public UserVerification UserLogin(string UserName, string Password)
{
UserVerification user = null;
if (db.OpenConnection())
{
MySqlCommand cmd = new MySqlCommand("SELECT UserName,Password,Role from tbluser WHERE UserName = @UserName", db.conn);
cmd.Parameters.AddWithValue("UserName", UserName);
cmd.Parameters.AddWithValue("Password", Password);
try
{
MySqlDataReader datareader = cmd.ExecuteReader();
while (datareader.Read())
{
user = new UserVerification
{
UserName = datareader["UserName"].ToString(),
Password = datareader["Password"].ToString(),
Role = datareader["Role"].ToString()
};
}
}
catch (MySqlException ex)
{
throw new Exception(ex.Message);
}
catch (Exception em)
{
throw new Exception(em.Message);
}
if (user == null)
{
db.CloseConnection();
throw new Exception("Invalid username");
}
if (ClassHashing.VerifyMd5Hash(Password, user.Password))
{
db.CloseConnection();
return(user);
}
else
{
db.CloseConnection();
throw new Exception("Invalid username or password");
}
}
else
{
return(user);
}
}
