public void addToLog(Inventory inventory, User user, int quantityUsed) { string procedureName = "addToLog"; List <SqlParameter> parameters = new List <SqlParameter>(); parameters.Add(new SqlParameter("@stockId", inventory.getStockID())); parameters.Add(new SqlParameter("@userName", user.getUsername())); parameters.Add(new SqlParameter("@quantityUsed", quantityUsed)); SqlDataReader reader = executeStoredProcedure(procedureName, parameters); closeReader(ref reader); }
public void addUser(User user) { string queryString = "addUser"; SqlCommand command = new SqlCommand(queryString, conn); command.CommandType = System.Data.CommandType.StoredProcedure; command.Parameters.Add(new SqlParameter("@userName", user.getUsername())); command.Parameters.Add(new SqlParameter("@password", user.getPassword())); command.Parameters.Add(new SqlParameter("@userType", user.isAdmin())); command.Connection = conn; SqlDataReader reader = command.ExecuteReader(); reader.Close(); }
public bool validateUserType(User user) { string procedureName = "validateUserType"; List <SqlParameter> parameters = new List <SqlParameter>(); parameters.Add(new SqlParameter("@UserName", user.getUsername())); SqlDataReader reader = executeStoredProcedure(procedureName, parameters); reader.Read(); bool isAdmin = reader.GetBoolean(0); closeReader(ref reader); return(isAdmin); }
public bool validateLogin(User user) { string procedureName = "validateLogin"; List <SqlParameter> parameters = new List <SqlParameter>(); parameters.Add(new SqlParameter("@userName", user.getUsername())); parameters.Add(new SqlParameter("@givenPW", user.getPassword())); SqlDataReader reader = executeStoredProcedure(procedureName, parameters); reader.Read(); bool isValid = reader.GetBoolean(0); closeReader(ref reader); return(isValid); }
private void Login(string username, string password) //Update for actual security checking { string message; // for any messageboxes to follow string caption; string hashedPassword = CreateHash(password); // create sha256 hash of password RADGSHALibrary.User user = new RADGSHALibrary.User(username, hashedPassword); DBConnectionObject db; try { db = DBConnectionObject.getInstance(); } catch (Exception e) { message = e.Message; caption = "Error!"; MessageBoxButtons buttons = MessageBoxButtons.OK; MessageBox.Show(message, caption, buttons); return; } bool valid = db.validateLogin(user); if (valid) { Console.WriteLine("validated successfully"); } else { Console.WriteLine("invalid login attempt"); } if (valid) { bool isAdmin = db.validateUserType(user); if (isAdmin) { Console.Write("User is admin user"); } else { Console.WriteLine("User is not admin user"); } user.setAdmin(isAdmin); usernameTextBox.Text = ""; passwordTextBox.Text = ""; this.Hide(); RADGSHALibrary.User validatedUserNoPassword = new RADGSHALibrary.User(user.getUsername(), "", user.isAdmin()); MainPage M = new MainPage(validatedUserNoPassword, this); M.Closed += (s, args) => this.Close(); M.Show(); } else { message = "Error: User name or password is not valid!"; caption = "Error!"; MessageBoxButtons buttons = MessageBoxButtons.OK; MessageBox.Show(message, caption, buttons); numberOfTries++; } if (numberOfTries == 5) { message = "Error: You've unsuccessfully tried to log in five times. You've been locked out for 10 minutes."; caption = "Error!"; MessageBoxButtons buttons = MessageBoxButtons.OK; MessageBox.Show(message, caption, buttons); loginButton.Enabled = false; timerLogin.Enabled = true; } }