public static bool LoginUser(string username, string password, out string message)
{
try {
using (MySqlConnection conn = new MySqlConnection(connStr)) {
message = "";
conn.Open();
string passwordCrypted = "";
string passwordClean = "";
string sql = "select salasana from user where tunnus=@username";
MySqlCommand cmd = new MySqlCommand(sql, conn);
cmd.Parameters.AddWithValue("@username", username);
MySqlDataReader rdr = cmd.ExecuteReader();
if (rdr.HasRows)
{
while (rdr.Read())
{
passwordCrypted = rdr.GetString(0);
}
}
passwordClean = BLLogin.Decrypt(passwordCrypted);
rdr.Close();
conn.Close();
if (passwordClean == password)
{
return(true);
}
message = "Username or password is invalid!";
return(false);
}
} catch (Exception ex) {
throw ex;
}
}
public void MoveToLogin()
{
BLLogin login = new BLLogin();
App.Current.MainWindow = login;
login.Show();
}
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
string username = txtUsername.Text;
string password = txtPassword.Password;
string message = "";
validator = new Validator();
try {
if (validator.ValidateLogin(username, password))
{
BLLogin login = new BLLogin(username, password);
if (login.LoginUser(out message))
{
shutdown = false;
(Application.Current as App).Username = username;
if (login.CheckIfAdmin())
{
(Application.Current as App).Usertype = "admin";
}
else if (!login.CheckIfAdmin())
{
(Application.Current as App).Usertype = "user";
}
else
{
(Application.Current as App).Usertype = "guest";
}
handler.MoveToMain();
this.Close();
}
else
{
txtPassword.Password = "";
txtPassword.Focus();
}
}
else
{
MessageBox.Show("Valid username: 5-20 characters.\nValid password: 8-20 characters.\nNo special characters.\nPasswords must match.", "Registration Music Database");
txtPassword.Password = "";
txtPassword.Focus();
}
} catch (Exception ex) {
message = ex.Message;
} finally {
if (message != "")
{
MessageBox.Show(message, "Registration Music Database");
}
}
}