Administrator can update customer details using their customer(s) Id

private void update_customer_details_Load(object sender, EventArgs e) { con.ConnectionString = "Data Source=ANURAG-PC\\SQLEXPRESS;Initial Catalog=hotelmanagmentservices;Integrated Security=True"; cmd12(); } public void cmd12() { con.Open(); SqlCommand cmdfrm = new SqlCommand("Select customerid from tblcheckedindetail", con); SqlDataReader read = cmdfrm.ExecuteReader(); while (read.Read()) { comboBox1.Items.Add(read[0].ToString()); } con.Close(); }

private void button1_Click(object sender, EventArgs e) { con.Open(); string update="update tblcheckedindetail set firstname=@fname,lastname=@lname,address=@add,phone=@phn where customerid=@id"; SqlCommand updatecmd = new SqlCommand(update, con); updatecmd.Parameters.Add(new SqlParameter("@id", comboBox1.Text)); updatecmd.Parameters.Add(new SqlParameter("@fname", textBox1.Text)); updatecmd.Parameters.Add(new SqlParameter("@lname", textBox2.Text)); updatecmd.Parameters.Add(new SqlParameter("@add", textBox3.Text)); updatecmd.Parameters.Add(new SqlParameter("@phn", textBox4.Text)); updatecmd.ExecuteNonQuery(); MessageBox.Show("Customer(s) details successfully updated","Updated",MessageBoxButtons.OK,MessageBoxIcon.Information); con.Close(); comboBox1.Text = ""; textBox1.Text = ""; textBox2.Text = ""; textBox3.Text = ""; textBox4.Text = ""; comboBox1.Items.Clear(); cmd12(); } private void comboBox1_SelectedIndexChanged(object sender, EventArgs e) { con.Open(); string query="Select firstname,lastname,address,phone from tblcheckedindetail where customerid=@custmrid"; SqlCommand cmd = new SqlCommand(query, con); cmd.Parameters.Add(new SqlParameter("@custmrid", comboBox1.Text)); SqlDataReader readdata = cmd.ExecuteReader(); while (readdata.Read()) { textBox1.Text = readdata[0].ToString(); textBox2.Text = readdata[1].ToString(); textBox3.Text = readdata[2].ToString();

textBox4.Text = readdata[3].ToString(); } con.Close(); } private void button2_Click(object sender, EventArgs e) { this.Close(); } } }

Administrator can change his password on the basis of his account name and previous password

private void button1_Click(object sender, EventArgs e) { if ((textBox1.Text == "") && (textBox2.Text == "") && (textBox3.Text == "")) { MessageBox.Show("With empty fields you cannot change password ", "Please try again", MessageBoxButtons.OK, MessageBoxIcon.Asterisk); con.Close(); } else { try { con.ConnectionString = "Data Source=ANURAG-PC\\SQLEXPRESS;Initial Catalog=hotelmanagmentservices;Integrated Security=True"; con.Open(); string query = "update login set password=@newpass from login where username=@user and password=@pass"; SqlCommand cmd = new SqlCommand(query, con); cmd.Parameters.Add(new SqlParameter("@user", textBox1.Text)); cmd.Parameters.Add(new SqlParameter("@pass", textBox2.Text)); cmd.Parameters.Add(new SqlParameter("@newpass", textBox3.Text));

cmd.ExecuteNonQuery(); MessageBox.Show("Your new password saved successfully", "Password Saved", MessageBoxButtons.OK, MessageBoxIcon.Information); textBox1.Text = ""; textBox2.Text = ""; textBox3.Text = "";

con.Close(); this.Close(); } catch (Exception) { MessageBox.Show("Either username or password is incorect please try again", "Login Error", MessageBoxButtons.OK, MessageBoxIcon.Asterisk); }

} } } }

Administrator can check his password