private void button1_Click(object sender, EventArgs e)
{
// this is the teacher's login thingy.
// can be broken by ' .' or 1 = 1; # '
var cmd = new MySqlCommand(string.Format("SELECT teachers_name, password FROM teachers WHERE teachers_name =@username AND password =@password;"), this.connection);
cmd.Parameters.AddWithValue("@username", tbUsername.Text);
cmd.Parameters.AddWithValue("@password", tbPassword.Text);
//cmd.Parameters.Add("@username", MySqlDbType.String).Value = tbUsername.Text; //same thing but does error checking on the data type.
string user = (string)cmd.ExecuteScalar(); //run this and get a single result, casts it to a string
if (!String.IsNullOrEmpty(user))
{
Console.WriteLine("User?" + user);
Stackpanel.SelectTab("TeacherView");
tbPassword.Text = "";
tbUsername.Text = "";
}
else
{
MessageBox.Show("WRONG. I'LL BE BACK. I'M A COP YOU IDIOT. COME ON DO IT KILL ME! PUT THAT COOKIE DOWN!");
}
}
public Form1()
{
InitializeComponent();
string connectionString = string.Format("Server=nimbus.rangitoto.school.nz;" +
"Port=3307;" +
"database={0};" +
"UID=2018110375;" +
"password=110375;" +
"SslMode = none", "student2018110375");
this.connection = new MySqlConnection(connectionString);
try
{
this.connection.Open();
MessageBox.Show("Connection open!");
//connection.Close();
}
catch (Exception ex)
{
MessageBox.Show("Cannot open connection" + ex.ToString());
}
Stackpanel.SelectTab("Login_Page");
}
private void ViewMusic_Click(object sender, EventArgs e)
{
Stackpanel.SelectTab("MusicView");
}
private void student_button_Click(object sender, EventArgs e)
{
Stackpanel.SelectTab("student_login");
}
private void teacher_button_Click(object sender, EventArgs e)
{
Stackpanel.SelectTab("teacher_Login");
}
