private void signBtn_Click(object sender, EventArgs e)
{
login = loginInput.Text;
PasswordEncription ps = new PasswordEncription(passInput.Text);
string input = ps.getHash();
StringComparer comparer = StringComparer.OrdinalIgnoreCase;
//Check a user in a database and retrive his hashed password
if (connection != null)
{
query = queries.checkUserCredentials;
MySqlDataAdapter mcmd = new MySqlDataAdapter();
cmd.Parameters["@Login"].Value = login;
cmd.CommandText = query;
cmd.Connection = connection;
mcmd.SelectCommand = cmd;
DataTable dt = new DataTable();
mcmd.Fill(dt);
if (dt.Rows.Count > 0 && 0 == comparer.Compare(input, dt.Rows[0]["User_Password"].ToString()))
{
// Hide and disable login screen
loginScreen.Visible = false;
loginScreen.Enabled = false;
int tmp;
int.TryParse(dt.Rows[0]["userRoleID"].ToString(), out tmp);
// Enable menu tabs
if (tmp == 1) //if user is admin enable menu for users
{
toolStripUsersMenu.Enabled = true;
warehouseToolStripMenuItem.Enabled = true;
}
clientsToolStripMenuItem.Enabled = true;
inventoryToolStripMenuItem.Enabled = true;
openWelcomeScreen(tmp);
}
else
{
MessageBox.Show("Please enter valid user name and password");
}
}
else
{
MessageBox.Show("Connection to DataBase Have Been Lost");
}
}
private void btnAddUser_Click(object sender, EventArgs e)
{
if (txtFName.Text != "" && txtLName.Text != "" && txtLogin.Text != "")
{
cmd.Parameters["@login"].Value = txtLogin.Text;
cmd.Parameters["@fName"].Value = txtFName.Text;
cmd.Parameters["@lName"].Value = txtLName.Text;
cmd.Parameters["@roleID"].Value = cmbGroup.SelectedIndex + 1;
}
else
{
MessageBox.Show("Please, fill up required fields!");
return;
}
if (txtPassword.Text != "")
{
PasswordEncription hash = new PasswordEncription(txtPassword.Text);
cmd.Parameters["@pass"].Value = hash.getHash();
}
if (connection != null)
{
if (fType == "Add")
{
if (txtPassword.Text != "")
{
try
{
cmd.CommandText = queries.addUser;
cmd.Connection = connection;
cmd.ExecuteNonQuery();
users.fillData();
Close();
}
catch (MySqlException ex)
{
MessageBox.Show(ex.ToString());
}
}
else
{
MessageBox.Show("Please enter password");
}
}
else
{
try
{
cmd.CommandText = queries.updateUser;
cmd.Connection = connection;
cmd.ExecuteNonQuery();
if (txtPassword.Text != "")
{
cmd.CommandText = queries.updateUserPass;
cmd.ExecuteNonQuery();
}
users.fillData();
}
catch (MySqlException ex)
{
MessageBox.Show(ex.ToString());
}
Close();
}
}
else
{
MessageBox.Show("Connection Lost");
this.Close();
}
}