private void loginOnSystem() { // for connection string project.Properties.Settings s = new project.Properties.Settings(); string userName = userNameTextBox.Text, pass = passTextBox.Text, sqlCommand = "SELECT * FROM All_Users " + "WHERE username = @user_id AND pass = @pass_id"; SqlConnection connection = null; SqlDataReader rdr = null; try { // create new connection connection = new System.Data.SqlClient.SqlConnection(); // set connection string connection.ConnectionString = s.TESTConnectionString; // open connection connection.Open(); // create command SqlCommand sql = new SqlCommand(sqlCommand, connection); sql.Parameters.Add(new SqlParameter("@user_id", userNameTextBox.Text)); sql.Parameters.Add(new SqlParameter("@pass_id", passTextBox.Text)); // and execute it rdr = sql.ExecuteReader(); if (rdr.Read()) { if ((bool)rdr["isLogin"] == false) { // if user loged in for the first time // show ChangePassForm ChangePassword changePass = new ChangePassword(this); changePass.fillFormComponents((string)rdr["userType"], (string)rdr["username"], false); changePass.Show(); } else { // else depending on userType open form if ("administrator".Equals(((string)rdr["userType"]).ToLower())) { application = new AdminApplication((string)rdr["username"]); } else if ("laboratory personnel".Equals(((string)rdr["userType"]).ToLower())) { application = new LabApplication((string)rdr["username"]); } else if ("teacher".Equals(((string)rdr["userType"]).ToLower())) { application = new TeacherApplication((string)rdr["username"]); } application.setParent(this); application.Show(); } } else { clearFormComponents(); MessageBox.Show("There is no user with that username and password!", "Warning"); setFocusOnUsername(); } } catch (Exception) { } finally { // close reader if (rdr != null) { rdr.Close(); } // close connection if (connection != null) { connection.Close(); } } }