private void btnContinue_Click(object sender, EventArgs e) { //Hide error text lblLoginError.Visible = false; //Get input values string username = txtUsername.Text, password = txtPassword.Text; //Check if user exists if (!Validation.CheckIfUserExists(username)) { lblLoginError.Text = "User does not exists"; lblLoginError.Visible = true; return; } //Hash password string hashedPassword = Hashing.HashPassword(password); //Check login credentials if (!Validation.CheckLoginCredentials(username, hashedPassword)) { lblLoginError.Text = "Incorrect password"; lblLoginError.Visible = true; return; } else { ProjectSelection projectSetup = new ProjectSelection(); this.Visible = false; Settings.Default.Username = username; projectSetup.Show(); } }
private void btnSignUp_Click(object sender, EventArgs e) { //Store input in variabless string userName = txtUsername.Text, password = txtPassword.Text, confirmPassword = txtConfirmPassword.Text; //Hide error labels lblUsernameError.Visible = false; lblPasswordError.Visible = false; //Check for username errors if (userName == "") { lblUsernameError.Text = "Username field cannot be empty"; lblUsernameError.Visible = true; return; } else if (userName.Length > 50) //Ensure that username length is below cap { lblUsernameError.Text = "Username field cannot be longer than 50 characters"; lblUsernameError.Visible = true; return; } //Check password for errors if (password == "") { lblPasswordError.Text = "Password field cannot be empty"; lblPasswordError.Visible = true; return; } //Check if password and confirm password fields match if (!(password == confirmPassword)) { lblPasswordError.Text = "Password field and Confirm Password field do not match"; lblPasswordError.Visible = true; return; } if (Validation.CheckIfUserExists(userName)) { lblUsernameError.Text = "This username already exists"; lblUsernameError.Visible = true; return; } using (SqlConnection conn = new SqlConnection(DBConnectionString)) { //If no user with the same username exists, add the user to the database string insertUser = "******"; using (SqlCommand insertUserCommand = new SqlCommand(insertUser)) { insertUserCommand.Connection = conn; insertUserCommand.Parameters.Add("@userName", SqlDbType.VarChar, 50).Value = userName; insertUserCommand.Parameters.Add("@hashedPassword", SqlDbType.NChar, 20).Value = Hashing.HashPassword(password); conn.Open(); insertUserCommand.ExecuteNonQuery(); conn.Close(); MessageBox.Show("You have successfully created an account!"); Close(); } } }