public void UpdateAccount() { try { con.Open(); String query = "update account set username = @username, password= @password where account_id = @id"; MySqlCommand cmd = new MySqlCommand(query, con); cmd.Parameters.AddWithValue("@id", user_id); cmd.Parameters.AddWithValue("@username", TxtUsername.Text); cmd.Parameters.AddWithValue("@password", SHA256Hasher.ComputeSha256Hash(TxtPassword.Text)); cmd.ExecuteNonQuery(); con.Close(); LogHistoryEditAccount(GlobalVar.user_id, GlobalVar.user_type, GlobalVar.user); } catch { NotificationConnectionError a = new NotificationConnectionError(); a.ShowDialog(); } }
public void InserAccount() { try { con.Open(); String query = "INSERT INTO `account` (`username`, `password`, `account_type`) VALUES (@username, @password, @account_type)"; MySqlCommand cmd = new MySqlCommand(query, con); cmd.Parameters.AddWithValue("@username", TxtUsername.Text); cmd.Parameters.AddWithValue("@password", SHA256Hasher.ComputeSha256Hash(TxtPassword.Text)); cmd.Parameters.AddWithValue("@account_type", "Voter"); cmd.ExecuteNonQuery(); con.Close(); LogHistoryAddAccount(GlobalVar.user_id, GlobalVar.user_type, GlobalVar.user); } catch { NotificationConnectionError a = new NotificationConnectionError(); a.ShowDialog(); } }
private void BtnLogin_Click(object sender, EventArgs e) { MySqlConnection con = new MySqlConnection(Connection.GetConnectionStr()); GlobalVar.user = TxtUsername.Text; if (TxtUsername.Text == "Username" && TxtPassword.Text == "Password") { label10.Text = "Username and Password can't be blank!"; } else if (TxtPassword.Text == "Password" && TxtUsername.Text == "") { label10.Text = "Username and Password can't be blank!"; } else if (TxtUsername.Text == "Username" && TxtPassword.Text == "") { label10.Text = "Username and Password can't be blank!"; } else if (TxtUsername.Text == "Username") { label10.Text = "Username can't be blank! "; } else if (TxtPassword.Text == "Password") { label10.Text = "Password can't be blank! "; } else { try { con.Open(); string query = "SELECT account_type, account_id, status FROM account WHERE username = @user and password = @pass"; MySqlCommand cmd = new MySqlCommand(query, con); cmd.Parameters.AddWithValue("@user", TxtUsername.Text); cmd.Parameters.AddWithValue("@pass", SHA256Hasher.ComputeSha256Hash(TxtPassword.Text)); MySqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { GlobalVar.user_type = reader["account_type"].ToString(); GlobalVar.user_id = reader["account_id"].ToString(); GlobalVar.status = reader["status"].ToString(); } con.Close(); if (GlobalVar.user_type == "") { label10.Text = "Incorrect Password or Username. "; } else { LogHistoryLoginSuccess(GlobalVar.user_id, GlobalVar.user_type, TxtUsername.Text); if (GlobalVar.user_type.Equals("SSG")) { FrmAdmin a = new FrmAdmin(); a.Show(); this.Hide(); } else if (GlobalVar.user_type.Equals("Comelec")) { FrmTally a = new FrmTally(); a.Show(); this.Hide(); } else if (GlobalVar.user_type.Equals("Voter")) { try { con.Open(); string query1 = "SELECT voters_id, status FROM voters WHERE account_id = @id"; MySqlCommand cmd1 = new MySqlCommand(query1, con); cmd1.Parameters.AddWithValue("@id", GlobalVar.user_id); MySqlDataReader reader1 = cmd1.ExecuteReader(); while (reader1.Read()) { GlobalVar.status = reader1["status"].ToString(); GlobalVar.voters_id = reader1["voters_id"].ToString(); } con.Close(); if (GlobalVar.status == "Voted") { label10.Text = "You are already voted."; } else { FrmDashboard a = new FrmDashboard(); a.Show(); this.Hide(); } } catch { NotificationConnectionError b = new NotificationConnectionError(); b.ShowDialog(); } } } } catch { NotificationConnectionError a = new NotificationConnectionError(); a.ShowDialog(); } } }