public void Load_Admin_Students()
{
#region
Admin_Students a_s = new Admin_Students(Admin_ListedUsers_LoginDetails_LoggedInAs_TextBox.Text, Admin_ListedUsers_LoginDetails_UserLevel_TextBox.Text);
this.Hide();
a_s.ShowDialog();
#endregion
}
public void Decide_HomePage_By_UserLevel()
{
#region
//Conditional statement determines which UI Home Page to redirect to (necessary as the DatabaseHistory page is accesscible to both
//StaffMembers and Admins)
if (DatabaseHistory_LoginDetails_UserLevel_TextBox.Text == "Admin")
{
this.Hide();
Admin_Students admp = new Admin_Students(DatabaseHistory_LoginDetails_LoggedInAs_TextBox.Text, DatabaseHistory_LoginDetails_UserLevel_TextBox.Text);
admp.ShowDialog();
}
else
{
this.Hide();
Students mp = new Students(DatabaseHistory_LoginDetails_LoggedInAs_TextBox.Text, DatabaseHistory_LoginDetails_UserLevel_TextBox.Text);
mp.ShowDialog();
}
#endregion
}
public void Decide_HomePage_By_UserLevel()
{
#region
//Decides which type of interface to redirect to after registration is complete based on the value of the UserLevel TextBox in the
//top right-hand corner of the form (both). This is one of the main reasons why I chose to include these two attributes as intial values
//for the creation of all Form instances in my project.
Admin_Students admp = new Admin_Students(NewStudent_LoginDetails_LoggedInAs_TextBox.Text, NewStudent_LoginDetails_UserLevel_TextBox.Text);
Students mp = new Students(NewStudent_LoginDetails_LoggedInAs_TextBox.Text, NewStudent_LoginDetails_UserLevel_TextBox.Text);
this.Hide();
if (NewStudent_LoginDetails_UserLevel_TextBox.Text == "Admin")
{
admp.ShowDialog();
}
else
{
mp.ShowDialog();
}
#endregion
}
private void Login()
{
#region
//Enclose in a try/catch to handle any exceptions encountered upon execution.
try
{
//Enclose in using braces to automatically close the connection to the database when data retrieval is finished, thus helping to
//sanitize our code.
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
//construct a SQL Query that will query the LoginDetails table of our localDB based on the values of the Username TextBox,
//PasswordTextBox and UserLevel Dropdown.
string sqlQuery = "SELECT Username, UserLevel, Password FROM dbo.LoginDetails WHERE Username = @Username AND UserLevel = @UserLevel AND Password = @Password";
SqlCommand cmd = new SqlCommand(sqlQuery, conn);
//Assign the values of the query parameters to the values of the Username TextBox, Password TextBox and UserLevel Dropdown input
//by the user.
cmd.Parameters.AddWithValue("@Username", LoginScreen_LoginDetails_Username_TextBox.Text);
cmd.Parameters.AddWithValue("@UserLevel", LoginScreen_LoginDetails_UserLevel_Dropdown.Text);
cmd.Parameters.AddWithValue("@Password", SHA_256(LoginScreen_LoginDetails_Password_TextBox.Text));
//method ExecuteReader() is called on our defined SqlCommand cmd, which sends the command text from sqlQuery to the SqlConnection
//coon and builds a SqlDataReader object, defined here as sdr.
SqlDataReader sdr = cmd.ExecuteReader();
//If sdr executes successfully against the database, this means that a record is returned from the LoginDetails table that
//is a result of sqlQuery with its user-defined values (i.e a matching record).
if (sdr.Read() == true)
{
//If a matching record is found, then the value in the UserLevel column (i.e either Admin or StaffMember) of the LoginDetails
//table will dictate whether the user is redirected to either the Admin Home Page (i.e Admin_Students) or the regular Home
//Page (i.e Students).
