public static bool Delete(Admin admin)
{
try
{
String delete_sql= "DELETE FROM " + TABLE_NAME +
"WHERE ID=@id";
//Sql command
sql_command = new MySqlCommand();
sql_command.Connection = (MySqlConnection)database.OpenConnection();
sql_command.CommandText = delete_sql;
//add parameters
sql_command.Parameters.AddWithValue("@id", admin.id);
//create prepared statement
sql_command.Prepare();
//execute command
database.Update(sql_command);
return true;
}
catch (Exception)
{
return false;
}
finally
{
CloseDatabaseConnection();
}
}
private void changeloginCredentials_Click(object sender, EventArgs e)
{
try
{
String username = user_name.Text;
String password = pass_word.Text;
String type = role.Text;
String email = email_textbox.Text;
String phone_number = phone_textbox.Text;
if (username.Length<=0)
{
MessageBox.Show(this, "Please Enter your Name", "ERROR");
}
else if (password.Length<= 0)
{
MessageBox.Show(this, "Please Enter Your Password", "ERROR");
}
else
{
if (pass_word.Text.Equals(confirm_password.Text))
{
if (AdminManager.Exists(username))
{
MessageBox.Show(this, "User Name already Exists. Please try again", "ERROR");
}
else
{
Admin new_admin = new Admin(username, password,email,phone_number, type);
if (AdminManager.Save(new_admin))
{
MessageBox.Show(this, "New User Created Successfully", "CONGRATULATIONS");
}
else
{
MessageBox.Show(this, "Unexpected error occured. Please try again", "ERROR");
}
}
}
else
{
MessageBox.Show(this, "Please try to confirm your Password\n Passwords dont Match", "ERROR");
}
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.Message);
}
}
public void AuthenticateUser()
{
DisableControls();
//get user input
String username = textbox_username.Text;
String password = textbox_password.Text;
//validate user input
if (String.IsNullOrEmpty(username) || String.IsNullOrEmpty(password))
{
status_label.ForeColor = ERROR_COLOR;
status_label.Text = EMPTY_FIELDS_ERROR_MSG;
EnableControls();
return;
}
//enable timer
timer1.Enabled = true;
timer1.Start();
//ENABLE PROGRESS INDICATOR
spining_progress_indicator.Visible = true;
spining_progress_indicator.Start();
//if user is an admin
admin = AdminManager.GetAdmin(username, password);
if (admin != null)
{
//make admin object a session object
Singletons.Singleton.ADMIN = admin;
//signal to show Main Winow
is_admin = true;
}
//wrong credentials provided
else
{
//signal to display error message
is_admin = false;
}
}
public static bool Update(Admin admin)
{
try
{
//sql string
String update_sql = "UPDATE " + TABLE_NAME +
" SET USERNAME =@username,"+
"PASSWORD =@password,"+
"USERTYPE =@type"+
" WHERE ID =@id";
//Sql command
sql_command = new MySqlCommand();
sql_command.Connection = (MySqlConnection)database.OpenConnection();
sql_command.CommandText = update_sql;
//Add paramaters
sql_command.Parameters.AddWithValue("@id", admin.id);
sql_command.Parameters.AddWithValue("@username", admin.user_name);
sql_command.Parameters.AddWithValue("@password", admin.password);
sql_command.Parameters.AddWithValue("@type", admin.user_type);
//prepare sql statemet
sql_command.Prepare();
//execute command
database.Update(sql_command);
return true;
}
catch (Exception)
{
return false;
}
finally
{
CloseDatabaseConnection();
}
}
public static bool Save(Admin admin)
{
try
{
String insert_sql = "INSERT INTO " + TABLE_NAME +
" (USERNAME,PASSWORD,EMAIL,PHONE_NUMBER,USERTYPE)"+
" values(@username,@password,@email,@phone,@usertype)";
//Sql command
sql_command = new MySqlCommand();
sql_command.Connection = (MySqlConnection)database.OpenConnection();
sql_command.CommandText = insert_sql;
//add parameters
sql_command.Parameters.AddWithValue("@username", admin.user_name);
sql_command.Parameters.AddWithValue("@password", admin.password);
sql_command.Parameters.AddWithValue("@email", admin.email);
sql_command.Parameters.AddWithValue("@phone", admin.phone_number);
sql_command.Parameters.AddWithValue("@usertype", admin.user_type);
