private void btnLogin_Click(object sender, EventArgs e)
{
if (string.IsNullOrWhiteSpace(txtUsername.Text))
{
Clear();
MessageBox.Show("Please enter username.");
return;
}
if (string.IsNullOrWhiteSpace(txtPassword.Text))
{
Clear();
MessageBox.Show("Please enter your password.");
return;
}
try
{
MySqlConnection conn = new MySqlConnection(Settings.ConnectionString);
MySqlDataReader dr;
MySqlCommand cmd = new MySqlCommand();
cmd.Connection = conn;
cmd.CommandText = "SELECT id, username, password FROM users WHERE username = @uname";
cmd.Parameters.AddWithValue("@uname", txtUsername.Text);
conn.Open();
dr = cmd.ExecuteReader();
if (dr.Read())
{
if (Settings.SHA256Hash(txtPassword.Text) == dr.GetString(2))
{
Settings.logined = true;
Settings.id = dr.GetInt32(0);
Settings.username = dr.GetString(1);
conn.Close();
UserControlPanelFrm ucp = new UserControlPanelFrm();
ucp.Show();
Close();
}
else
{
MessageBox.Show("The password you entered was not valid.");
txtPassword.Clear();
}
}
else
{
MessageBox.Show("No account found with that username.");
Clear();
}
conn.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message.ToString());
}
}
private void btnUserCP_Click(object sender, EventArgs e)
{
UserControlPanelFrm ucp = new UserControlPanelFrm();
ucp.Show();
}