Please I am really having trouble creating a simple login application in C#. I just want to create a login form and whenever I enter the username and password it checks from the database if it exists or not, and since I don't have much knowledge about this, I can't manage to do it!
I created a windows form in VS express, and set the design with textboxes for username and password and a login button. Then I added a new element to my project and chose local database ( dataset). In the left, I have two areas: one named data connection with "database1.sdf" in it, and "datasource" with "database1" in it.I have no idea what those two mean, I just created a new user table in the "database1.sdf" and added id,username and password columns. But after that, having only those two elements, I have no clue how to perform what I want to do. What code should I write to connect to the database in order to check the values, and where do I write this code?
I tried many codes online, but it doesn't work :/
I am sorry if my questions seem stupid, but I really need your help ! Thanks !
this is the snippets for visual studio c# coding that i am doing for a system project in our major subject as a programmer
private void btnLogin_Click(object sender, EventArgs e)
{// you can have the database location at your own database
SqlConnection con = new SqlConnection(@"Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=H:\school\copro3\EnrollmentSystemProgram\EnrollmentSystemProgram\Login.mdf;Integrated Security=True;");
//you can use your database table and its contents for the DataAdapter
SqlDataAdapter sda = new SqlDataAdapter("SELECT COUNT (*) FROM tblLogin WHERE Username= '" + txtUser.Text + "' AND Password= '" + txtPass.Text + "'", con);
DataTable dt = new DataTable();
sda.Fill(dt);
if (dt.Rows[0][0].ToString() == "1")
{
this.Hide();
new frmDashboard().Show();
}
else
{
lblNotify.Show();
lblNotify.Text = "Login Unsuccessful";
txtUser.Text = "";
txtPass.Text = "";
}
}
private void frmLogin_Load(object sender, EventArgs e)
{
lblNotify.Hide();
}
Do not do this
SELECT COUNT (*) FROM tblLogin WHERE Username= '" + txtUser.Text + "' AND Password= '" + txtPass.Text + "'"
This opens for exploits
Store the Username in a varible like Username = @Username
and then use
sqlCommand.Parameters.AddWithValue("@Username", txtUser.Text);
This is the code that I inserted for our program thesis for the login button
string select = @"Select * From tblUsers Where Username = @Username and Password = @Password and PositionInTheCompany = @Privilege";
using (con)
{
con.Open();
using (cmd = new SqlCommand(select, con))
{
cmd.Parameters.AddWithValue("@Username", txtLoginUsername.Text);
cmd.Parameters.AddWithValue("@Password", txtLoginPassword.Text);
cmd.Parameters.AddWithValue("@Privilege", cmbLoginUsertype.Text);
using (read = cmd.ExecuteReader())
{
if (read.HasRows)
{
// you can also use the else if statements here for the user privileges
read.Read();
this.Hide()
dashboard.Show();
txtLoginPassword.Text = "";
txtLoginUsername.Text = "";
cmbLoginUsertype.Text = "";
}
else
{
lblLoginMessage.Show();
lblLoginMessage.Text = "Access Denied!";
txtLoginPassword.Text = "";
txtLoginUsername.Text = "";
cmbLoginUsertype.Text = "";
}
}
}
}
For the SqlConnection, i used a class called ConnectionString
public partial class frmLogin : Form
{
ConnectionString cs = new ConnectionString();
frmDashboard dashboard = new frmDashboard();
public SqlConnection con = new SqlConnection();
public SqlCommand cmd = new SqlCommand();
public SqlDataReader read;
public frmLogin()
{
InitializeComponent();
}
private void frmLogin_Load(object sender, EventArgs e)
{
lblLoginMessage.Hide();
con = new SqlConnection(cs.conStr);
}
I don't know if using class
for the connection causes errors, but i used it because I don't want to make my code have lots of snippets. For the ConnectionString class
class ConnectionString
{
public string conStr = // the connection source of the database
}
I use one database for multiple tables
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.