sql_command.Prepare();
//execute command
database.Insert(sql_command);
//get id of admin
admin.id = Convert.ToInt32(sql_command.LastInsertedId);
return true;
}
catch (Exception)
{
return false;
}
finally
{
CloseDatabaseConnection();
}
}
public static Admin[] GetAllAdmins()
{
//results object
List<Admin> all_admins = new List<Admin>();
try
{
//sql string
String select_sql = "SELECT * FROM " + TABLE_NAME;
//Sql command
sql_command = new MySqlCommand();
sql_command.Connection = (MySqlConnection)database.OpenConnection();
sql_command.CommandText = select_sql;
sql_command.Prepare();
//execute command
data_reader = database.Select(sql_command);
//while there are results
if (data_reader.Read())
{
//create object
int id = data_reader.GetInt32(ID);
String username = data_reader.GetString(USERNAME);
String password = data_reader.GetString(PASSWORD);
String type = data_reader.GetString(TYPE);
String email = data_reader.GetString(EMAIL);
String phone_number = data_reader.GetString(PHONE);
Admin admin = new Admin(id, username, password,email,phone_number, type);
all_admins.Add(admin);
}
}
catch (Exception e)
{
Debug.WriteLine(e.Message);
}
finally
{
CloseDatabaseConnection();
}
return all_admins.ToArray();
}
public static Admin GetAdmin(String username, String password)
{
//resultant object
Admin admin = null;
try
{
//sql
String select_sql = "SELECT * FROM " + TABLE_NAME +
" WHERE USERNAME=@username AND PASSWORD=@password";
//Sql command
sql_command = new MySqlCommand();
sql_command.Connection = (MySqlConnection)database.OpenConnection();
sql_command.CommandText = select_sql;
sql_command.Parameters.AddWithValue("@username", username);
sql_command.Parameters.AddWithValue("@password", password);
sql_command.Prepare();
//execute command
data_reader = database.Select(sql_command);
//while there are results
if (data_reader.Read())
{
//create object
int id = data_reader.GetInt32(ID);
String type = data_reader.GetString(TYPE);
String email = data_reader.GetString(EMAIL);
String phone_number = data_reader.GetString(PHONE);
admin = new Admin(id, username, password,email,phone_number, type);
}
}
catch (CantAcessDatabaseException)
{
throw;
}
catch (Exception)
{
}
finally
{
//close reader
CloseDatabaseConnection();
}
return admin;
}
public void AdminManagerSaveTest()
{
Admin admin=new Admin("kasoma","kasoma","admin");
bool sucess = AdminManager.Save(admin);
Assert.IsTrue(sucess);
}
private void user_login_Click(object sender, EventArgs e)
{
//ENABLE SOME STUFF
timer1.Start();
progressBar.Visible = true;
//GET USER INPUT
String username = txtbox_username.Text;
String email = email_textbox.Text;
String phone_number = phone_textbox.Text;
String password = txtbox_password.Text;
String confirmed_password = txtbox_confirmedPassword.Text;
String images_folder = txtbox_saveImagesPath.Text;
//IF SOME FIELDS ARE EMPTY
if (String.IsNullOrEmpty(username) || String.IsNullOrEmpty(password) || String.IsNullOrEmpty(confirmed_password))
{
//disable some stuff
timer1.Stop();
progressBar.Enabled = false;
progressBar.Visible = false;
progressBar.Value = 0;
label5.Visible = true;
label5.Text = "Please Enter A Valid Username/Password ";
return;
}
//IF THE PASSWORDS DONT MATCH
if (!password.Equals(confirmed_password))
{
//disable some stuff
timer1.Stop();
progressBar.Enabled = false;
progressBar.Visible = false;
progressBar.Value = 0;
label5.Visible = true;
label5.Text = "Sorry!! Your Password Entries Dont Match ";
return;
}
//CREATE OBJECTS
Setting setting = new Setting("images_folder", images_folder);
Admin admin = new Admin(username, password, email, phone_number, "Admin");
//DROP ALL TABLES IN DATABASE
DatabaseManager.DropTables();
//CREATE NEW TABLES
DatabaseManager.CreateTables();
//POPULATE THEM WITH INITIAL DATA
DatabaseManager.PopulateTables();
//SAVE HIS IMAGES FOLDER AS A SETTING
SettingsManager.Save(setting);
AdminManager.Save(admin);
}