// event method for when the submit button is clicked private void btnLoginEnter_Click(object sender, EventArgs e) { // gets the data from the form string username = txtLoginUsername.Text; string password = txtLoginPassword.Text; // attempts to query the database to check details - returns data loginReturnedData loginData = db.checkLoginDetails(username, password); // if login successful if (loginData.success) { // set session details to user details session.userID = loginData.userID; session.username = loginData.username; session.name = loginData.name; session.role = loginData.role; session.email = loginData.email; session.loggedIn = true; helper.refreshHomeForm(); // close form this.Close(); } else { // sets error message lblLoginError.Text = "Login failed!"; // empties the password field txtLoginPassword.Text = String.Empty; } }
// method for checking login details // var username: the username required to check // var pass: the password required to check public loginReturnedData checkLoginDetails(string username, string pass) { // creates new instance of the login returned data loginReturnedData returnedData = new loginReturnedData(); // opens new connection to the database using (connection = new SqlConnection(getCString())) { connection.Open(); // get all info from users table that have the username and password given string command = String.Format("SELECT * FROM tblUsers WHERE Username = '******' AND Password = '******'", username, pass); Debug.WriteLine(String.Format("Sending SQL command: {0}", command)); // execute the command and get the data back SqlCommand logincommand = new SqlCommand(command, connection); SqlDataReader reader = logincommand.ExecuteReader(); // if data exists if (reader.Read()) { // sets the returned data to the user info returnedData.success = true; returnedData.userID = reader.GetInt32(0); returnedData.username = reader.GetString(1); returnedData.name = new string[] { reader.GetString(2), reader.GetString(3) }; switch (reader.GetString(5)) { case "Admin": returnedData.role = user.roles.Admin; break; case "Teacher": returnedData.role = user.roles.Teacher; break; case "Student": returnedData.role = user.roles.Student; break; default: returnedData.role = user.roles.Student; break; } } } // retuens the returned data return(returnedData); }