private void Button_Click(object sender, RoutedEventArgs e) { SqlConnection sqlCon = new SqlConnection(@"Data Source=CHRISLYNN\SQLEXPRESS;Initial Catalog=task2;Integrated Security=True"); sqlCon.Open(); SqlCommand sCmd = new SqlCommand("INSERT INTO tblUser (FullName,Email,Username,Password,ConfirmPassword) VALUES (@FullName,@Email,@Username,@Password,@ConfirmPassword)", sqlCon); sCmd.Parameters.AddWithValue("@FullName", txtName.Text); sCmd.Parameters.AddWithValue("@Email", txtEmail.Text); sCmd.Parameters.AddWithValue("@Username", txtUsername.Text); sCmd.Parameters.AddWithValue("@Password", txtPassword.Text); sCmd.Parameters.AddWithValue("@ConfirmPassword", txtConfirmPassword.Text); sCmd.ExecuteNonQuery(); generalBudget gb = new generalBudget(); gb.Show(); this.Close(); }
private void Button_Click(object sender, RoutedEventArgs e) { SqlConnection sqlCon = new SqlConnection(@"Data Source=CHRISLYNN\SQLEXPRESS;Initial Catalog=task2;Integrated Security=True"); sqlCon.Open(); String query = "SELECT COUNT(1) FROM tblUser WHERE Username=@Username AND Password=@Password"; SqlCommand sqlCmd = new SqlCommand(query, sqlCon); sqlCmd.CommandType = CommandType.Text; sqlCmd.Parameters.AddWithValue("@Username", txtUser.Text); sqlCmd.Parameters.AddWithValue("@Password", txtPass.Text); int count = Convert.ToInt32(sqlCmd.ExecuteScalar()); if (count == 1) { generalBudget budget = new generalBudget(); budget.Show(); this.Close(); } else { MessageBox.Show("Username or password is incorrect."); } }