MessageBox.Show($"Welcome {LoginScreen_LoginDetails_Username_TextBox.Text}!");
this.Hide();
if (LoginScreen_LoginDetails_UserLevel_Dropdown.Text == "Admin")
{
this.Hide();
Admin_Students admp = new Admin_Students(LoginScreen_LoginDetails_Username_TextBox.Text, LoginScreen_LoginDetails_UserLevel_Dropdown.Text);
admp.ShowDialog();
}
else
{
Students mp = new Students(LoginScreen_LoginDetails_Username_TextBox.Text, LoginScreen_LoginDetails_UserLevel_Dropdown.Text);
mp.ShowDialog();
}
}
//If a matching record in the LoginDetails table is not found, an error message is shown, the user stays on the LoginScreen, the
//user input values are cleared and the cursor is focused back to the Username TextBox.
else
{
MessageBox.Show("Login failed. Please try again", "Login denied", MessageBoxButtons.OK, MessageBoxIcon.Error);
LoginScreen_LoginDetails_Username_TextBox.Clear();
LoginScreen_LoginDetails_Password_TextBox.Clear();
LoginScreen_LoginDetails_Username_TextBox.Focus();
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
#endregion
}
public void Delete_Admin_Student()
{
#region
try
{
string sqlQuery1 = "DELETE FROM dbo.Students WHERE StudentID = @StudentID";
string sqlQuery2 = "INSERT INTO dbo.DatabaseHistory" +
$" VALUES('Student Record with StudentID = {Admin_StudentDetails_StudentID_TextBox.Text} was DELETED at {DateTime.Now.ToString("MM/dd/yyyy hh:mm tt")}', @Username)";
//using statement will release conn when it is finished with it
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
//Assign the values of the SqlCommand parameters with their associated TextBox values
SqlCommand cmd1 = new SqlCommand(sqlQuery1, conn);
cmd1.Parameters.AddWithValue("@StudentID", Admin_StudentDetails_StudentID_TextBox.Text);
SqlCommand cmd2 = new SqlCommand(sqlQuery2, conn);
cmd2.Parameters.AddWithValue("@StudentID", int.Parse(Admin_StudentDetails_StudentID_TextBox.Text));
cmd2.Parameters.AddWithValue("@Username", Admin_LoginDetails_LoggedInAs_TextBox.Text);
//Load a dialog box that confirms with the user that they wish to complete the specified action
DialogResult dialog = MessageBox.Show("Are you sure you want to delete this Student record?:" +
$"\n\nStudentID:\t{Admin_StudentDetails_StudentID_TextBox.Text}" +
$"\nFirst Name:\t{Admin_StudentDetails_FirstName_TextBox.Text}" +
$"\nSurname:\t{Admin_StudentDetails_Surname_TextBox.Text}" +
$"\nEmail:\t\t{Admin_StudentDetails_Email_TextBox.Text}" +
$"\nPhoneNo:\t{Admin_StudentDetails_PhoneNo_TextBox.Text}" +
$"\nAddressLine1\t{Admin_StudentDetails_AddressLine1_TextBox.Text}" +
$"\nAddressLine2:\t{Admin_StudentDetails_AddressLine2_TextBox.Text}" +
$"\nCity:\t\t{Admin_StudentDetails_City_TextBox.Text}" +
$"\nCounty:\t\t{Admin_StudentDetails_County_TextBox.Text}" +
$"\nLevel:\t\t{Admin_StudentDetails_Level_TextBox.Text}" +
$"\nCourse:\t\t{Admin_StudentDetails_Course_TextBox.Text}" +
$"\nCountry:\t\t{Admin_StudentDetails_Country_TextBox.Text}",
"Delete Record", MessageBoxButtons.YesNo
);
if (dialog == DialogResult.Yes)
{
//if the user selects 'Yes', sqlQuery1 is executed by cmd1
int a = cmd1.ExecuteNonQuery();
if (a > 0)
{
//if cmd1 executes successfully, sqlQuery2 is executed by cmd2
MessageBox.Show("Record Deleted Successfully", "Successful Delete", MessageBoxButtons.OK);
cmd2.ExecuteNonQuery();
