public void CheckLogin(TextBox Username, TextBox Password)
{
SqlCeConnection Connection = DataBaseConnection.Instance.Connection;
if (Username.TextLength > 0 && Password.TextLength > 0)
{
try
{
SqlCeCommand logincommand = new SqlCeCommand(@"SELECT * FROM Users WHERE UserName=@uname and Password=@pass", Connection);
logincommand.Parameters.AddWithValue("@uname", Username.Text);
logincommand.Parameters.AddWithValue("@pass", Encrypt.hashPassword(Password.Text));
SqlCeDataReader loginReader = logincommand.ExecuteReader();
if (loginReader.Read() &&
loginReader["UserName"].ToString() == Username.Text &&
loginReader["Password"].ToString() == Encrypt.hashPassword(Password.Text))
{
SqlCeCommand admincommand = new SqlCeCommand(@"SELECT * FROM Administration WHERE UsersId =@LoggedId", Connection);
admincommand.Parameters.AddWithValue("@LoggedId", loginReader["Id"]);
SqlCeDataReader adminReader = admincommand.ExecuteReader(); //ADMIN
SqlCeCommand teachercommand = new SqlCeCommand(@"SELECT * FROM Teachers WHERE UsersId =@LoggedId", Connection);
teachercommand.Parameters.AddWithValue("@LoggedId", loginReader["Id"]);
SqlCeDataReader teacherReader = teachercommand.ExecuteReader(); //TEACHER
SqlCeCommand directorcommand = new SqlCeCommand(@"SELECT * FROM Directors WHERE UsersId =@LoggedId", Connection);
directorcommand.Parameters.AddWithValue("@LoggedId", loginReader["Id"]);
SqlCeDataReader directorReader = directorcommand.ExecuteReader(); //DIRECTOR
User user = new User((int)loginReader["Id"], (string)loginReader["UserName"], (string)loginReader["Password"]);
if (adminReader.Read() && user.Id == (int)adminReader["UsersId"])
{
flag = true;
Admin admin = new Admin((int)adminReader["Id"], (string)adminReader["Name"], (string)adminReader["Surname"], (int)adminReader["UsersId"]);
Form newform = new AdministrationForm(user, admin);
newform.Show();
}
else if (teacherReader.Read() && user.Id == (int)teacherReader["UsersId"])
{
flag = true;
Teacher teacher = new Teacher((int)teacherReader["Id"], (string)teacherReader["Name"], (string)teacherReader["Surname"], (string)teacherReader["Address"], (string)teacherReader["Phone_number"], (int)teacherReader["UsersId"]);
Form newform = new TeacherForm(user, teacher);
newform.Show();
}
else if (directorReader.Read() && user.Id == (int)directorReader["UsersId"])
{
flag = true;
Director director = new Director((int)directorReader["Id"], (string)directorReader["Name"], (string)directorReader["Surname"], (int)directorReader["UsersId"]);
Form newform = new DirectorForm(user, director);
newform.Show();
}
else
{
flag = false;
MessageBox.Show("Netacni podaci");
}
}
else
{
flag = false;
MessageBox.Show("Netacni podaci");
Username.Text = "";
Password.Text = "";
}
}
catch (Exception ex)
{
flag = false;
MessageBox.Show("Neočekivana greška:" + ex.Message);
}
}
}
public void CheckLogin(TextBox Username, TextBox Password)
{
LoginForm logf = new LoginForm();
string Dir = logf.GetHomeDirectory();
string connectionString = ConfigurationManager.ConnectionStrings["ConString"].ConnectionString + "Data Source ='" + @Dir + "\\DataBase.sdf'";
using (SqlCeConnection Connection = new SqlCeConnection())
{ if (Username.TextLength > 0 && Password.TextLength > 0)
{
try
{
Connection.ConnectionString = connectionString;
Connection.Open();
SqlCeCommand logincommand = new SqlCeCommand(@"SELECT Id,UserName,Password FROM Users
WHERE UserName=@uname and Password=@pass", Connection);
logincommand.Parameters.AddWithValue("@uname", Username.Text);
logincommand.Parameters.AddWithValue("@pass", Password.Text);
SqlCeDataReader loginReader = logincommand.ExecuteReader();
if (loginReader.Read() &&
loginReader["UserName"].ToString() == Username.Text &&
loginReader["Password"].ToString() == Password.Text)
{
SqlCeCommand admincommand = new SqlCeCommand(@"SELECT Name,Surname,UsersId FROM Administration
WHERE UsersId =@LoggedId", Connection);
admincommand.Parameters.AddWithValue("@LoggedId", loginReader["Id"]);
SqlCeDataReader adminReader = admincommand.ExecuteReader(); //ADMIN
SqlCeCommand teachercommand = new SqlCeCommand(@"SELECT Name,Surname,UsersId FROM Teachers
WHERE UsersId =@LoggedId", Connection);
teachercommand.Parameters.AddWithValue("@LoggedId", loginReader["Id"]);
SqlCeDataReader teacherReader = teachercommand.ExecuteReader(); //TEACHER
SqlCeCommand directorcommand = new SqlCeCommand(@"SELECT Name,Surname,UsersId FROM Directors
WHERE UsersId =@LoggedId", Connection);
directorcommand.Parameters.AddWithValue("@LoggedId", loginReader["Id"]);
SqlCeDataReader directorReader = directorcommand.ExecuteReader(); //DIRECTOR
if (adminReader.Read() && loginReader["Id"].ToString() == adminReader["UsersId"].ToString())
{
flag = true;
Form newform = new AdministrationForm();
newform.Show();
}
else if (teacherReader.Read() && loginReader["Id"].ToString() == teacherReader["UsersId"].ToString())
{
flag = true;
Form newform = new TeacherForm();
newform.Show();
}
else if (directorReader.Read() && loginReader["Id"].ToString() == directorReader["UsersId"].ToString())
{
flag = true;
Form newform = new DirectorForm();
newform.Show();
}
else
{
flag = false;
MessageBox.Show("Netacni podaci");
}
}
else
{
flag = false;
MessageBox.Show("Netacni podaci");
Username.Text = "";
Password.Text = "";
}
}
catch (Exception ex)
{
flag = false;
MessageBox.Show("Neočekivana greška:" + ex.Message);
}
}
}
}
