/** * Checks the users referenced login information against the DB * to see if they are allowed to login. Returns true if they are * allowed, and returns false if they are not. */ private bool checkLogin() { // Setup our return data bool returnVal = false; // Get our info from the form. string userName = tb_userName.Text; string password = tb_password.Text; // Set up a structure to save our response List <NameValueCollection> queryResult; // Execute the Query, checking for username and password. queryResult = dbManager.query("SELECT * FROM user WHERE userName = '******' AND password = '******'"); //queryResult = dbManager.query("SELECT * FROM user WHERE userName = @user_name AND password = @pass_word"); if (queryResult.Count >= 1) { returnVal = true; stateManager.setUserName(userName, password); } else { returnVal = false; } return(returnVal); }
/** * Called when the user clicks the submit button. */ private void submitButton_Click_1(object sender, EventArgs e) { // We want the gui to know we aren't clicking the exit button. closeProgram = false; string userName = tb_userName.Text; string password = tb_password.Text; //TODO: Sanitize this sql input. // Create our insert Query string query = "INSERT INTO user (userName, password) VALUES('" + userName + "', '" + password + "');"; // Attempt the insert if (dbManager.insert(query)) { // Set our username in the state Machine. stateManager.setUserName(userName, password); // Close this form this.Close(); // Open the choose trainer form ChooseTrainerPage tp = new ChooseTrainerPage(dbManager, stateManager); tp.Show(); } else { // Show error to user statusBar.Text = "Error, could not register user: " + userName; // Hey maybe we will click the exit button next time. closeProgram = true; } }
/** * Checks the users referenced login information against the DB * to see if they are allowed to login. Returns true if they are * allowed, and returns false if they are not. */ private bool checkLogin() { // Setup our return data bool returnVal = false; // Get our info from the form. string userName = tb_userName.Text; string password = tb_password.Text; // Set up a structure to save our response List <NameValueCollection> queryResult; // Execute the Query, checking for username and password. queryResult = dbManager.query("SELECT * FROM user WHERE userName = '******' AND password = '******'"); //queryResult = dbManager.query("SELECT * FROM user WHERE userName = @user_name AND password = @pass_word"); if (queryResult.Count >= 1) { returnVal = true; stateManager.setUserName(userName, password); stateManager.setFirstName(queryResult[0]["firstName"]); stateManager.setLastName(queryResult[0]["lastName"]); stateManager.setPassword(password); string str_isAdmin = queryResult[0]["isAdmin"]; bool isAdmin; if (str_isAdmin == "") { isAdmin = false; } else { isAdmin = bool.Parse(queryResult[0]["isAdmin"]); } stateManager.setIsAdmin(isAdmin); } else { returnVal = false; } return(returnVal); }