}
else
{
MessageBox.Show("Record Deletion Failed. Please try again", "Failed Delete", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
Admin_Students admp = new Admin_Students(Admin_LoginDetails_LoggedInAs_TextBox.Text, Admin_LoginDetails_UserLevel_TextBox.Text);
this.Hide();
admp.ShowDialog();
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
#endregion
}
public void Edit_Admin_Student()
{
#region
try
{
string sqlQuery1 = $"INSERT INTO dbo.DatabaseHistory" +
$" VALUES ('Student Record with StudentID = {Admin_StudentDetails_StudentID_TextBox.Text} was UPDATED at {DateTime.Now.ToString("MM/dd/yyyy hh:mm tt")}', @Username)";
string sqlQuery2 = "UPDATE dbo.Students" +
" SET Email = @Email," +
" PhoneNo = @PhoneNo," +
" AddressLine1 = @AddressLine1," +
" AddressLine2 = @AddressLine2," +
" City = @City," +
" County = @County," +
" Level = @Level," +
" Country = @Country" +
" WHERE StudentID = @StudentID";
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
SqlCommand cmd1 = new SqlCommand(sqlQuery1, conn);
cmd1.Parameters.AddWithValue("@StudentID", Admin_StudentDetails_StudentID_TextBox.Text);
cmd1.Parameters.AddWithValue("@Username", Admin_LoginDetails_LoggedInAs_TextBox.Text);
SqlCommand cmd2 = new SqlCommand(sqlQuery2, conn);
cmd2.Parameters.AddWithValue("@StudentID", Admin_StudentDetails_StudentID_TextBox.Text);
cmd2.Parameters.AddWithValue("@Email", Admin_StudentDetails_Email_TextBox.Text);
cmd2.Parameters.AddWithValue("@PhoneNo", Admin_StudentDetails_PhoneNo_TextBox.Text);
cmd2.Parameters.AddWithValue("@AddressLine1", Admin_StudentDetails_AddressLine1_TextBox.Text);
cmd2.Parameters.AddWithValue("@AddressLine2", Admin_StudentDetails_AddressLine2_TextBox.Text);
cmd2.Parameters.AddWithValue("@City", Admin_StudentDetails_City_TextBox.Text);
cmd2.Parameters.AddWithValue("@County", Admin_StudentDetails_County_Dropdown.Text);
cmd2.Parameters.AddWithValue("@Level", Admin_StudentDetails_Level_Dropdown.Text);
cmd2.Parameters.AddWithValue("@Country", Admin_StudentDetails_Country_Dropdown.Text);
DialogResult dialog = MessageBox.Show($"Are you sure you want to make the following changes to this Student record with StudentNo = {Admin_StudentDetails_StudentID_TextBox.Text}?:" +
$"\n\nEmail:\n{Admin_StudentDetails_Email_TextBox.Text}\n" +
$"\nPhoneNo:\n{Admin_StudentDetails_PhoneNo_TextBox.Text}\n" +
$"\nAddressLine1:\n{Admin_StudentDetails_AddressLine1_TextBox.Text}\n" +
$"\nAddressLine2:\n{Admin_StudentDetails_AddressLine2_TextBox.Text}\n" +
$"\nCity:\n{Admin_StudentDetails_City_TextBox.Text}\n" +
$"\nCounty:\n{Admin_StudentDetails_County_Dropdown.Text}\n" +
$"\nLevel:\n{Admin_StudentDetails_Level_Dropdown.Text}\n" +
$"\nCountry:\n{Admin_StudentDetails_Country_Dropdown.Text}\n",
"Delete Record", MessageBoxButtons.YesNo
);
if (dialog == DialogResult.Yes)
{
int a = cmd1.ExecuteNonQuery();
if (a > 0)
{
MessageBox.Show("Record Updated Successfully", "Successful Update", MessageBoxButtons.OK);
cmd2.ExecuteNonQuery();
}
else
{
MessageBox.Show("Record Update Failed", "Failed Update", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
Admin_Students admp = new Admin_Students(Admin_LoginDetails_LoggedInAs_TextBox.Text, Admin_LoginDetails_UserLevel_TextBox.Text);
this.Hide();
admp.ShowDialog();
#endregion
}
