;
}
string eqDescription = db.getString("SELECT description FROM Equipment WHERE equipmentID ='" + txtScanItem.Text + "';");
string query = "SELECT equipmentID FROM Equipment WHERE (equipmentID = '"
+ txtScanItem.Text + "' AND equipmentStatus ='In Stock' AND requiredRank <='"
+ currentUser.getRank() + "' AND available>='" + quantityReq + "');";
//If item is found:
if (db.getBool(query, true))
{
lblInformation.Text = "Item number: [" + txtScanItem.Text + "]\n\nQuantity: [" + quantityReq + "] successfully added.";
lblInformation.ForeColor = Color.Blue;
// Add new order item to list
orderInfo.Add(new TempOrderInfo()
{
itemNumber = Convert.ToInt32(txtScanItem.Text),
jobCode = Convert.ToInt32(txtJobCode.Text),
description = eqDescription,
quantity = Convert.ToInt32(txtQuantity.Text)
});
// Add item to data grid view
TempOrderInfo lastEntry = orderInfo.Last();
dt.Rows.Add(lastEntry.itemNumber, lastEntry.description, lastEntry.quantity);
}
else
{
lblInformation.Text = "Unable to add item. \nThis error will occur if the item is not in stock or does not exist. \n\n\nStock amount: " + currentQuantity + ". \n\n\nContact warehouse management if this problem persists.";
lblInformation.ForeColor = Color.Red;
}
//Add item to datagridview list to be put in pending
//Select field
txtScanItem.Clear();
txtScanItem.Select();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
count++;
}