public bool login(loginbll u) { //Create a boolean variable and set its value to false and return it bool issuccess = false; //MEthod to connect Database connclass c = new connclass(); SqlConnection conn = new SqlConnection(c.connection); try { //SQL Query to check login string query = "select * from tbl_users where user_name=@user_name AND password=@password AND user_type=@user_type"; //Creating SQL Command to pass value SqlCommand cmd = new SqlCommand(query, conn); //Passing Values to the Variables cmd.Parameters.AddWithValue("@user_name", u.user_name); cmd.Parameters.AddWithValue("@password", u.password); cmd.Parameters.AddWithValue("@user_type", u.user_type); //Getting DAta from dAtabase SqlDataAdapter adapter = new SqlDataAdapter(cmd); //TO hold the data from database DataTable dt = new DataTable(); //Database Connection Open conn.Open(); //Fill Data in our DataTable adapter.Fill(dt); //Checking The rows in DataTable if (dt.Rows.Count > 0) { //Login Sucessful issuccess = true; } else { //Login Failed issuccess = false; } } catch (Exception ex) { //Throw Message if any error occurs MessageBox.Show(ex.Message); } finally { //Closing Connection conn.Close(); } return(issuccess); }
public bool logincheck(loginbll l) { bool issuccess = false; SqlConnection con = new SqlConnection(myconnstring); try { string sql = "SELECT * FROM users_tbl WHERE username=@username AND password=@password AND user_type=@user_type "; SqlCommand cmd = new SqlCommand(sql, con); cmd.Parameters.AddWithValue("@username", l.username); cmd.Parameters.AddWithValue("@password", l.password); cmd.Parameters.AddWithValue("@user_type", l.user_type); SqlDataAdapter adapter = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); con.Open(); adapter.Fill(dt); if (dt.Rows.Count > 0) { issuccess = true; } else { issuccess = false; } } catch (Exception e) { MessageBox.Show(e.Message); } finally { con.Close(); } return(issuccess); }