public bool InputLogin(HMSLoginDetails hmslogindetails)
{
string connectionString =
"Data Source=SD-15;" +
"Initial Catalog=HospitalMS;" +
"Integrated Security=True";
try
{
using (SqlConnection connection = new SqlConnection(connectionString))
{
connection.Open();
string selectCommand =
"SELECT Password FROM tblLogin WHERE UserName = @UserName";
SqlCommand command = new SqlCommand();
command.CommandText = selectCommand;
command.Connection = connection;
SqlParameter parameter = new SqlParameter
{
ParameterName = "@UserName",
Value = hmslogindetails.Name,
SqlDbType = SqlDbType.VarChar,
Size = 50
};
command.Parameters.Add(parameter);
string password = command.ExecuteScalar().ToString();
Console.WriteLine(password);
if (password == hmslogindetails.Password)
{
Console.WriteLine("match on password!!!");
selectCommand =
"SELECT Role FROM tblLogin WHERE UserName = @UserName";
command.CommandText = selectCommand;
string role = command.ExecuteScalar().ToString();
Console.WriteLine(role);
hmslogindetails.Role = role;
}
else
{
hmslogindetails.Password = string.Empty;
Console.WriteLine("no match on password...");
return(false);
}
}
}
catch (SqlException ex)
{
Console.WriteLine("A database exception occured: " + ex);
return(false);
}
catch (Exception ex)
{
Console.WriteLine("A database error occured: " + ex);
return(false);
}
return(true);
}
private void BtnLogin_Click(object sender, EventArgs e)
{
String name = TxtName.Text;
String password = TxtPassword.Text;
HMSLoginDetails hmslogindetails = new HMSLoginDetails
{
Name = name,
Password = password
};
Console.WriteLine("Login detail " + hmslogindetails);
if (dao.InputLogin(hmslogindetails))
{
if (hmslogindetails.Role == "Doctor")
{
DoctorMenu doctormenu = new DoctorMenu(this);
doctormenu.Show();
this.Hide();
}
if (hmslogindetails.Role == "Admin")
{
AdminMenu adminmenu = new AdminMenu(this);
adminmenu.Show();
this.Hide();
}
if (hmslogindetails.Role == "Super-User")
{
}
this.Hide();
}
if (TxtName.Text != hmslogindetails.Name || TxtPassword.Text != hmslogindetails.Password)
{
MessageBox.Show("Please enter the right username and/or password");
}
if (TxtName.Text == string.Empty || TxtPassword.Text == string.Empty)
{
MessageBox.Show("Please enter a username/password");
}
if (TxtName.Text.Length < 6)
{
MessageBox.Show("Username needs to be 6 characters or more");
}
else if (TxtName.Text.Length > 14)
{
MessageBox.Show("Username/Password needs to be less than 14 characters");
}
TxtName.Text = string.Empty;
TxtPassword.Text = string.Empty;
}