This repository has been archived by the owner on Jan 6, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathRecovery.cs
186 lines (168 loc) · 9.47 KB
/
Recovery.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using MySql.Data.MySqlClient;
namespace SPAAT
{
public partial class Recovery : Form
{
string connet = "Server=localhost;Database=zapisaxisfms;Username=root;Password=;";
public Recovery()
{
InitializeComponent();
DisplaySecurityQuestions();
}
private void DisplaySecurityQuestions()
{
string sqlSelect = "SELECT * FROM securityquestions WHERE sqs_id = 1";
try
{
using (MySqlConnection connection = new MySqlConnection(connet))
{
connection.Open();
using (MySqlCommand selectCommand = new MySqlCommand(sqlSelect, connection))
{
using (MySqlDataReader reader = selectCommand.ExecuteReader())
{
if (reader.Read())
{
string sq1Question = reader.IsDBNull(reader.GetOrdinal("sq1")) ? string.Empty : reader.GetString(reader.GetOrdinal("sq1"));
string sq2Question = reader.IsDBNull(reader.GetOrdinal("sq2")) ? string.Empty : reader.GetString(reader.GetOrdinal("sq2"));
string sq3Question = reader.IsDBNull(reader.GetOrdinal("sq3")) ? string.Empty : reader.GetString(reader.GetOrdinal("sq3"));
sq1.Text = "Question 1: " + sq1Question;
sq2.Text = "Question 2: " + sq2Question;
sq3.Text = "Question 3: " + sq3Question;
}
else
{
List<string> defaultQuestions = new List<string>
{
"What is the name of your first pet?",
"In which city were you born?",
"What is your mother's maiden name?",
"What is the name of your favorite childhood teacher?",
"What is the model of your first car?",
"What is the name of your favorite book?",
"What is the name of your best friend from childhood?",
"What is the make of your first computer or laptop?",
"What was the street you lived on in third grade?",
"In which year did you graduate from high school?",
"What is your favorite movie?",
"What is the name of the street you grew up on?",
"What is your favorite color?",
"In which country would you like to retire?",
"What is the name of the company where you had your first job?",
"What is your favorite sports team?",
"What is the middle name of your oldest sibling?",
"What is the name of the elementary school you attended?",
"What is the last name of your favorite high school teacher?",
"What is your favorite holiday destination?"
};
sq1.Text = "Question 1: " + defaultQuestions[0];
sq2.Text = "Question 2: " + defaultQuestions[1];
sq3.Text = "Question 3: " + defaultQuestions[2];
}
}
}
}
}
catch (Exception ex)
{
MessageBox.Show($"Error: {ex.Message}");
}
}
private void set_Click(object sender, EventArgs e)
{
securityStatusLabel.ForeColor = System.Drawing.Color.DarkGreen;
securityStatusLabel.Enabled = true;
securityStatusLabel.Visible = true;
string sq1Answer = sq1a.Text.Trim();
string sq2Answer = sq2a.Text.Trim();
string sq3Answer = sq3a.Text.Trim();
if (string.IsNullOrWhiteSpace(sq1Answer) || string.IsNullOrWhiteSpace(sq2Answer) || string.IsNullOrWhiteSpace(sq3Answer))
{
securityStatusLabel.ForeColor = System.Drawing.Color.Maroon;
securityStatusLabel.Text = "Please fill in all the answers to the security questions.";
return;
}
string sqlSelect = "SELECT * FROM securityquestions WHERE sqs_id = 1";
try
{
using (MySqlConnection connection = new MySqlConnection(connet))
{
connection.Open();
using (MySqlCommand selectCommand = new MySqlCommand(sqlSelect, connection))
{
using (MySqlDataReader reader = selectCommand.ExecuteReader())
{
if (reader.Read())
{
string storedSq1Answer = reader.IsDBNull(reader.GetOrdinal("sq1a")) ? string.Empty : reader.GetString(reader.GetOrdinal("sq1a"));
string storedSq2Answer = reader.IsDBNull(reader.GetOrdinal("sq2a")) ? string.Empty : reader.GetString(reader.GetOrdinal("sq2a"));
string storedSq3Answer = reader.IsDBNull(reader.GetOrdinal("sq3a")) ? string.Empty : reader.GetString(reader.GetOrdinal("sq3a"));
bool isCorrect = CheckAnswers(sq1Answer, sq2Answer, sq3Answer, storedSq1Answer, storedSq2Answer, storedSq3Answer);
if (isCorrect)
{
string adminUsername;
string adminPassword;
reader.Close();
string sqlRetrieveAdmin = "SELECT username, password FROM users WHERE user_id = 1";
using (MySqlCommand retrieveAdminCommand = new MySqlCommand(sqlRetrieveAdmin, connection))
{
using (MySqlDataReader adminReader = retrieveAdminCommand.ExecuteReader())
{
if (adminReader.Read())
{
adminUsername = adminReader.IsDBNull(adminReader.GetOrdinal("username")) ? string.Empty : adminReader.GetString(adminReader.GetOrdinal("username"));
adminPassword = adminReader.IsDBNull(adminReader.GetOrdinal("password")) ? string.Empty : adminReader.GetString(adminReader.GetOrdinal("password"));
}
else
{
securityStatusLabel.ForeColor = System.Drawing.Color.Maroon;
securityStatusLabel.Text = "Failed to retrieve admin credentials.";
return;
}
}
}
securityStatusLabel.ForeColor = System.Drawing.Color.DarkGreen;
securityStatusLabel.Text = "Access Granted.";
var rec = MessageBox.Show($"Your access has been recovered.\n\nAdmin Username: {adminUsername}\nAdmin Password: {adminPassword}\n\nDo you want to close the recovery page?", "Access Recovered.", MessageBoxButtons.YesNo, MessageBoxIcon.Information);
if (rec == DialogResult.Yes)
{
this.Close();
}
}
else
{
securityStatusLabel.ForeColor = System.Drawing.Color.Maroon;
securityStatusLabel.Text = "Incorrect answers. Please try again.";
}
}
else
{
securityStatusLabel.ForeColor = System.Drawing.Color.Maroon;
securityStatusLabel.Text = "Incorrect answers. Please try again.";
}
}
}
}
}
catch (Exception ex)
{
MessageBox.Show($"Error: {ex.Message}");
}
}
private bool CheckAnswers(string inputSq1, string inputSq2, string inputSq3, string storedSq1, string storedSq2, string storedSq3)
{
return inputSq1.Equals(storedSq1, StringComparison.OrdinalIgnoreCase) &&
inputSq2.Equals(storedSq2, StringComparison.OrdinalIgnoreCase) &&
inputSq3.Equals(storedSq3, StringComparison.OrdinalIgnoreCase);
}
}
}