0

here is screenshot.
http://i.stack.imgur.com/0LAQZ.png

and here is code.

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;
using System.Data.SqlTypes;
using System.IO;
using System.Drawing.Imaging;

namespace SampleApplication
{
    public partial class AddNewUser : Form
    {
        public AddNewUser()
        {
            InitializeComponent();
        }

        // set the connectionstring for the database
        SqlConnection con = new SqlConnection("User Id=sa;Password=123;Initial Catalog=Inventory; data source=Aniket-PC");
        SqlCommand cmd;
        byte[] photo_arry;
        MemoryStream ms;

        public void ConvertImg()
        {
            try
            {
                //create an object of MemoryStream class
                ms = new MemoryStream();

                //save the image into memory stream
                profPic.Image.Save(ms, ImageFormat.Jpeg);

                //assign the byte array with total size of memorystream
                photo_arry = new byte[ms.Length];
                ms.Position = 0;
                ms.Read(photo_arry, 0, photo_arry.Length);
            }
            catch
            {
                MessageBox.Show("Image cannot be converted");
            }
        }
        private void clrBtn_Click(object sender, EventArgs e)
        {
            nameTxt.Text = uNameTxt.Text = passTxt.Text = conPassTxt.Text = emailTxt.Text =addTxt.Text= contTxt.Text = "";
            profPic.Image = null;
            validityCombo.SelectedIndex = 0;
        }

        private void AttachBtn_Click(object sender, EventArgs e)
        {
            // Open  image by OpenFiledialog and show it in PicturBox.
            try
            {
                //filter only image format files.
                openFileDialog1.Filter = "jpeg|*.jpg|bmp|*.bmp|all files|*.*";
                DialogResult res = openFileDialog1.ShowDialog();
                if (res == DialogResult.OK)
                {
                    Image img = new Bitmap(openFileDialog1.FileName);

                    //inserting image in PicturBox
                    profPic.Image = img.GetThumbnailImage(127, 128, null, new IntPtr());
                    openFileDialog1.RestoreDirectory = true;
                }
            }
            catch
            {
                MessageBox.Show("Cannot upload image");
            }
        }

        private void AddNewUser_Load(object sender, EventArgs e)
        {
            //select 1 Year validity bydefault.
            validityCombo.SelectedIndex = 0;

            //validate contact number for 10 digit only
            contTxt.MaxLength= 10;
        }

        private void uNameTxt_Leave(object sender, EventArgs e)
        {
            if (uNameTxt.Text.Trim() == "")
            {
                warningImg.Visible = true;
            }
            else
            {
                DataSet ds = new DataSet();
                SqlDataAdapter da = new SqlDataAdapter("Select * from Register where UserName='" + uNameTxt.Text.Trim() + "'", con);
                da.Fill(ds);
                int count = ds.Tables[0].Rows.Count;

                if (count != 0)
                {
                    warningImg.Visible = true;
                }
                else
                {
                    warningImg.Visible = false;
                }
            }
        }

        private void conPassTxt_Validating(object sender, CancelEventArgs e)
        {
            if (passTxt.Text.Trim() != conPassTxt.Text.Trim())
            {
                PassError.Visible = true;
                //e.Cancel = true;
            }
            else
            {
                PassError.Visible = false;
                e.Cancel = false;
            }
        }

        private void emailTxt_Validating(object sender, CancelEventArgs e)
        {
            System.Text.RegularExpressions.Regex email = new System.Text.RegularExpressions.Regex(@"^[a-zA-Z][\w\.-]*[a-zA-Z0-9]@[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]$");
            if (emailTxt.Text.Trim().Length != 0)
            {
                if (!email.IsMatch(emailTxt.Text.Trim()))
                {
                    emailwarningImg.Visible = true;
                    emailTxt.SelectAll();
                }
                else
                {
                    emailwarningImg.Visible = false;
                }
            }
        }

        private void canBtn_Click(object sender, EventArgs e)
        {
            this.Close();
        }

        private void contTxt_KeyPress(object sender, KeyPressEventArgs e)
        {
            if (!char.IsDigit(e.KeyChar))
            {
                e.Handled = true;
            }
        }

        private void regBtn_Click(object sender, EventArgs e)
        {
            string dor=DORPicker.Value.ToShortDateString();
            string status="Active";
            string role = "User";
            validitycheker.Value=DateTime.Today.AddYears(+1);
            string valid = validitycheker.Value.ToShortDateString();

            if (namewarning.Visible == true || warningImg.Visible==true || PassError.Visible==true || emailwarningImg.Visible==true)
            {
                MessageBox.Show("Please correct the marked fields");
            }
            else if (profPic.Image == null)
            {
                picError.Visible = true;
            }
            else
            {
                picError.Visible = false;

                //check for valedity.
                if (validityCombo.SelectedIndex == 0)
                {
                    validitycheker.Value = DateTime.Today.AddYears(+1);
                }
                else if (validityCombo.SelectedIndex == 1)
                {
                    validitycheker.Value = DateTime.Today.AddYears(+2);
                }
                else
                {
                    validitycheker.Value = DateTime.Today.AddYears(+3);
                }

                //Insertion command.
                cmd=new SqlCommand("insert into Register (Name,UserName,Password,EmailId,Address,ContactNo,Logo,status,validity,AccType,DOR) values('"+ nameTxt.Text.Trim()+"','"+uNameTxt.Text.Trim()+"','"+passTxt.Text.Trim()+"','"+emailTxt.Text.Trim()+"','"+addTxt.Text.Trim()+"','"+contTxt.Text.Trim()+ "',@Logo,'"+status+"','"+ valid+"','"+role+"','"+dor+"')",con);

                //call convert image function.
                con_photo();
                con.Open();
                int n = cmd.ExecuteNonQuery();
                con.Close();
                if (n > 0)
                {
                    MessageBox.Show("Sucsess");
                }
                else
                {
                    MessageBox.Show("Need to work");
                }
            }
        }

        private void nameTxt_Validating(object sender, CancelEventArgs e)
        {
            if (nameTxt.Text.Trim().Length == 0)
            {
                namewarning.Visible = true;
            }
            else
                namewarning.Visible = false;
        }

        //convert image into bytecode.
        void con_photo()
        {
            if (profPic.Image != null)
            {
                ms = new MemoryStream();
                profPic.Image.Save(ms, ImageFormat.Jpeg);
                byte[] photo_array = new byte[ms.Length];
                ms.Position = 0;
                ms.Read(photo_array, 0, photo_array.Length);
                cmd.Parameters.AddWithValue("@Logo", photo_array);
            }
        }

    }
}

hope it helps too many beginners.

2
Contributors
1
Reply
22
Views
3 Years
Discussion Span
Last Post by Michael27
0

On line 66 don't forget to checki if selected file is image

//should check if FileName property is Image
    Image img = new Bitmap(openFileDialog1.FileName);

An insert command on line 191 should be written with sql parameter or else it will be open to sql injection attack

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.