public UserVerification UserLogin(string UserName, string Password) { UserVerification user = null; if (db.OpenConnection()) { MySqlCommand cmd = new MySqlCommand("SELECT UserName,Password,Role from tbluser WHERE UserName = @UserName", db.conn); cmd.Parameters.AddWithValue("UserName", UserName); cmd.Parameters.AddWithValue("Password", Password); try { MySqlDataReader datareader = cmd.ExecuteReader(); while (datareader.Read()) { user = new UserVerification { UserName = datareader["UserName"].ToString(), Password = datareader["Password"].ToString(), Role = datareader["Role"].ToString() }; } } catch (MySqlException ex) { throw new Exception(ex.Message); } catch (Exception em) { throw new Exception(em.Message); } if (user == null) { db.CloseConnection(); throw new Exception("Invalid username"); } if (ClassHashing.VerifyMd5Hash(Password, user.Password)) { db.CloseConnection(); return(user); } else { db.CloseConnection(); throw new Exception("Invalid username or password"); } } else { return(user); } }