//------------------------------------------------------------------------------------------------------
//----------------------------Encrypt Password----------------------------------------------------------
/*public static string MD5Hash(string input)
* {
* StringBuilder hash = new StringBuilder();
* MD5CryptoServiceProvider md5provider = new MD5CryptoServiceProvider();
* byte[] bytes = md5provider.ComputeHash(new UTF8Encoding().GetBytes(input));
*
* for (int i = 0; i < bytes.Length; i++)
* {
* hash.Append(bytes[i].ToString("x2")+"b");
* }
* return hash.ToString();
* }*/
//------------------------------------------------------------------------------------------------------
//----------------------------------LOGIN---------------------------------------------------------------------------
private void button1_Click(object sender, EventArgs e)
{
ID_USER = getID(txtUser.Text, FrmMain.MD5Hash(txtPass.Text));
Perm = getPer(txtUser.Text, FrmMain.MD5Hash(txtPass.Text));
if ((txtUser.Text == "Admin") && (txtPass.Text == "123456"))
{
FrmMain Fmain = new FrmMain();
this.Hide();
Fmain.ShowDialog();
}
else
{
FrmMain.con1.Open();
}
String query = @"(SELECT * FROM USER1 WHERE MaNV='" + txtUser.Text + "' AND Pass='******')";
SqlDataAdapter sda = new SqlDataAdapter(query, FrmMain.con1);
DataTable dt = new DataTable();
sda.Fill(dt);
if (dt.Rows.Count == 1)
{
FrmMain FMain = new FrmMain();
this.Hide();
FMain.Show();
}
else
{
MessageBox.Show("Check User and Pass. Please!!!!!");
}
FrmMain.con1.Close();
}
private void btnLogin_Click_1(object sender, EventArgs e)
{
// User u = new User();
try
{
//SqlConnection con = new SqlConnection("Server=D8JZPCQ2;Database=dbPhoneShop;User ID=sa;Password=123");
//con.Open();
ConectionString con = new ConectionString();
con.SetConnection();
SqlCommand cm = new SqlCommand("select * from tbUser", con.con);
SqlDataReader dr = cm.ExecuteReader();
string username = txtUser.Text.Trim();
string password = txtPassword.Text.Trim();
while (dr.Read())
{
string user = dr["Username"].ToString();
string pass = dr["Password"].ToString();
if (username.Trim() == user && password.Trim() == pass)
{
string userId = dr["UserID"].ToString();
dr.Close();
sql = "select tbStaff.StaffPosition from tbUser inner join tbStaff on tbStaff.StaffID = tbUser.StaffID where tbUser.UserID=" + userId;
SqlCommand cmd = new SqlCommand("dbo.spRunSQL", con.con);
cmd.Parameters.AddWithValue("@sql", sql);
cmd.CommandType = CommandType.StoredProcedure;
SqlDataReader dtr = cmd.ExecuteReader();
while (dtr.Read())
{
string position = dtr[0].ToString();
if (position.ToLower() == "admin")
{
FrmMain m = new FrmMain();
this.Hide();
m.ShowDialog();
break;
}
if (position.ToLower() == "seller")
{
FrmSale s = new FrmSale();
this.Hide();
s.ShowDialog();
break;
}
}
//FrmSale u = new FrmSale();
//string userid = dr["UserID"].ToString();
//u.UserID = int.Parse(userId);
//u.ShowDialog();
}
}
}
catch
{
// MessageBox.Show(ex.Message);
}
}