Пример #1
0
        private void LoginBtn_Click(object sender, EventArgs e)
        {
            string username = UsernameTxtBox.Text;
            string password = PassTxtBox.Text;

            if (username == "" || password == "")
            {
                MessageBox.Show("Username or Password cannot be empty");
            }
            else
            {
                try
                {
                    SqlConnection conn = new SqlConnection(ConnectionString.connectionString);
                    conn.Open();

                    // verify col names
                    SqlCommand cmdUser = new SqlCommand("VERIFY_USER", conn);
                    cmdUser.CommandType = CommandType.StoredProcedure;
                    cmdUser.Parameters.Add(new SqlParameter("@USER_EMAIL", username));

                    SqlCommand cmdStaff = new SqlCommand("VERIFY_STAFF", conn);
                    cmdStaff.CommandType = CommandType.StoredProcedure;
                    cmdStaff.Parameters.Add(new SqlParameter("@STAFF_EMAIL", username));

                    SqlDataReader reader;
                    SqlDataReader readerStaff;

                    string check = "";

                    reader = cmdUser.ExecuteReader();
                    while (reader.Read())
                    {
                        check = reader["USER_PASSWORD"].ToString();
                        break;
                    }


                    if (password == check)
                    {
                        UserForm user = new UserForm(username);
                        user.ShowDialog();
                        this.Dispose();
                        this.Close();
                    }


                    check = "";
                    reader.Close();

                    // no user was found now check for staff members
                    if (check == "")
                    {
                        readerStaff = cmdStaff.ExecuteReader();

                        // checck for staff password
                        while (readerStaff.Read())
                        {
                            check = readerStaff["STAFF_PASSWORD"].ToString();
                            break;
                        }

                        // password of staff member matches the entered password
                        if (password == check)
                        {
                            StaffPortal sf = new StaffPortal();
                            sf.ShowDialog();
                            this.Close();
                        }

                        readerStaff.Close();
                    }

                    // no user or staff member found
                    if (check == "")
                    {
                        UsernameTxtBox.Text = "";
                        PassTxtBox.Text     = "";
                        MessageBox.Show("No User or Staff Member Found..");
                    }

                    else if (password != check)
                    {
                        MessageBox.Show("Email & Password does not match");
                        PassTxtBox.Text = "";
                        return; // user and password does not match
                    }



                    conn.Close();
                } catch (Exception ex) { MessageBox.Show(ex.ToString()); }
            }
        }