-
Notifications
You must be signed in to change notification settings - Fork 0
/
User.cs
144 lines (126 loc) · 4.75 KB
/
User.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
using System;
using System.Data;
using System.Data.SqlClient;
using System.Security;
using System.Windows.Forms;
namespace Aplikasi_Perpustakaan
{
public partial class User : Form
{
public User()
{
InitializeComponent();
}
public void nav(object sender, EventArgs e)
{
Page page = new Page();
this.Hide();
page.Move(sender, e);
}
private void User_FormClosing(object sender, FormClosingEventArgs e)
{
Application.Exit();
}
private void User_Load(object sender, EventArgs e)
{
lbl_nama.Text = Login.nama;
btn_user.Visible = Login.permission;
panel4.Visible = Login.permission;
panel_admin.Visible = !Login.permission;
FILL();
}
void FILL()
{
Viewer.DataSource = null;
DataTable dt = new DataTable();
string sql = "SELECT * FROM [dbo].[User]";
SqlCommand cmd = new SqlCommand(sql, Navigasi.cnn);
Page.READ(cmd, dt);
Viewer.DataSource = dt;
}
void filtering()
{
Viewer.DataSource = null;
string sql = "";
string search = txt_search.Text;
if (search != "" || !string.IsNullOrEmpty(search))
{
sql = "SELECT * FROM [dbo].[User] WHERE Nama=@search OR [Level]=@search";
}
else
{
sql = "SELECT * FROM [dbo].[User]";
}
DataTable dt = new DataTable();
SqlCommand cmd = new SqlCommand(sql, Navigasi.cnn);
cmd.Parameters.AddWithValue("@search", search);
Page.READ(cmd, dt);
Viewer.DataSource = dt;
}
private void btn_filter_Click(object sender, EventArgs e)
{
filtering();
}
private void Viewer_CellContentClick(object sender, DataGridViewCellEventArgs e)
{
var rows = Viewer.Rows[e.RowIndex];
string sql = "";
string nama = rows.Cells[4].Value.ToString();
string pass = rows.Cells[5].Value.ToString();
var level = rows.Cells[6].Value;
bool success = false;
string hashedpass = Page.HashSha256(pass);
if (nama != "" || !string.IsNullOrEmpty(nama) || pass != "" || !string.IsNullOrEmpty(pass) || nama != "" || !string.IsNullOrEmpty(nama))
{
DataTable dt = new DataTable();
sql = "SELECT * FROM [dbo].[User] Where Nama=@Nama";
SqlCommand cmd = new SqlCommand(sql, Navigasi.cnn);
cmd.Parameters.AddWithValue("@Nama", nama);
Page.READ(cmd, dt);
if ((dt.Rows.Count > 0) != true)
{
if (rows.Cells[e.ColumnIndex].Value.ToString() == "Insert")
{
sql = "INSERT INTO [dbo].[User] (Nama, Password, [Level]) Values (@nama,@Hashedpass,@level)";
success = true;
}
else if (rows.Cells[e.ColumnIndex].Value.ToString() == "Update")
{
if (rows.Cells[3].Value.ToString() == "Masukan Nama" || rows.Cells[4].Value.ToString() == "Masukan Password")
{
sql = "UPDATE [dbo].[User] SET Nama=@Nama, Password=@Hashedpass,[Level]=@level WHERE ID=@ID";
success = true;
}
}
}
else
{
if(rows.Cells[e.ColumnIndex].Value.ToString() == "Delete")
{
sql = "DELETE FROM [dbo].[user] WHERE ID=@ID";
success = true;
}
else
{
MessageBox.Show("Nama User Telah Digunakan");
}
}
}
else
{
MessageBox.Show("Silahkan Isi Nama Dan Password User");
}
if (success != false)
{
MessageBox.Show(rows.Cells[e.ColumnIndex].Value.ToString() + " Berhasil Dijalankan");
SqlCommand cmd = new SqlCommand(sql, Navigasi.cnn);
cmd.Parameters.AddWithValue("@Nama", nama);
cmd.Parameters.AddWithValue("@level", level);
cmd.Parameters.AddWithValue("@ID", rows.Cells[3].Value);
cmd.Parameters.AddWithValue("@Hashedpass", hashedpass);
Page.EXECUTE(cmd);
FILL();
}
}
}
}