private void button1_Click(object sender, EventArgs e)
{
MySqlConnection conn = new MySqlConnection(_connectionString);
DateTime date = DateTime.Today;
DateTime hour = DateTime.Now;
try
{
conn.Open();
string sql = "SELECT * FROM user where login = '******' and pwd = '" +
SHA.petitsha(tb_pwd.Text)
+ "';";
MySqlCommand cmd = new MySqlCommand(sql, conn);
MySqlDataReader rdr = cmd.ExecuteReader();
rdr.Read();
if (rdr.HasRows)
{
id = rdr[5].ToString();
login = rdr[1].ToString();
string heureCo = hour.ToString("t");
string sql2 = "INSERT INTO connexion (login,heureDebut,Date,nom,prenom) VALUES ('" + login + "','" + heureCo + "','" + date.ToString("d") + "','" + rdr[2].ToString() + "','" + rdr[1].ToString() + "');";
rdr.Close();
MySqlCommand cmd2 = new MySqlCommand(sql2, conn);
MySqlDataReader rdr2 = cmd2.ExecuteReader();
rdr2.Close();
string sql3 = "SELECT id from connexion where heureDebut = '" + heureCo + "';";
MySqlCommand cmd3 = new MySqlCommand(sql3, conn);
MySqlDataReader rdr3 = cmd3.ExecuteReader();
rdr3.Read();
idco = rdr3[0].ToString();
rdr3.Close();
this.DialogResult = DialogResult.OK;
}
else if (echec < 2)
{
MessageBox.Show("Login ou mot de passe incorrect !");
echec++;
rdr.Close();
}
else
{
rdr.Close();
string erreurCo = hour.ToString("t");
string sql2 = "insert into erreurco (login,date) values ('" + tb_log.Text + "','" + DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss") + "');";
MySqlCommand cmd2 = new MySqlCommand(sql2, conn);
MySqlDataReader rdr2 = cmd2.ExecuteReader();
this.DialogResult = DialogResult.Cancel;
}
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
}
public void Save()
{
string sqlModif;
MySqlConnection conn = new MySqlConnection(_connectionString);
conn.Open();
string sqlVerif = "Select * from user where id = '" + id + "';";
MySqlCommand cmdVerif = new MySqlCommand(sqlVerif, conn);
MySqlDataReader rdrVerif = cmdVerif.ExecuteReader();
rdrVerif.Read();
if (rdrVerif.HasRows)
{
rdrVerif.Close();
if (pwd != "")
{
sqlModif = "Update user SET login = '******', nom = '" + nom + "', prenom = '" + prenom + "', pwd = '" + SHA.petitsha(pwd) +
"', adm = '" + admin + "' where id = '" + id + "';";
}
else
{
sqlModif = "Update user SET login = '******', nom = '" + nom + "', prenom = '" + prenom + "', adm = '" + admin + "' where id = '" + id + "';";
}
MySqlCommand cmdModif = new MySqlCommand(sqlModif, conn);
cmdModif.ExecuteNonQuery();
}
else
{
rdrVerif.Close();
string sql = "INSERT INTO `user` (`login`,nom,prenom, pwd, `adm`) VALUES ('" + login + "', '" + nom + "','" + prenom + "','" + SHA.petitsha(pwd) + "', '" + admin + "');";
MySqlCommand cmd = new MySqlCommand(sql, conn);
MySqlDataReader rdr = cmd.ExecuteReader();
rdr.Close();
}
conn.Close();
}
