vb.net how to create the login permission

Question

 Private Sub Edit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Edit.Click
    LoginForm.ShowDialog()
    If Me.DataGridView1.Rows.Count > 0 Then
        If Me.DataGridView1.SelectedRows.Count > 0 Then
            Dim intcid1 As Integer = Me.DataGridView1.SelectedRows(0).Cells("ID").Value
            'open connection
            If Not cn3.State = ConnectionState.Open Then
                cn3.Open()
            End If
            'get data into datatable
            Dim da As New OleDb.OleDbDataAdapter("SELECT * FROM stock " & _
                                                 " WHERE cid=" & intcid1, cn3)
            Dim dt As New DataTable
            da.Fill(dt)
            Me.txtbarcode.Text = intcid1
            Me.txtdetail1.Text = dt.Rows(0).Item("CheckerDetail")

            Me.txtbarcode.Tag = intcid1
            'change button save to update
            Me.save.Text = "Update"
            'disable button edit
            'Me.Edit.Enabled = True
            Me.save.Enabled = True
        End If
    End If
    cn3.Close()
End Sub

Private Sub save_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles save.Click
    Dim cmd As New OleDb.OleDbCommand
    If Not cn3.State = ConnectionState.Open Then
        'open connection if it is not open yet
        cn3.Open()
    End If
    cmd.Connection = cn3

    cmd.CommandText = "INSERT INTO stock([checkercid],[CheckerName],[ShipQuantity],[Date],[CompanyName],[CheckerDetail]) " &
   "VALUES( '" & getLastNumber().ToString & "','" & Me.txtCN.Text & "', '" & Me.txtQty.Text & "', '" & Date.Now.ToString("yyyy-MM-dd HH:mm:ss") & "', '" & Me.txtCompanyN.Text & "', '" & Me.txtdetail1.Text & "')"


    'Error message if user not fill yhe textbox
    If txtdetail1.Text.Trim = "" Then
        MessageBox.Show("Please Insert Data", "Error Message")
        Exit Sub
    End If

    cmd.CommandText = "UPDATE stock " & _
            " SET" & _
            " [CheckerDetail]='" & Me.txtdetail1.Text & "'" & _
            " WHERE [cid]=" & DataGridView1("ID", DataGridView1.CurrentCell.RowIndex).Value

    MsgBox("Update Data Successful", MsgBoxStyle.OkOnly, "Message")
    cmd.ExecuteNonQuery()
    Me.btnClear.PerformClick()
    RefreshData1()
    cn3.Close()

End Sub

Answer 1

I moved things around trying to keep the User Interface code in the Form and the Data Access code in your class. You had Retries in 2 different places. You only need it in one. boolresetPassword is never used in your code. Since you are hard coding the password don't set a bunch of properties of the class in the form. Just put your connection string in the constructor of the connection in the class. The validated data for the LogIn function is passed to the function.

You don't need all those properties in your class. Just add your connection string. You can pass your Select statement and the connection directly to the constructor of the command. Don't use .AddWithValue. See http://www.dbdelta.com/addwithvalue-is-evil/ and https://blogs.msmvps.com/jcoehoorn/blog/2014/05/12/can-we-stop-using-addwithvalue-already/ and another one: https://dba.stackexchange.com/questions/195937/addwithvalue-performance-and-plan-cache-implications

I changed the Select to retrieve Count which is all you need to know.

As far as the Cancel button ask a new question with the code for the cancel button.

Public Class LoginForm
    Private Retrys As Integer 'Integers automatically initialize to zero

    Private Sub Ok_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Ok.Click
        If Retrys = 2 Then
            MessageBox.Show("Sorry, you have exceeded the maximum number of attempts to login")
            Close()
        End If

        Dim AppLogin As New ApplicatioLogin
        'Do your validation here; not in the Data Access code.
        If Not String.IsNullOrWhiteSpace(un.Text) AndAlso Not String.IsNullOrWhiteSpace(pw.Text) Then
            If AppLogin.Login(un.Text, pw.Text) Then
                SensitiveDataForm.Load()
                Close()
            Else
                Retrys += 1
                MessageBox.Show("Login Failed")
            End If
        Else
            MessageBox.Show("Please fill in both username and password")
        End If
    End Sub
End Class
Public Class ApplicatioLogin
        Public Function Login(UserName As String, UserPassword As String) As Boolean
            Dim recordCount As Integer
            Using cn As New OleDb.OleDbConnection("Your connection string")
                Using cmd As New OleDb.OleDbCommand("SELECT Count(*) FROM Users 
                    WHERE UserName = @UserName AND UserPassword = @UserPassword", cn)
                    cmd.Parameters.Add("@UserName", OleDbType.VarChar).Value = UserName
                    cmd.Parameters.Add("@UserPassword", OleDbType.VarChar).Value = UserPassword
                    cn.Open()
                    recordCount = CInt(cmd.ExecuteScalar)
                End Using
            End Using
            If recordCount = 1 Then
                Return True
            Else
                Return False
            End If
        End Function
End Class