private void BtnLogin_Click(object sender, RoutedEventArgs e) { //Instantiates a Connection String SqlConnection sqlCon = new SqlConnection(); //Sets the connection string to point to the master connection set in "App.config" sqlCon.ConnectionString = ConfigurationManager.ConnectionStrings["masterConnection"].ConnectionString; //Test Connection sqlCon.ConnectionString += ";Connection Timeout=30"; int retries = 0; while (true) { try { sqlCon.Open(); break; } catch (System.Data.SqlClient.SqlException) { if (++retries == 3) { throw; } System.Windows.Forms.MessageBox.Show("Connection Failed. Retry iteration " + (retries)); sqlCon.Close(); continue; } } //Instantiates a new sql command string // SQL command using a stored proc SqlCommand cmd = new SqlCommand("sp_loginCredentials", sqlCon) { CommandType = CommandType.StoredProcedure }; cmd.Parameters.AddWithValue("@username", txtUsername.Text.Trim()); cmd.Parameters.AddWithValue("@password", txtPassword.Text.Trim()); // -------- Following is poopy code that should not be used, this is EASILY Suseptable to SQL Injection --------- // //This is where you write your query to populate the table //You can write any kind of query here //cmd.CommandText = "SELECT * FROM [login] WHERE username = '******' AND password = '******'"; //Sets the commands connection cmd.Connection = sqlCon; // Creates a data adapter and a data table and fills it SqlDataAdapter da = new SqlDataAdapter(cmd); DataTable dtbl = new DataTable("Login"); da.Fill(dtbl); // If there is a user with the username and password if (dtbl.Rows.Count == 1) { //Get the permissions of that user from the database and bind it to the current user username = dtbl.Rows[0]["username"].ToString(); MRP = (bool)dtbl.Rows[0]["maintenanceRecordsPermission"]; ITRP = (bool)dtbl.Rows[0]["itRecordsPermissions"]; TP = (bool)dtbl.Rows[0]["teacherPermissions"]; AP = (bool)dtbl.Rows[0]["adminPermissions"]; SAP = (bool)dtbl.Rows[0]["superAdminPermission"]; CurrentUser.setPermissions(username, MRP, ITRP, TP, AP, SAP); //Open the mainwindow and close the log in window MainWindow mw = new MainWindow(); mw.Show(); sqlCon.Close(); this.Close(); } else { MessageBox.Show("Invalid Login"); } }
private void Button_Click(object sender, RoutedEventArgs e) { MainWindow mainWindow = new MainWindow(); this.Close(); mainWindow.Show(); if (emailTB.Text != "") { try { List <Utilizator> utilizatori = new List <Utilizator>(); string body = ""; myCon.ConnectionString = @"Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=D:\ii-proj\Developer-s-Work\WpfApp1\WpfApp1\PCDB.mdf;Integrated Security=True"; myCon.Open(); DataSet dataset = new DataSet(); SqlDataAdapter dataAdapter = new SqlDataAdapter("SELECT * FROM [user]", myCon); dataAdapter.Fill(dataset, "[user]"); foreach (DataRow dr in dataset.Tables["[user]"].Rows) { int admin = Convert.ToInt32(dr.ItemArray.GetValue(3).ToString()); String emailRead = dr.ItemArray.GetValue(1).ToString(); String passRead = dr.ItemArray.GetValue(2).ToString(); double salary = Convert.ToDouble(dr.ItemArray.GetValue(4).ToString()); utilizatori.Add(new Utilizator(emailRead, passRead, admin, salary)); } myCon.Close(); bool ok = false; foreach (Utilizator utilizator in utilizatori) { if (utilizator.email == emailTB.Text) { body = "Parola voastra este: " + utilizator.pass; new MessageBoxPoni("Mail Trimis!").Show(); ok = true; } } if (ok == true) { var fromAddress = new MailAddress("*****@*****.**"); var fromPassword = "******"; var toAddress = new MailAddress(emailTB.Text); string subject = "SUBIECT"; System.Net.Mail.SmtpClient smtp = new System.Net.Mail.SmtpClient { Host = "smtp.gmail.com", Port = 587, EnableSsl = true, DeliveryMethod = System.Net.Mail.SmtpDeliveryMethod.Network, UseDefaultCredentials = false, Credentials = new NetworkCredential(fromAddress.Address, fromPassword) }; using (var message = new MailMessage(fromAddress, toAddress) { Subject = subject, Body = body }) smtp.Send(message); } else { new MessageBoxPoni("Email introdus gresit!").Show(); } } catch (SmtpException ex) { Console.WriteLine(ex.Message); new MessageBoxPoni("Probleme la comunicarea cu serverul!").Show(); } catch (Exception ex) { Console.WriteLine(ex.Message); new MessageBoxPoni("Email introdus gresit!").Show(); } } else { new MessageBoxPoni("Casuta goala").Show(); } }
private void Button_Click(object sender, RoutedEventArgs e) { MainWindow mainWindow = new MainWindow(); mainWindow.Show(); }