private void CmdAdminLogin_Click(object sender, EventArgs e)
{
if (TxtAdminUserName.Text.Trim().Length == 0)
{
MessageBox.Show("Please enter user name", "Input Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
TxtAdminUserName.Focus();
return;
}
if (TxtAdminPassword.Text.Trim().Length == 0)
{
MessageBox.Show("Please enter password", "Input Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
TxtAdminPassword.Focus();
return;
}
// create a new database connection:
SQLiteConnection sqlite_conn = new SQLiteConnection("Data Source=database.sqlite;Version=3;");
// open the connection:
//SQLiteCommand
sqlite_conn.Open();
string sql = "SELECT * FROM users WHERE username='******' AND password='******'";
SQLiteCommand command = new SQLiteCommand(sql, sqlite_conn);
SQLiteDataReader reader = command.ExecuteReader();
var count = 0;
var name = "";
while (reader.Read())
{
count = count + 1;
name = (string)reader["name"];
Console.WriteLine("Name: " + reader["name"] + "\tScore: " + reader["email"]);
}
if (count == 1)
{
MessageBox.Show("Sukses Login Name: " + name, "Sukses Login", MessageBoxButtons.OK, MessageBoxIcon.Information);
DialogResult = System.Windows.Forms.DialogResult.OK;
this.Close();
}
else if (count == 0)
{
MessageBox.Show("GAGAL Login", "GAGAL Login", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
}
sqlite_conn.Close();
}
private void sValidate()
{
if (Strings.Len(Strings.Trim(TxtAdminUserName.Text)) == 0)
{
MessageBox.Show("Please enter user name", "Input Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
TxtAdminUserName.Focus();
return;
}
if (Strings.Len(Strings.Trim(TxtAdminPassword.Text)) == 0)
{
MessageBox.Show("Please enter password", "Input Error", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
TxtAdminPassword.Focus();
return;
}
try
{
// REVIEW: MOOAS GANI – 5 – DO NOT HARD CODE SQL CONNECTION STRINGS. CHANGE TO PULL FROM APP.CONFIG
SqlConnection cn = new SqlConnection(@"Data Source=.;Initial Catalog=FP_SAMPLE;Integrated Security=True");
if (cn.State == ConnectionState.Open)
{
cn.Close();
}
cn.Open();
// REVIEW: MOOAS GANI – 5 – Refactor this into a Security/Autentication module that does authentication
SqlDataReader dr1 = null;
SqlCommand com = new SqlCommand();
com.CommandText = "select [UserName],[Pass] from AdminInfo where UserName = @UName";
SqlParameter UName = new SqlParameter("@UName", SqlDbType.VarChar, 20);
UName.Value = Strings.UCase(TxtAdminUserName.Text.ToString());
com.Parameters.Add(UName);
com.Connection = cn;
dr1 = com.ExecuteReader();
if (dr1.Read())
{
if (Strings.UCase(dr1["Pass"].ToString()) == Strings.UCase(TxtAdminPassword.Text.ToString()))
{
cn.Close();
// REVIEW: MOOAS GANI – 1 – Remove this commented code below
//Program.FrmState = "Admin";
//Program.UserName = Strings.UCase(TxtAdminUserName.Text.ToString());
//this.Hide();
//MessageBox.Show("Have A Nice Day", ":)", MessageBoxButtons.OK, MessageBoxIcon.Warning);
//Menu obj = new Menu();
//obj.Show();
isvalid = true;
User = TxtAdminUserName.Text;
MessageBox.Show("Login Success", "", MessageBoxButtons.OK, MessageBoxIcon.Warning);
Close();
return;
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
