private void btOK_Click(object sender, EventArgs e)
{
if ((tbLogin.Text.Trim() == "") || (tbPassword.Text == ""))
{
MessageBox.Show(@"Заполните логин и пароль!");
}
else
{
using (var sConn = new SqlConnection(_sConnStr))
{
var sCommandSalt = new SqlCommand
{
Connection = sConn,
CommandText = @"SELECT Salt FROM Пользователи WHERE Login = @login"
};
sConn.Open();
sCommandSalt.Parameters.AddWithValue("@login", tbLogin.Text.Trim());
string salt = (string)sCommandSalt.ExecuteScalar();
var sCommand = new SqlCommand
{
Connection = sConn,
CommandText = "select * from Пользователи where Login = @login and Password = @password" //поиск пользователей с таким же логином
};
sCommand.Parameters.AddWithValue("@login", tbLogin.Text.Trim());
sCommand.Parameters.AddWithValue("@password", hash(salt, tbPassword.Text));
if (sCommand.ExecuteScalar() != null)
{
int id = (int)sCommand.ExecuteScalar();
var sCommand1 = new SqlCommand
{
Connection = sConn,
CommandText = "select Статус from Пользователи where [id пользователя] = @id" //поиск пользователей с таким же логином
};
sCommand1.Parameters.AddWithValue("@id", id);
string st = (string)sCommand1.ExecuteScalar();
var fAdmin = new FormAdmin(false);
fAdmin.Text = "Вы вошли как " + st;
if (st == "Администратор")
{
fAdmin.User = true;
}
else
{
fAdmin.User = false;
}
fAdmin.ShowDialog();
}
else
{
MessageBox.Show(@"Пользователь с таким логином и паролем не найден!");
}
}
}
}
private void btGuest_Click(object sender, EventArgs e)
{
var fGuest = new FormAdmin(true);
fGuest.User = false;
fGuest.Text = "Вы вошли как гость";
if (fGuest.ShowDialog() == DialogResult.OK)
{
}
}