private void btnLogIn_Click(object sender, EventArgs e)
{
empID = tbUsername.Text;
using (SqlConnection openCon = new SqlConnection("server=localhost;" +
"Trusted_Connection=yes;" +
"database=sampleDB; " +
"connection timeout=30"))
{
using (SqlCommand comm = new SqlCommand())
{
comm.Connection = openCon;
comm.CommandType = CommandType.Text;
comm.CommandText = "SELECT * FROM emp_pw WHERE username = '******' AND password = '******';";
try
{
openCon.Open();
SqlDataReader sdr = comm.ExecuteReader();
if (sdr.Read() == true)
{
int eAccess = sdr.GetInt32(3);
if (eAccess == 1 && frmLogIn.bt == 1)
{
frmAdmin rf = new frmAdmin();
rf.Show();
this.Hide();
}
else if (eAccess == 2 && frmLogIn.bt == 2)
{
frmEmployee ef = new frmEmployee();
ef.Show();
this.Hide();
}
else
{
lblIncorrect.Text = "*Invalid username or password";
}
}
else
{
lblIncorrect.Text = "*Invalid username or password";
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
openCon.Close();
}
}
}
}
private void btnLogIn_Click(object sender, EventArgs e)
{
empID = tbUsername.Text;
using (SqlConnection openCon = new SqlConnection("server=localhost;" +
"Trusted_Connection=yes;" +
"database=dbPayroll; " +
"connection timeout=30"))
{
using (SqlCommand comm = new SqlCommand())
{
comm.Connection = openCon;
comm.CommandType = CommandType.Text;
comm.CommandText = "SELECT * FROM EmpPW WHERE EmpID = '" + tbUsername.Text +
"' COLLATE Latin1_General_CS_AS AND password = '******' COLLATE Latin1_General_CS_AS ;";
try
{
openCon.Open();
SqlDataReader sdr = comm.ExecuteReader();
if (sdr.Read() == true)
{
int eAccess = sdr.GetInt32(2);
if (eAccess == 1)
{
frmAdmin ad = new frmAdmin();
ad.Show();
this.Hide();
}
else
{
frmEmployee emp = new frmEmployee();
emp.Show();
this.Hide();
}
}
else
{
MessageBox.Show("Incorrect username and/or password!", "", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
openCon.Close();
}
}
}
}