private void BtnContinue_Click(object sender, EventArgs e)
{
if (txtUserName.Text != "")
{
if (txtPassword.Text != "")
{
try
{
SqlDataReader dataReader;
string query = ($"SELECT * FROM [Credential] where Username = '******' AND Password='******'");
SqlCommand command = new SqlCommand(query, Database.connection);
Database.connection.Open();
dataReader = command.ExecuteReader();
if (dataReader.Read())
{
if (dataReader["Rights"].ToString() == "True")
{
Form frm = new frmAdmin();
frm.Show();
Close();
}
else
{
MessageBox.Show("The User Account does not have adminstrative rights", "Denied Access", MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
}
else
{
MessageBox.Show("Account Does not exist", "No Match", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
Database.connection.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
else
{
errorProviderInput.SetError(txtPassword, "Please fill in the Password");
txtPassword.Focus();
}
}
else
{
errorProviderInput.SetError(txtUserName, "Please fill the Username");
txtUserName.Focus();
}
}
private void BtnLogin_Click(object sender, EventArgs e)
{
lblErUsername.Visible = false;
lblErUsername.Visible = false;
if (txtUserName.Text != "")
{
try
{
MailAddress email = new MailAddress(txtUserName.Text);
}
catch (Exception)
{
lblErUsername.Text = "Invalid email format";
lblErUsername.Visible = true;
}
if (txtPassword.Text != "")
{
lblErPass.Visible = false;
lblErUsername.Visible = false;
string query = ($"SELECT * FROM [Credential] where Username = '******' AND Password='******'");
SqlCommand command = new SqlCommand(query, Database.connection);
try
{
Database.connection.Open();
if (command.ExecuteScalar() != null)//Password and username are correct
{
SqlDataReader dataReader;
SqlCommand command2 = new SqlCommand($"Select * from Credential where Username='******'", Database.connection);
dataReader = command.ExecuteReader();
if (dataReader.Read())
{
LoginSession.ID = dataReader["Agent_ID"].ToString();
LoginSession.UserName = dataReader["Username"].ToString();
if (dataReader["Rights"].ToString() == "True")
{
LoginSession.AdminRights = true;
}
else
{
LoginSession.AdminRights = false;
}
}
Database.connection.Close();
Form form;
//if (LoginSession.AdminRights==true)
//{
// form = new frmAdmin();
//}
//else
//{
// form = new frmMain();
//}
form = LoginSession.AdminRights == true ? form = new frmAdmin() : form = new frmMain();
form.Show();
this.Hide();
}
else
{
Database.connection.Close();
lblErPass.Text = "Username or Password are incorrect";
lblErPass.Visible = true;
}
}
catch (Exception ex)
{
Database.connection.Close();
MessageBox.Show($"Database Coonection error \n Technical information: {ex.Message}", "Reading error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
else
{
errorProviderInput.SetError(txtPassword, "Please fill in the Password");
txtPassword.Focus();
}
}
else
{
errorProviderInput.SetError(txtUserName, "Please fill the Username");
txtUserName.Focus();
}
}