public void updateResetedPassword(int staff_id, String password) {
DatabaseHelper db = new DatabaseHelper();
String sql =
"UPDATE admin_login SET password = '******' WHERE staff_id = '" + staff_id + "'";
try {
db.ExecuteStatement(sql);
} catch (SQLException e) {
e.printStackTrace();
}
}
/*
* Gets login details from database,store or "holds" them in an ArrayList,
* Checks if the inputed userName is a number, if it is, it now checks if the
* inputed userName and password is in the database, using the ArrayList holding
* the Login details. If it is, it logs user in if its not, informs user accordingly.
*/
private boolean processLogin(String StaffId, String pw) {
final ArrayList<AdminLoginHolder> loginList = new ArrayList<AdminLoginHolder>();
int staffId = Integer.parseInt(StaffId);
String password = new String(pw);
// sql statement to retrieve userName and password
String sql = "select staff_id, password, isLogedin from admin_login";
try {
ResultSet result = db.ExecuteSql(sql);
while (result.next()) {
AdminLoginHolder holder = new AdminLoginHolder();
holder.setStaff_Id(Integer.parseInt(result.getString(1)));
holder.setPassword(result.getString(2));
holder.setLogedin(result.getBoolean(3));
loginList.add(holder);
}
AdminLoginHolder hold = new AdminLoginHolder();
for (int loop = 0; loop < loginList.size(); loop++) {
hold = loginList.get(loop);
if (hold.getStaff_Id() == staffId && hold.getPassword().equals(password)) {
return true;
}
}
// check if userName is a number here
} catch (SQLException e) {
}
return false;
}